Comportamiento raro pc


#9

Hola @Roberto94:

Bienvenido a esta nueva etapa de InfoSpyware…!!!

Hiciste todos los deberes!!!

Mientras analizo los reportes de FRST comenta como sientes el equipo luego de que todas las herramientas detectaran y eliminaran algo de tu Sistema.

Salu2.


#10

Por el momento steam se a abierto Cómo normalmente aria y se está actualizando. Con respecto al inicio de la pc, al ser vieja siempre a demorado más de 2 o 3 minutos en prenderse. Con respecto a la ejecucion de los programas a mejorado en algo (pero no significativamente ya que tengo sólo 4 gb de ram) Ya no se congela como hacía antes de pasar los programás.

Espero su respuesta :smile:


#11

Hola @Roberto94

1.- Una consulta tu desactivaste las notificaciones pera que ya Windows no te avise que te estas quedando sin espacio?

2.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • IObit\Advanced SystemCare

Manual de Revo Uninstaller.

3.- Realiza lo siguiente:

Descargaste FRST y lo ejecutaste desde una ubicación incorrecta:

C:\Users\TEISU\Downloads

FRST debe ser descargado y ejecutado desde el escritorio, corta el ejecutable de tu carpeta Descargas y luego pegarlo en el escritorio.

Luego abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\MountPoints2: {7f1eac41-a7eb-11e8-92c9-cc52afa91f31} - "I:\setup.exe" 
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
2019-01-09 20:06 - 2019-01-09 20:32 - 039316888 _____ C:\Users\TEISU\Downloads\Sin confirmar 236494.crdownload
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas como sigue el problema.

Salu2.


#12
  1. No, no suelo meterme con esa herramienta.
  2. Ya esta desinstalada hace mucho, igual use herramienta de limpieza por si las moscas.
  3. La pc inicia un poco mas rápido y no tengo tanto lag, se nota la mejora, todo funciona como debe.
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.01.2019 01
Ran by TEISU (15-01-2019 01:13:39) Run:1
Running from C:\Users\TEISU\Desktop
Loaded Profiles: TEISU (Available Profiles: TEISU)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\MountPoints2: {7f1eac41-a7eb-11e8-92c9-cc52afa91f31} - "I:\setup.exe" 
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x64.sys [X]
2019-01-09 20:06 - 2019-01-09 20:32 - 039316888 _____ C:\Users\TEISU\Downloads\Sin confirmar 236494.crdownload
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f1eac41-a7eb-11e8-92c9-cc52afa91f31} => removed successfully
HKLM\Software\Classes\CLSID\{7f1eac41-a7eb-11e8-92c9-cc52afa91f31} => not found
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully
cpuz143 => service removed successfully
C:\Users\TEISU\Downloads\Sin confirmar 236494.crdownload => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 12 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 13 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 14 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 12:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 13:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 14:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2800:200:f000:13f9:818b:b1c0:efc7:52b6
   Direcci¢n IPv6 temporal. . . . . . : 2800:200:f000:13f9:3996:4d84:a88e:13c
   V¡nculo: direcci¢n IPv6 local. . . : fe80::818b:b1c0:efc7:52b6%13
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.13
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::200:caff:fe11:2233%13
                                       192.168.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {655EC806-B06C-4DC6-8B2E-E7CE1E5983D0}.
0 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9723904 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21215637 B
Java, Flash, Steam htmlcache => 18547709 B
Windows/system/drivers => 15248635 B
Edge => 0 B
Chrome => 19226094 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 298892 B
NetworkService => 0 B
TEISU => 191416096 B

RecycleBin => 0 B
EmptyTemp: => 262.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:16:20 ====

#13

Hola:

Sobre el punto 2 aún hay muchos restos activos que no se eliminan con herramientas de limpieza, además comenta cual usaste.

Ejecuta nuevamente FRST como la primera vez y déjanos un reporte fresco.

Saludos


#16

Hola @Roberto94

Subiste los reportes y los eliminaste, algún problema? necesitas ayuda?

Salu2.


