Ayuda cuando cierro todo los antivirus y abro ese programa me sale una ventana de Windows diciendo si lo quiero abrir al farbar Recovery Tool pero dice autor desconocido, tengo que abrirlo y usarlo?
Hola
Puedes abrirlo con toda confianza, es seguro 
Un saludo
Bueno ya lo tengo acá y digo porque no entiendo mucho solo tengo que poner los archivos de registro o copio todo y lo pego aca
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-08-2020
Ejecutado por Elias (administrador) sobre ELIAS-PC (MSI MS-7369) (29-08-2020 16:03:08)
Ejecutado desde C:\Users\Elias\Downloads
Perfiles cargados: Elias
Platform: Windows 10 Home Versión 1909 18363.1016 (X64) Idioma: Español (México)
Navegador predeterminado: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_2.26.14003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1012_none_171983fb2a153d25\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\MsMpEng.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2019-09-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\85.1.13.82\Installer\chrmstp.exe [2020-08-27] (Brave Software, Inc.) [Archivo no firmado]
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {165F523A-E0AC-48E0-8A3B-6AD92A9EC565} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2EB96BE3-527E-4650-AFCB-49BFAE25726E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6AD36625-EE45-47FE-96D9-7553D734B8E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent DAC650644B211952 => C:\Users\Elias\AppData\Local\Mozilla Firefox\default-browser-agent.exe [108752 2020-08-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {B006B59C-AE5A-4640-8DCA-BC726230C930} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0773B14-3974-4CFD-9746-09E4E7B96027} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fc46d0bc-4b6f-4126-9e5e-0216f248e7c6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Profile: C:\Users\Elias\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-27]
FireFox:
========
FF DefaultProfile: 0zfq35u3.default
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\0zfq35u3.default [2020-01-18]
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\5770oetn.default-release-1598308175296 [2020-08-28]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-08-24] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [Archivo no firmado]
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217088 2020-08-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-08-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-24] (Malwarebytes Inc -> Malwarebytes)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428256 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-08-29 16:03 - 2020-08-29 16:05 - 000009804 _____ C:\Users\Elias\Downloads\FRST.txt
2020-08-29 16:03 - 2020-08-29 16:03 - 000000000 ____D C:\Users\Elias\Downloads\FRST-OlderVersion
2020-08-29 16:02 - 2020-08-29 16:04 - 000000000 ____D C:\FRST
2020-08-28 21:36 - 2020-08-29 16:03 - 002298880 _____ (Farbar) C:\Users\Elias\Downloads\FRST64.exe
2020-08-28 20:49 - 2020-08-28 20:49 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\13804801.sys
2020-08-28 15:06 - 2020-08-28 20:49 - 000000000 ____D C:\KVRT_Data
2020-08-28 00:09 - 2020-08-28 00:10 - 000003122 _____ C:\Users\Elias\Downloads\registros.txt.txt
2020-08-27 19:21 - 2020-08-28 00:17 - 000000651 _____ C:\Users\Elias\Desktop\ESET Online Scanner.lnk
2020-08-27 19:13 - 2020-08-28 00:17 - 000000797 _____ C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-08-27 19:13 - 2020-08-27 19:13 - 000000000 ____D C:\Users\Elias\AppData\Local\ESET
2020-08-27 19:03 - 2020-08-27 19:12 - 183878032 _____ (AO Kaspersky Lab) C:\Users\Elias\Desktop\KVRT.exe
2020-08-27 18:59 - 2020-08-27 19:30 - 014860896 _____ (ESET spol. s r.o.) C:\Users\Elias\Desktop\ESETOnlineScanner_ESL.exe
2020-08-27 11:15 - 2020-08-27 11:16 - 000017822 _____ C:\Users\Elias\Downloads\cc_20200827_111509.reg
2020-08-26 21:07 - 2020-08-26 21:07 - 000112744 _____ C:\Users\Elias\Downloads\cc_20200826_210714.reg
2020-08-26 20:59 - 2020-08-26 21:12 - 000075302 _____ C:\Users\Elias\Downloads\registry.txt
2020-08-26 20:52 - 2020-08-26 20:52 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-08-26 20:27 - 2020-08-29 15:53 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-08-26 20:27 - 2020-08-26 20:27 - 000002874 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-08-26 20:27 - 2020-08-26 20:27 - 000000868 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-26 20:27 - 2020-08-26 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-08-26 20:26 - 2020-08-26 20:54 - 000000000 ____D C:\Program Files\CCleaner
2020-08-26 20:18 - 2020-08-26 20:24 - 000000000 ____D C:\AdwCleaner
2020-08-26 20:17 - 2020-08-26 20:17 - 000002408 _____ C:\Users\Elias\Downloads\registro 8 y 30hs.txt
2020-08-26 11:39 - 2020-08-26 11:48 - 027072952 _____ (Piriform Software Ltd) C:\Users\Elias\Downloads\cctrialsetup.exe
2020-08-26 11:37 - 2020-08-26 11:37 - 008414384 _____ (Malwarebytes) C:\Users\Elias\Downloads\adwcleaner_8.0.7.exe
2020-08-26 11:31 - 2020-08-26 11:31 - 000002453 _____ C:\Users\Elias\Downloads\registro de virus.txt
2020-08-24 19:29 - 2020-08-24 19:29 - 000000000 ____D C:\Users\Elias\Desktop\Datos viejos de Firefox
2020-08-24 18:41 - 2020-08-28 21:36 - 000000000 ____D C:\Users\Elias\AppData\Local\CrashDumps
2020-08-24 18:38 - 2020-08-24 18:38 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-08-24 18:38 - 2020-08-24 18:38 - 000217088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-08-24 18:38 - 2020-08-24 18:38 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-24 18:38 - 2020-08-24 18:38 - 000002026 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-24 18:38 - 2020-08-24 18:38 - 000000000 ____D C:\Users\Elias\AppData\Local\mbam