#17

Solo use ccleaner en ese momento y anoche la herramienta de limpieza del mismo revouninstaler. Al encender la laptop el sistema se actualizo, aquí los reportes. Borre los otros reportes ya que al actualizarse el sistema el reporte no seria actual y tal vez hasta de problemas al no ser actual.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2019 01
Ran by TEISU (administrator) on DESKTOP-L9M6CMB (15-01-2019 23:17:23)
Running from C:\Users\TEISU\Desktop
Loaded Profiles: TEISU (Available Profiles: TEISU)
Platform: Windows 10 Pro Version 1809 17763.253 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AMDQuickStream.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Run: [uTorrent] => C:\Users\TEISU\AppData\Roaming\uTorrent\uTorrent.exe [2003384 2019-01-09] (BitTorrent Inc.)
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-04] (Valve Corporation)
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation)
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] ()
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler)
HKLM\...\Drivers32-x32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project)
HKLM\...\Drivers32-x32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [284672 2018-01-28] ()
HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] ()
HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-11] (Google Inc.)
IFEO\GameOverlayUI.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Prompt.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Reporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Service.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Updater.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\steamerrorreporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\steamerrorreporter64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\streaming_client.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WriteMiniDump.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
Startup: C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-01-14]
ShortcutTarget: MEGAsync.lnk -> C:\Users\TEISU\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{4167736a-7f36-4818-8bbf-86e66ad16b9f}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{4167736a-7f36-4818-8bbf-86e66ad16b9f}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{6af20bf1-5e63-40eb-9733-efcc04e1f537}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-06-12] (Microsoft Corporation)
BHO: NitroPDF.IE.Sharepoint -> {3BFAE61D-4A6D-4467-9E5E-FE5293D10F9F} -> C:\Program Files\Nitro\Pro\12\npnitroie.dll [2018-09-04] (Nitro Software, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-06-12] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-06-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro\12\npnitromozilla.dll [2018-09-04] (Nitro Software, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-09] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.pe/
CHR StartupUrls: Default -> "hxxp://www.google.com.pe/","hxxp://www.facebook.com/","hxxp://www.youtube.com/","hxxp://www.google.com","hxxp://www.google.com/","hxxp://hxxps://www.google.com//?appId=77CFBE5B-B1D8-4724-A1D3-F94FB40EC6E0","hxxps://www.google.com/","hxxp://servidor/"
CHR Profile: C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default [2019-01-15]
CHR Extension: (Presentaciones) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-20]
CHR Extension: (Universal Bypass) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-01-14]
CHR Extension: (Documentos) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-20]
CHR Extension: (Google Drive) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-20]
CHR Extension: (YouTube) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-20]
CHR Extension: (Hojas de cálculo) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-20]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Malwarebytes Browser Extension) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2019-01-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-20]
CHR Extension: (Gmail) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-14]
CHR Extension: (Audio Only Youtube) - C:\Users\TEISU\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkocpiliahoaohbolmkelakpiphnllog [2018-08-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3570792 2018-08-10] (Disc Soft Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [279248 2018-10-18] (Synaptics Incorporated)
S4 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd)
S4 Wallpaper Engine Service; C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [356856 2018-08-20] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2018-10-18] (Advanced Micro Devices Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-08-21] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-08-21] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-10-18] (REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-15] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-15] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-15] (Malwarebytes)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [54648 2018-10-18] (NEC Personal Computers, Ltd.)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2018-09-15] (MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-10-18] (Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (Created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-15 23:17 - 2019-01-15 23:19 - 000016615 _____ C:\Users\TEISU\Desktop\FRST.txt
2019-01-15 21:21 - 2019-01-15 21:21 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-15 15:11 - 2019-01-02 14:48 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-15 15:11 - 2019-01-02 14:48 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-15 12:45 - 2019-01-15 12:45 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-15 12:45 - 2019-01-15 12:45 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-15 12:45 - 2019-01-15 12:45 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-15 12:40 - 2019-01-15 12:41 - 000000000 ____D C:\Program Files\AMD Quick Stream
2019-01-15 12:40 - 2019-01-15 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2019-01-15 12:32 - 2019-01-15 12:34 - 008847304 _____ (AppEx Networks ) C:\Users\TEISU\Downloads\abc.exe
2019-01-15 12:22 - 2019-01-15 12:22 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-01-15 12:18 - 2019-01-15 12:18 - 000000020 ___SH C:\Users\TEISU\ntuser.ini
2019-01-15 12:05 - 2019-01-15 19:11 - 000004220 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1FA5927E-6FBE-4138-AD1A-270CAD2EE621}
2019-01-15 12:05 - 2019-01-15 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-15 12:05 - 2019-01-15 12:06 - 000003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-15 12:05 - 2019-01-15 12:06 - 000002820 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-L9M6CMB-TEISU
2019-01-15 12:05 - 2019-01-15 12:06 - 000002774 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-L9M6CMB-TEISU
2019-01-15 12:05 - 2019-01-15 12:05 - 000003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-15 12:05 - 2019-01-15 12:05 - 000003290 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d4a85a5f3b7bdc
2019-01-15 12:05 - 2019-01-15 12:05 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1681801212-2571905260-2396515832-1001
2019-01-15 12:05 - 2019-01-15 12:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\MEGA
2019-01-15 12:04 - 2019-01-15 12:05 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-01-15 12:04 - 2019-01-15 12:05 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-01-15 11:51 - 2019-01-15 13:43 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-15 11:40 - 2019-01-15 11:40 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-01-15 11:35 - 2019-01-15 12:18 - 000000000 ____D C:\Users\TEISU
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Reciente
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Plantillas
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Mis documentos
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Menú Inicio
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Impresoras
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Entorno de red
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Documents\Mis vídeos
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Documents\Mis imágenes
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Documents\Mi música
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Datos de programa
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\Configuración local
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\AppData\Local\Historial
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\AppData\Local\Datos de programa
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 _SHDL C:\Users\TEISU\AppData\Local\Archivos temporales de Internet
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2019-01-15 11:35 - 2019-01-15 11:35 - 000000000 ____D C:\Program Files\ATI Technologies
2019-01-15 11:35 - 2019-01-15 11:31 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\ATI
2019-01-15 11:35 - 2019-01-15 11:31 - 000000000 ____D C:\Users\TEISU\AppData\Local\ATI
2019-01-15 11:35 - 2018-09-15 02:29 - 000001105 _____ C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-15 11:31 - 2019-01-15 11:31 - 000000000 ____D C:\Users\Default\AppData\Roaming\ATI
2019-01-15 11:31 - 2019-01-15 11:31 - 000000000 ____D C:\Users\Default\AppData\Local\ATI
2019-01-15 11:31 - 2019-01-15 11:31 - 000000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2019-01-15 11:31 - 2019-01-15 11:31 - 000000000 ____D C:\Users\Default User\AppData\Local\ATI
2019-01-15 11:27 - 2019-01-15 11:27 - 000000000 ____D C:\ProgramData\USOShared
2019-01-15 11:27 - 2018-09-15 02:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-01-15 11:21 - 2019-01-15 22:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-15 11:21 - 2019-01-15 11:45 - 000609480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-15 09:27 - 2019-01-15 05:19 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-01-15 09:10 - 2019-01-15 09:27 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-01-15 08:48 - 2019-01-15 08:48 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2019-01-15 08:48 - 2019-01-15 08:48 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-01-15 08:47 - 2019-01-15 08:47 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-01-15 08:47 - 2019-01-15 08:47 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-01-15 08:47 - 2019-01-15 08:47 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-01-15 08:43 - 2019-01-15 08:43 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-01-15 08:43 - 2019-01-15 08:43 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-01-15 08:43 - 2019-01-15 08:43 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-15 08:42 - 2019-01-15 08:42 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-01-15 08:42 - 2019-01-15 08:42 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2019-01-15 08:42 - 2019-01-15 08:42 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-01-15 08:42 - 2019-01-15 08:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-01-15 08:41 - 2019-01-15 08:41 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-01-15 08:41 - 2019-01-15 08:41 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2019-01-15 08:41 - 2019-01-15 08:41 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-01-15 08:41 - 2019-01-15 08:41 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2019-01-15 08:40 - 2019-01-15 08:41 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2019-01-15 08:40 - 2019-01-15 08:40 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-01-15 08:39 - 2019-01-15 08:39 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-01-15 08:39 - 2019-01-15 08:39 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-15 08:39 - 2019-01-15 08:39 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-01-15 08:39 - 2019-01-15 08:39 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-01-15 08:39 - 2019-01-15 08:39 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-01-15 08:39 - 2019-01-15 08:39 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-15 08:38 - 2019-01-15 08:38 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-01-15 08:38 - 2019-01-15 08:38 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-15 08:38 - 2019-01-15 08:38 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-15 08:38 - 2019-01-15 08:38 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-01-15 08:38 - 2019-01-15 08:38 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-15 08:38 - 2019-01-15 08:38 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-15 08:38 - 2019-01-15 08:38 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-01-15 08:38 - 2019-01-15 08:38 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-01-15 08:38 - 2019-01-15 08:38 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-15 08:37 - 2019-01-15 08:37 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-15 08:37 - 2019-01-15 08:37 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-01-15 08:37 - 2019-01-15 08:37 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

#18
2019-01-15 08:36 - 2019-01-15 08:36 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001751560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001401864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-01-15 08:36 - 2019-01-15 08:36 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-15 08:36 - 2019-01-15 08:36 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-01-15 08:36 - 2019-01-15 08:36 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2019-01-15 08:35 - 2019-01-15 08:35 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2019-01-15 08:35 - 2019-01-15 08:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-01-15 08:35 - 2019-01-15 08:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-01-15 08:34 - 2019-01-15 08:34 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-01-15 08:34 - 2019-01-15 08:34 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2019-01-15 08:34 - 2019-01-15 08:34 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-01-15 08:21 - 2019-01-15 08:23 - 000052524 _____ C:\Users\TEISU\Documents\Addition.txt
2019-01-15 08:17 - 2019-01-15 08:23 - 000074366 _____ C:\Users\TEISU\Documents\FRST.txt
2019-01-15 07:56 - 2019-01-15 07:56 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-01-15 07:56 - 2019-01-15 07:56 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-01-15 07:56 - 2019-01-15 07:56 - 000000000 ____D C:\Program Files\MSBuild
2019-01-15 07:56 - 2019-01-15 07:56 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-01-15 07:56 - 2019-01-15 07:56 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-01-15 07:52 - 2019-01-15 07:52 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-01-15 07:52 - 2019-01-15 07:52 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-01-15 07:52 - 2019-01-15 07:52 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-01-15 07:52 - 2019-01-15 07:52 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-01-15 07:52 - 2019-01-15 07:52 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-01-15 07:52 - 2019-01-15 07:52 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-01-15 07:31 - 2019-01-15 07:31 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2019-01-15 07:01 - 2019-01-15 07:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-01-15 05:19 - 2019-01-15 12:17 - 000000000 ____D C:\Windows.old
2019-01-15 01:13 - 2019-01-15 01:16 - 000008956 _____ C:\Users\TEISU\Desktop\Fixlog.txt
2019-01-15 00:50 - 2019-01-15 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-01-15 00:50 - 2019-01-15 00:50 - 000001091 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-01-15 00:50 - 2019-01-15 00:50 - 000000000 ____D C:\Program Files\VS Revo Group
2019-01-15 00:48 - 2019-01-15 00:49 - 007127416 _____ (VS Revo Group ) C:\Users\TEISU\Downloads\revosetup.exe
2019-01-14 23:50 - 2019-01-15 00:03 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Game
2019-01-14 23:50 - 2019-01-14 23:50 - 000000000 ____D C:\Users\Public\Documents\Steam
2019-01-14 22:46 - 2019-01-14 22:46 - 000127614 _____ C:\Users\TEISU\Desktop\ewe.txt
2019-01-14 22:19 - 2019-01-14 22:19 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-14 22:11 - 2019-01-14 22:16 - 000047108 _____ C:\Users\TEISU\Downloads\Addition.txt
2019-01-14 22:07 - 2019-01-14 22:16 - 000071950 _____ C:\Users\TEISU\Downloads\FRST.txt
2019-01-14 22:05 - 2019-01-14 22:05 - 000000947 _____ C:\Users\TEISU\Desktop\JRT.txt
2019-01-14 21:30 - 2019-01-14 21:34 - 000002668 _____ C:\Users\TEISU\Desktop\Rkill.txt
2019-01-14 21:30 - 2019-01-14 21:30 - 000000000 ____D C:\Users\TEISU\Desktop\rkill
2019-01-14 21:29 - 2019-01-15 23:17 - 000000000 ____D C:\FRST
2019-01-14 21:29 - 2019-01-14 21:29 - 000000000 ____D C:\Users\TEISU\AppData\Local\mbam
2019-01-14 21:28 - 2019-01-14 21:46 - 000000000 ____D C:\AdwCleaner
2019-01-14 21:28 - 2019-01-14 21:28 - 000000000 ____D C:\Users\TEISU\AppData\Local\mbamtray
2019-01-14 21:26 - 2019-01-15 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-14 21:26 - 2019-01-14 21:26 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-14 21:26 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-14 21:25 - 2019-01-14 21:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-14 21:25 - 2019-01-14 21:25 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-14 21:24 - 2019-01-14 21:25 - 002427904 _____ (Farbar) C:\Users\TEISU\Desktop\FRST64.exe
2019-01-14 21:21 - 2019-01-14 21:23 - 007320272 _____ (Malwarebytes) C:\Users\TEISU\Downloads\adwcleaner_7.2.6.0.exe
2019-01-14 21:20 - 2019-01-14 21:21 - 001790024 _____ (Malwarebytes) C:\Users\TEISU\Downloads\JRT.exe
2019-01-14 21:12 - 2019-01-14 21:22 - 082234824 _____ (Malwarebytes ) C:\Users\TEISU\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8770.exe
2019-01-14 21:12 - 2019-01-14 21:12 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\TEISU\Downloads\iExplore.exe
2019-01-14 21:04 - 2019-01-14 21:04 - 001573568 _____ C:\Users\TEISU\Downloads\SteamSetup (1).exe
2019-01-14 20:59 - 2019-01-14 21:01 - 019229160 _____ (Microsoft Corporation) C:\Users\TEISU\Downloads\MediaCreationTool1809.exe
2019-01-14 20:11 - 2019-01-14 23:38 - 000000000 ____D C:\Users\TEISU\AppData\LocalLow\uTorrent
2019-01-14 18:58 - 2019-01-15 12:18 - 000000000 ___DC C:\WINDOWS\Panther
2019-01-14 18:27 - 2019-01-14 18:27 - 000000000 ____D C:\Users\TEISU\AppData\Local\Tempzxpsign89d4b8673e45887f
2019-01-14 18:25 - 2019-01-14 18:25 - 000000034 _____ C:\Users\TEISU\AppData\Roaming\AdobeWLCMCache.dat
2019-01-11 14:45 - 2019-01-11 14:45 - 000000000 ____D C:\Users\TEISU\AppData\Local\Tempzxpsign55e545a6570a2040
2019-01-11 08:51 - 2019-01-11 10:06 - 166656204 _____ C:\Users\TEISU\Downloads\01 World-Line.flac
2019-01-11 02:10 - 2019-01-11 02:38 - 050496229 _____ C:\Users\TEISU\Downloads\01 World-Line.flac.crdownload
2019-01-11 02:04 - 2019-01-11 02:04 - 000083322 _____ C:\Users\TEISU\Downloads\El_Psy_Kongroo_archive.torrent
2019-01-11 01:58 - 2019-01-11 02:02 - 156208765 _____ C:\Users\TEISU\Downloads\lasto_gemu.zip
2019-01-11 01:33 - 2019-01-11 01:55 - 436346530 ____R C:\Users\TEISU\Downloads\[ASL]_Abo_Takeshi_-_STEINS_GATE_0_Original_Soundtrack_-_Gate_Of_Steiner_[FLAC]_[w_Scans].rar
2019-01-09 22:04 - 2019-01-09 22:04 - 111551292 _____ C:\Users\TEISU\Downloads\[Maid-chan] Sayuri - Sore wa Chiisana Hikari no you na (ERASED ED Single).zip
2019-01-09 21:48 - 2019-01-09 21:55 - 067340241 _____ C:\Users\TEISU\Downloads\(SNKK) 40.rar
2019-01-09 21:33 - 2019-01-09 21:46 - 926572733 _____ C:\Users\TEISU\Downloads\Little Witch Academia Opening 96-24-bit.rar
2019-01-09 21:05 - 2019-01-09 21:16 - 030776385 _____ C:\Users\TEISU\Downloads\ZAQ_-_Caste_Room.rar
2019-01-09 20:57 - 2019-01-09 21:02 - 114468538 _____ C:\Users\TEISU\Downloads\Bakemonogatari OP 5 Single - sugar sweet nightmare.rar
2019-01-09 20:43 - 2019-01-09 20:44 - 251972004 _____ C:\Users\TEISU\Downloads\H58MR.zip
2019-01-09 20:35 - 2019-01-09 20:36 - 140280972 _____ C:\Users\TEISU\Downloads\_SoundFLAC__Kyoumen_no_Nami_OP.zip
2019-01-09 20:33 - 2019-01-15 00:07 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\uTorrent
2019-01-09 20:33 - 2019-01-09 20:33 - 000000896 _____ C:\Users\TEISU\Desktop\µTorrent.lnk
2019-01-09 20:33 - 2019-01-09 20:33 - 000000876 _____ C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-01-09 20:30 - 2019-01-09 20:31 - 002982880 _____ (BitTorrent Inc.) C:\Users\TEISU\Downloads\uTorrent.exe
2019-01-09 20:26 - 2019-01-15 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-01-09 20:26 - 2019-01-09 20:29 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\qBittorrent
2019-01-09 20:26 - 2019-01-09 20:27 - 000000000 ____D C:\Users\TEISU\AppData\Local\qBittorrent
2019-01-09 20:26 - 2019-01-09 20:26 - 000000000 ____D C:\Program Files\qBittorrent
2019-01-09 20:24 - 2019-01-09 20:25 - 023438713 _____ (The qBittorrent project) C:\Users\TEISU\Downloads\qbittorrent_4.1.5_x64_setup.exe
2019-01-09 19:57 - 2019-01-09 19:57 - 108459306 _____ C:\Users\TEISU\Downloads\Fairy Tail OP03 Single - ft peaceball [funkist].zip
2019-01-09 19:37 - 2019-01-09 19:50 - 030873692 _____ C:\Users\TEISU\Downloads\LF_KgFM.rar
2019-01-09 19:23 - 2019-01-09 19:25 - 147787068 _____ C:\Users\TEISU\Downloads\Last Proof- ZAQ.rar
2019-01-09 19:10 - 2019-01-09 19:11 - 022368960 _____ C:\Users\TEISU\Downloads\HL_HRK_MR.zip
2019-01-09 19:06 - 2019-01-09 19:06 - 007549828 _____ C:\Users\TEISU\Downloads\Haruka Mirai.rar
2019-01-09 18:53 - 2019-01-09 18:55 - 038864824 _____ C:\Users\TEISU\Downloads\_2012.04.18__G_-_CD__S__-_eimusics.com.zip
2019-01-09 18:45 - 2019-01-09 18:45 - 029881953 _____ C:\Users\TEISU\Downloads\Reason Living - Single.rar
2019-01-09 18:02 - 2019-01-09 18:02 - 243585109 _____ C:\Users\TEISU\Downloads\[2015.06.03] Aimer - Brave Shine [FLAC].rar
2019-01-09 17:52 - 2019-01-09 21:55 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Mp3tag
2019-01-09 17:51 - 2019-01-15 05:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2019-01-09 17:51 - 2019-01-09 17:51 - 000001052 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2019-01-09 17:51 - 2019-01-09 17:51 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2019-01-09 17:50 - 2019-01-09 17:50 - 003615720 _____ C:\Users\TEISU\Downloads\mp3tagv291setup (1).exe
2019-01-09 17:49 - 2019-01-09 17:50 - 003615720 _____ C:\Users\TEISU\Downloads\mp3tagv291setup.exe
2019-01-09 17:40 - 2019-01-09 17:42 - 121844680 _____ C:\Users\TEISU\Downloads\Los! Los! Los! (Youjo Senki ED Single).rar

==================== One month (Modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-15 23:10 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-15 22:05 - 2018-09-11 08:34 - 000000000 ____D C:\Users\TEISU\Documents\MEGAsync Downloads
2019-01-15 22:01 - 2018-08-21 00:50 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\vlc
2019-01-15 15:11 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-15 15:05 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-15 13:44 - 2018-09-15 11:37 - 000789640 _____ C:\WINDOWS\system32\perfh00A.dat
2019-01-15 13:44 - 2018-09-15 11:37 - 000155894 _____ C:\WINDOWS\system32\perfc00A.dat
2019-01-15 13:16 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-15 13:07 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-15 12:49 - 2018-08-20 14:58 - 000000000 ____D C:\ProgramData\Packages
2019-01-15 12:49 - 2018-08-20 14:41 - 000000000 ____D C:\Users\TEISU\AppData\Local\Packages
2019-01-15 12:42 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-15 12:19 - 2018-08-20 14:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-01-15 12:19 - 2018-08-20 14:41 - 000000000 ____D C:\Users\TEISU\AppData\Local\ConnectedDevicesPlatform
2019-01-15 12:18 - 2018-08-20 14:41 - 000000000 ___RD C:\Users\TEISU\3D Objects
2019-01-15 12:05 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-01-15 12:05 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\windows nt
2019-01-15 12:05 - 2018-09-15 01:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-01-15 11:57 - 2018-09-15 02:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-01-15 11:54 - 2018-09-15 02:33 - 000000000 __RHD C:\Users\Public\Libraries
2019-01-15 11:49 - 2018-08-20 16:31 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-15 11:49 - 2018-08-20 16:31 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-01-15 11:45 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-15 11:42 - 2018-11-23 02:58 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
2019-01-15 11:42 - 2018-11-20 19:19 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2019-01-15 11:42 - 2018-09-11 08:23 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2019-01-15 11:42 - 2018-08-21 11:12 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-15 11:42 - 2018-08-20 21:55 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-15 11:38 - 2018-09-12 22:38 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-01-15 11:34 - 2018-08-20 15:37 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2019-01-15 11:34 - 2018-08-20 15:25 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-15 11:33 - 2018-08-20 15:26 - 000000000 ____D C:\ProgramData\AMD
2019-01-15 11:28 - 2018-08-20 15:24 - 000000000 ____D C:\AMD
2019-01-15 11:27 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-01-15 11:24 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ServiceState
2019-01-15 10:50 - 2018-09-15 02:36 - 000000000 ____D C:\WINDOWS\Setup
2019-01-15 09:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-01-15 09:31 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-01-15 09:28 - 2018-11-23 00:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2019-01-15 09:28 - 2018-10-25 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-01-15 09:28 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Resources
2019-01-15 09:28 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\Help
2019-01-15 09:28 - 2018-08-20 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-01-15 09:28 - 2018-08-20 15:27 - 000000000 ____D C:\Program Files\Synaptics
2019-01-15 09:28 - 2018-08-20 15:24 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-01-15 09:00 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-15 09:00 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-01-15 09:00 - 2018-09-15 11:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-01-15 09:00 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-15 07:58 - 2018-09-15 11:39 - 000000000 ____D C:\WINDOWS\OCR
2019-01-15 07:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-01-15 07:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-01-15 07:46 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-01-15 05:20 - 2018-09-15 02:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-01-15 05:19 - 2018-10-02 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.1
2019-01-15 05:19 - 2018-09-30 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2019-01-15 05:19 - 2018-09-25 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-01-15 05:19 - 2018-09-25 18:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-01-15 05:19 - 2018-09-25 18:33 - 000000000 ____D C:\WINDOWS\SHELLNEW
2019-01-15 05:19 - 2018-09-20 22:08 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-01-15 05:19 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-01-15 05:19 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\spool
2019-01-15 05:19 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-01-15 05:19 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\system
2019-01-15 05:19 - 2018-09-15 02:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-01-15 05:19 - 2018-08-29 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2019-01-15 05:19 - 2018-08-24 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2019-01-15 05:19 - 2018-08-24 03:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultimate Control
2019-01-15 05:19 - 2018-08-21 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-15 05:19 - 2018-08-21 01:57 - 000000000 ____D C:\Program Files\Hewlett-Packard
2019-01-15 05:19 - 2018-08-21 01:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2019-01-15 05:19 - 2018-08-21 01:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2019-01-15 05:19 - 2018-08-20 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2019-01-15 05:19 - 2018-08-20 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-01-15 05:19 - 2018-08-20 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-15 05:19 - 2018-08-20 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-01-15 05:19 - 2018-08-20 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-01-15 05:19 - 2018-08-20 15:23 - 000000000 ____D C:\Program Files\AMD
2019-01-15 05:19 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-01-15 02:00 - 2018-09-20 21:51 - 000000000 ____D C:\Users\TEISU\AppData\Local\Adobe
2019-01-15 01:15 - 2018-11-07 21:27 - 000000000 ____D C:\Users\TEISU\AppData\LocalLow\Temp
2019-01-15 01:05 - 2018-08-20 16:43 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-14 21:46 - 2018-11-29 21:57 - 000000000 ____D C:\Program Files (x86)\IObit
2019-01-14 21:46 - 2018-10-18 22:13 - 000000000 ____D C:\Users\TEISU\AppData\LocalLow\IObit
2019-01-14 21:46 - 2018-10-18 22:12 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\IObit
2019-01-14 21:46 - 2018-10-18 22:12 - 000000000 ____D C:\ProgramData\IObit
2019-01-14 21:07 - 2018-08-20 16:43 - 000001036 _____ C:\Users\Public\Desktop\Steam.lnk
2019-01-11 01:35 - 2018-08-20 14:45 - 000000000 ___RD C:\Users\TEISU\OneDrive
2019-01-09 20:15 - 2018-09-11 09:33 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\uTorrent Web
2019-01-09 18:49 - 2018-08-20 16:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 18:41 - 2018-08-20 16:01 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2019-01-14 18:25 - 2019-01-14 18:25 - 000000034 _____ () C:\Users\TEISU\AppData\Roaming\AdobeWLCMCache.dat
2018-11-29 23:39 - 2018-11-29 23:39 - 000000000 _____ () C:\Users\TEISU\AppData\Local\oobelibMkey.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

#19
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.01.2019 01
Ran by TEISU (15-01-2019 23:21:17)
Running from C:\Users\TEISU\Desktop
Windows 10 Pro Version 1809 17763.253 (X64) (2019-01-15 17:17:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1681801212-2571905260-2396515832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1681801212-2571905260-2396515832-503 - Limited - Disabled)
Invitado (S-1-5-21-1681801212-2571905260-2396515832-501 - Limited - Disabled)
TEISU (S-1-5-21-1681801212-2571905260-2396515832-1001 - Administrator - Enabled) => C:\Users\TEISU
WDAGUtilityAccount (S-1-5-21-1681801212-2571905260-2396515832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Cheat Engine 6.8.1 (HKLM-x32\...\Cheat Engine 6.8.1_is1) (Version:  - Cheat Engine)
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy MULTi6 - ElAmigos versión 1.0 (HKLM-x32\...\{327BFB1B-E44E-4824-9EB7-EA92A8D3CAEC}_is1) (Version: 1.0 - Activision)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0544 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DriversCloud.com (64 bits) (HKLM\...\{A05439B0-F943-46C3-85B6-1C9D02A090E8}) (Version: 10.0.7.0 - Cybelsoft)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FormatFactory 4.4.1.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.1.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HandBrake 1.1.2 (HKLM-x32\...\HandBrake) (Version: 1.1.2 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP 3D DriveGuard (HKLM\...\{E5D02167-DD50-4E8C-B9F9-992182E08D6B}) (Version: 4.2.9.1 - Hewlett-Packard Company)
K-Lite Mega Codec Pack 14.3.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.6 - KLCP)
League Displays (HKLM-x32\...\LolScreenSaver) (Version: W1.0.992-beta - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mp3tag v2.91 (HKLM-x32\...\Mp3tag) (Version: 2.91 - Florian Heidenreich)
Nitro Pro (HKLM\...\{43DA5F04-2863-475D-85F7-C333516500EE}) (Version: 12.4.0.259 - Nitro) Hidden
Nitro Pro (HKLM-x32\...\{efb7ce0c-d57d-4c71-9e88-052311f57dc1}) (Version: 12.4.0.259 - Nitro)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Ultimate Control versión 1.2 (HKLM-x32\...\{4D649577-47C2-4068-B7B8-09D1FEE7EF03}_is1) (Version: 1.2 - NEGU Soft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\utweb) (Version: 0.18.2 - BitTorrent, Inc.)
VEGAS Pro 15.0 (HKLM\...\{E1FCD40F-7FC4-11E7-88AD-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.3 - VideoLAN)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.5) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1681801212-2571905260-2396515832-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro\12\NPShellExtension.dll [2018-09-04] (Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-10] (Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-08-10] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-11-30] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11105609-7836-4CA8-BDCC-882A9A64309E} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1681801212-2571905260-2396515832-1001 => C:\Users\TEISU\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {383F9171-C340-4484-8AD1-E71B4F6C30E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {42A11D3B-81FE-4DB3-97CF-F34D690F0CA9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {6EA7F5B8-3F2E-4311-9E8A-60EE2DF7E605} - System32\Tasks\GoogleUpdateTaskMachineCore1d4a85a5f3b7bdc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-20] (Google Inc.)
Task: {6F8581AF-1E45-41CA-97F4-355258ED3018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-20] (Google Inc.)
Task: {77E4F339-D107-4C87-84FD-536649500C6C} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-L9M6CMB-TEISU => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {93765349-EAC0-4768-892D-50D2FA4B4C95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {99C6FC24-00C8-4B5A-9BB6-1B6C2400EEAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {9AEF2824-0EA0-40C1-92A9-553B37E2D209} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {AD43192F-0965-4B9E-89FB-5AC192C61391} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {B2ACD314-D33E-4455-A1D8-C0E68DE82E17} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-L9M6CMB-TEISU => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {C0305422-285A-4C5E-A5E1-9A8C74EA5975} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-20] (Google Inc.)
Task: {CC14A71B-25E0-48C9-ADDD-C0873BA0A5E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-10] (Microsoft Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-15 02:28 - 2018-09-15 02:28 - 000449536 _____ () c:\windows\system32\SSDM.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2019-01-14 21:26 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-14 21:26 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () C:\Users\TEISU\AppData\Local\MEGAsync\ShellExtX64.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2019-01-15 08:38 - 2019-01-15 08:38 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 02:28 - 2018-09-15 02:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-03 19:49 - 2018-10-03 20:03 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-13 22:39 - 2018-12-13 22:57 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-13 22:39 - 2018-12-13 22:57 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-15 13:05 - 2019-01-15 13:05 - 005172224 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
2019-01-15 13:05 - 2019-01-15 13:05 - 002172928 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-01-15 13:05 - 2019-01-15 13:05 - 001795584 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneContentDataStore.dll
2018-10-29 20:00 - 2018-10-29 20:07 - 001004032 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-15 13:05 - 2019-01-15 13:05 - 002907136 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-15 01:15 - 2019-01-15 01:15 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 190.113.220.18 - 190.113.220.51
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "LeagueDisplays"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\Run: => "HiAlgoBOOST"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{371A2C79-90EC-4B9D-BCDF-554C8A602D34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe ()
FirewallRules: [{5D5C3B28-CCA7-477F-A0F0-D1C5DAF51A9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe ()
FirewallRules: [UDP Query User{7647AF6C-8F86-4C91-9A65-9A02EB916853}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe ()
FirewallRules: [TCP Query User{5D8CD318-F37E-4D16-BB12-5BF9BF8C91F2}C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) C:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe ()
FirewallRules: [{BF1B7E91-ADFF-4D7B-9B8F-D344410087B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{97C672D2-9FA1-410D-B511-9B5B744A8CCB}] => (Allow) C:\Users\TEISU\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{F8D894DD-86BC-4889-A586-77AA2C0A2FC2}] => (Allow) C:\Users\TEISU\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{F055E335-6DD0-4A88-B586-693E750218F8}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
FirewallRules: [{79D8300D-2D9E-4B78-867E-2564A3039B1F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
FirewallRules: [{DE2FB04C-DC4B-46FF-9A61-EE13CB23B80D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{629DEFA8-20E7-41D3-936F-418392AD1204}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{1215E565-3C44-4445-99FC-6B2F0F92FE7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [{CCB4481D-9742-48B7-8994-0617F3D24D46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe (NAMCO BANDAI Games Inc.)
FirewallRules: [UDP Query User{100C4EE1-25C2-4807-958A-27173AE9673B}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe ()
FirewallRules: [TCP Query User{9CFA109F-1A43-43B4-9C8F-1A672C2CDD57}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.168\deploy\leagueclient.exe ()
FirewallRules: [{1836930C-E6E1-4B34-97DC-953D8E33A18A}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd)
FirewallRules: [{100B4DEA-4668-48FF-9F28-A667DB282847}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd)
FirewallRules: [{CA147BBA-DC5C-4BF2-AF5E-4F2138E62553}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{544EF10B-CB30-4623-BE1D-5DFD97E5E164}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{D8256750-261A-4D5D-BEBC-CEC5B4E3679F}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation)
FirewallRules: [{80E5D769-922A-4EC2-8B5F-F460269D569A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation)
FirewallRules: [{E8785B55-81E0-44EB-A040-E29378E79788}] => (Allow) C:\Users\TEISU\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc.)
FirewallRules: [{43A42C5F-6AAD-4531-868D-A82AEAE7398F}] => (Allow) C:\Users\TEISU\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc.)
FirewallRules: [{4B273B8E-EB7B-4754-BF8C-7956A4718211}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jotun\Jotun.exe ()
FirewallRules: [{91210136-61EE-4373-A639-00726F696914}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jotun\Jotun.exe ()
FirewallRules: [{71904C62-E4F0-4FEF-BAD2-9D324C7EF51F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve)
FirewallRules: [{FCD0D178-E1E0-480C-8BC8-D8560F7A6567}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve)
FirewallRules: [{6EF49A67-23B0-42DC-ADD9-195C3B2935F6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{81279733-A732-4634-8F26-659C2AD13610}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [UDP Query User{9B79F11B-0E4A-4E1E-B078-6F6EE537F31A}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.)
FirewallRules: [TCP Query User{A5CDB5D5-F1A7-4AE4-806D-CB4FD099AAB0}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe (Red Barrels Inc.)
FirewallRules: [UDP Query User{5BD1B419-8A7D-4467-A54D-093E37CE533E}C:\program files (x86)\ultimate control\ucontrol.exe] => (Allow) C:\program files (x86)\ultimate control\ucontrol.exe (NEGU Soft)
FirewallRules: [TCP Query User{D83A06F6-A24E-4A16-B5D9-B7D92D1F54E5}C:\program files (x86)\ultimate control\ucontrol.exe] => (Allow) C:\program files (x86)\ultimate control\ucontrol.exe (NEGU Soft)
FirewallRules: [{A4CF964C-9B21-4AC7-BC64-B06A02E5BCA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness II\DarknessII.exe (Digital Extremes)
FirewallRules: [{6CED4BF7-1279-4195-B7C0-A811EA9CFCA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness II\DarknessII.exe (Digital Extremes)
FirewallRules: [{C4572886-4F66-4D83-A964-D3706BE92320}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CybelSoft)
FirewallRules: [{B8E0DCAA-9292-4745-B799-6895CBB0517B}] => (Allow) C:\Program Files\DriversCloud.com\DriversCloud.exe (CybelSoft)
FirewallRules: [{9922196F-90C5-4AB6-B33A-62B781A05D53}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
FirewallRules: [{178CCAC1-40B3-49A3-9888-0643774C5A09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe ()
FirewallRules: [{2B032AF6-C770-46E7-8AB9-24737147C8DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe ()
FirewallRules: [{31998F39-3BEF-4140-8211-F652E359A082}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yume Nikki\yumenikki\RPG_RT.exe (KADOKAWA GAMES)
FirewallRules: [{BBE82460-8B37-4F67-B2A3-C2D71D4E90C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yume Nikki\yumenikki\RPG_RT.exe (KADOKAWA GAMES)
FirewallRules: [{F4AEFE48-C860-4C4C-8305-A1102E813383}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games)
FirewallRules: [{99D8361A-F5CC-4CD6-8C4A-675E7BAAEE72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games)
FirewallRules: [{00A234B0-643F-4733-B7BB-13B4F0315986}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Berseria\Tales of Berseria.exe ()
FirewallRules: [{503958E1-6234-4A70-96D8-4AA77005A739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Berseria\Tales of Berseria.exe ()
FirewallRules: [{F736DF6B-4A0E-47EA-862E-49AF0D49F0FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Hill Homecoming\Bin\SilentHill.exe ()
FirewallRules: [{697BDA11-38EE-4ADF-8A11-AFDB52F8B8A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silent Hill Homecoming\Bin\SilentHill.exe ()
FirewallRules: [{9EA0F721-D2D6-4ABF-BFE2-BF2FDFBD09B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.)
FirewallRules: [{C3086C64-AB7C-4784-BC95-EFFF6431DE7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe (Red Barrels Inc.)
FirewallRules: [{B6691828-7666-4B58-A4D2-EBA8E3327C0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (NAMCO BANDAI Games)
FirewallRules: [{BAC29A1F-19FE-481C-8C5A-F07A3860DBF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe (NAMCO BANDAI Games)
FirewallRules: [{4D4F574D-B1E0-4B0D-B8CC-7B40FB748EA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe ()
FirewallRules: [{DE9E23F7-3CFA-475F-A2B9-4AFEB6EDA4CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last Remnant\Binaries\TLR.exe ()
FirewallRules: [{6497C18F-FD9E-4660-B0C9-E21CE289B8F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe (Arkedo)
FirewallRules: [{C3BF75C8-41AD-4EE5-A812-40CB45B407A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe (Arkedo)
FirewallRules: [{2548BBF5-2700-471F-A8E9-C7AD568A5512}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mesa\bms.exe ()
FirewallRules: [{2DAAF901-D226-41D4-8331-79C9E02BEC31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mesa\bms.exe ()
FirewallRules: [{64ABCA0B-6A43-42FF-9A80-6D09F6059C99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games)
FirewallRules: [{FBAB75D0-908A-4C19-A5D2-0FA5FF2D57A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe (Supergiant Games)
FirewallRules: [{438D607E-5113-459C-8DFD-2432DB71A873}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{4134CA93-A12E-42E5-B7BA-8F819F56EA56}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

==================== Restore Points =========================

15-01-2019 15:02:58 Windows Update

==================== Faulty Device Manager Devices =============

Name: Adaptador de red 802.11n Broadcom
Description: Adaptador de red 802.11n Broadcom
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2019 03:03:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (01/15/2019 12:45:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows no puede cargar el archivo de Registro de clases.
 DETALLE: El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.

Error: (01/15/2019 12:45:37 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Windows no pudo cargar el Registro. A menudo este problema se debe a una memoria o derechos de seguridad insuficientes. 

 DETALLE - El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
 para C:\Users\TEISU\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (01/15/2019 12:21:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa MicrosoftEdge.exe (versión 11.0.17763.253) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 1584

Hora de Inicio: 01d4acf6934430dc

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

Id. de informe: 740eb447-14df-4d9b-8242-8940b3fd535c

Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe

Id. de la aplicación relativa al paquete con errores: MicrosoftEdge

Tipo de bloqueo: Cross-thread

Error: (01/15/2019 12:05:23 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (01/15/2019 11:34:07 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart; descripción = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; error = 0x80042302).

Error: (01/15/2019 11:34:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x80070422, No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
.


Operación:
   Creando instancia del servidor de VSS

Error: (01/15/2019 11:34:07 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} y el nombre IVssCoordinatorEx2 no puede iniciarse. [0x80070422, No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.
]


Operación:
   Creando instancia del servidor de VSS


System errors:
=============
Error: (01/15/2019 09:48:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L9M6CMB)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-L9M6CMB\TEISU con SID (S-1-5-21-1681801212-2571905260-2396515832-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 09:26:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L9M6CMB)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-L9M6CMB\TEISU con SID (S-1-5-21-1681801212-2571905260-2396515832-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 01:16:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 01:16:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 01:01:54 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L9M6CMB)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-L9M6CMB\TEISU con SID (S-1-5-21-1681801212-2571905260-2396515832-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 12:52:11 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-L9M6CMB)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-L9M6CMB\TEISU con SID (S-1-5-21-1681801212-2571905260-2396515832-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 12:48:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (01/15/2019 12:48:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


==================== Memory info =========================== 

Processor: AMD A6-3400M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 41%
Total physical RAM: 3562.9 MB
Available physical RAM: 2077.46 MB
Total Virtual: 5994.9 MB
Available Virtual: 4268.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:300.1 GB) (Free:46.06 GB) NTFS
Drive d: () (Fixed) (Total:221.75 GB) (Free:213.9 GB) NTFS
Drive e: () (Fixed) (Total:0.1 GB) (Free:0.09 GB) NTFS

\\?\Volume{06ac259b-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 06AC259B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#20

Aquí todo lo que pediste, perdón por no publicar antes, tenia restricción de 10 horas por limite de post


#21

Hola @Roberto94

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
IFEO\GameOverlayUI.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Prompt.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Reporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Service.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Updater.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\steamerrorreporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\steamerrorreporter64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\streaming_client.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WriteMiniDump.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
C:\Program Files (x86)\IObit
2019-01-14 21:46 - 2018-11-29 21:57 - 000000000 ____D C:\Program Files (x86)\IObit
2019-01-14 21:46 - 2018-10-18 22:13 - 000000000 ____D C:\Users\TEISU\AppData\LocalLow\IObit
2019-01-14 21:46 - 2018-10-18 22:12 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\IObit
2019-01-14 21:46 - 2018-10-18 22:12 - 000000000 ____D C:\ProgramData\IObit
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.


#22
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.01.2019 01
Ran by TEISU (16-01-2019 00:19:04) Run:2
Running from C:\Users\TEISU\Desktop
Loaded Profiles: TEISU (Available Profiles: TEISU)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
IFEO\GameOverlayUI.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Prompt.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Reporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Service.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\SHAREit.Updater.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\steamerrorreporter.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\steamerrorreporter64.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\streaming_client.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
IFEO\WriteMiniDump.exe: [Debugger] C:\Program Files (x86)\IObit\Advanced SystemCare\AutoReactivator.exe
C:\Program Files (x86)\IObit
2019-01-14 21:46 - 2018-11-29 21:57 - 000000000 ____D C:\Program Files (x86)\IObit
2019-01-14 21:46 - 2018-10-18 22:13 - 000000000 ____D C:\Users\TEISU\AppData\LocalLow\IObit
2019-01-14 21:46 - 2018-10-18 22:12 - 000000000 ____D C:\Users\TEISU\AppData\Roaming\IObit
2019-01-14 21:46 - 2018-10-18 22:12 - 000000000 ____D C:\ProgramData\IObit
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NolowDiskSpaceChecks" => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GameOverlayUI.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SHAREit.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SHAREit.Prompt.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SHAREit.Reporter.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SHAREit.Service.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SHAREit.Updater.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\steamerrorreporter.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\steamerrorreporter64.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\streaming_client.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WriteMiniDump.exe => removed successfully
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files (x86)\IObit" => not found
C:\Users\TEISU\AppData\LocalLow\IObit => moved successfully
C:\Users\TEISU\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Wi-Fi 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 12 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{66E52119-9E52-4CFE-B429-2323D7C8D214} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1681801212-2571905260-2396515832-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9723904 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16932540 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 272902 B
Edge => 0 B
Chrome => 367395899 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2732 B
LocalService => 0 B
NetworkService => 3246 B
NetworkService => 0 B
TEISU => 5378229 B

RecycleBin => 142187 B
EmptyTemp: => 381.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:20:12 ====

#23

Hola:

Comenta cómo sigue el equipo, y si mejoro el inicio de Windows.

Salu2


#24

Ah cierto, pues no hubo cambios en ese aspecto ya que tengo poca ram y la placa madre quedó mal luego de que un mal técnico la manejará mal. Con respecto al funcionamiento luego de los scan funciona perfecto, muchas gracias por tomarte el tiempo de atenderme, solo no abría podido solucionar nada :smiley:


#25

Hola @Roberto94

Que bueno que todo este mejor :+1:

Ejecuta CCleaner >>> Pestaña Herramientas >>> Ventana “Inicio”

Presiona “Guardar a un Archivo de Texto”, pegas ese reporte en tu próximo mensaje.

Manual de CCleaner : Inicio (Muestra los programas que inician junto a Windows)

Salu2


#26

Listo

|Si|HKCU:Run|AppEx Accelerator UI|AppEx Networks Corporation|C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h|
|---|---|---|---|---|
|Si|HKCU:Run|CCleaner Smart Cleaning|Piriform Software Ltd|"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR|
|No|HKCU:Run|OneDrive|Microsoft Corporation|"C:\Users\TEISU\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background|
|No|HKCU:Run|Steam|Valve Corporation|"C:\Program Files (x86)\Steam\steam.exe" -silent|
|No|HKCU:Run|uTorrent|BitTorrent Inc.|"C:\Users\TEISU\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED|
|No|HKLM:Run|Adobe Creative Cloud|Adobe Systems Incorporated|"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true|
|Si|HKLM:Run|AdobeGCInvoker-1.0|Adobe Systems, Incorporated|"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"|
|Si|HKLM:Run|SecurityHealth|Microsoft Corporation|%windir%\system32\SecurityHealthSystray.exe|
|Si|HKLM:Run|StartCCC|Advanced Micro Devices, Inc.|"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun|
|No|Startup User|MEGAsync.lnk|Mega Limited|C:\Users\TEISU\AppData\Local\MEGAsync\MEGAsync.exe|

#27

Hola @Roberto94

1.- No hay mucho para desactivar, desactiva estas dos:

|Si|HKCU:Run|CCleaner Smart Cleaning|Piriform Software Ltd|"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR|

|Si|HKLM:Run|AdobeGCInvoker-1.0|Adobe Systems, Incorporated|"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"|

2.- Inicio >>> Ejecutar >>> escribe msconfig >>> en la Pestaña “Arranque” >>> donde dice “Tiempo de Espera” suele estar en 30 segundos, escribe 15 >> Presionas “Aplicar” y "Aceptar"

Con esto debería mejorar un poquin el arranque.

3.- Para eliminar las herramientas utilizadas:

Descargas >> Delfix, a tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.


#28

Todo en orden, gracias por la ayuda, pueden dar como terminado el tema.


#29

Hola @Roberto94

Que bueno que hayamos podido resolver tu consulta…:+1:

Para otros problemas, ya sabes donde encontrarnos. :wink:

Tema Solucionado

Salu2.


cerrado #30