2020-08-24 18:37 - 2020-08-24 18:36 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-24 18:37 - 2020-08-24 18:36 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-08-24 18:36 - 2020-08-24 18:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-24 18:35 - 2020-08-24 18:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-24 18:34 - 2020-08-24 18:34 - 002040904 _____ (Malwarebytes) C:\Users\Elias\Downloads\MBSetup.exe
2020-08-24 01:25 - 2020-08-28 17:12 - 082837504 _____ C:\Windows\system32\config\SOFTWARE
2020-08-24 01:12 - 2020-08-24 01:25 - 000000000 ____D C:\Windows\Microsoft Antimalware
2020-08-23 21:58 - 2020-08-23 22:00 - 000000000 ____D C:\ProgramData\vcgrqidbb
2020-08-23 21:58 - 2020-08-23 21:58 - 000000000 ____D C:\ProgramData\Riate
2020-08-19 22:02 - 2020-08-19 22:02 - 000001112 _____ C:\Users\Elias\Desktop\steam - Acceso directo.lnk
2020-08-18 19:32 - 2020-08-18 19:32 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 005013504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 004129408 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 003637760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 002950808 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 002588688 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 002422384 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 002259192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 002138280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 001870200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001836160 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001418832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000738064 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000666280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000359496 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000343408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 025903104 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 022642688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 019852288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 018032128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 007758848 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 007270912 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 006294528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 005904896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 004611072 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 003516416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-08-18 19:31 - 2020-08-18 19:31 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-08-18 19:31 - 2020-08-18 19:31 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000995840 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000843776 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000671744 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000671040 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\DispBroker.Desktop.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 014820352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 006074552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005946368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005849872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005767224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005111296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005003824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 003974376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 003743056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 002739200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002022400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001672544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001420320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001406464 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 001282872 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-08-18 19:30 - 2020-08-18 19:30 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 001015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000914432 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000897648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000894032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000875520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000775480 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000690536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000675040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000675024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000673088 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000593480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000572200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000568128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000564488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000495104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000431104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000379704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HrtfApo.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000273744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatializerApo.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000165176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Winlangdb.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000133256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47mrm.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000124512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\globinputhost.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000090936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000089328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguageProfileCallback.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acwow64.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000000357 _____ C:\Windows\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000357 _____ C:\Windows\system32\DrtmAuth1KeyDelegate.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-08-18 19:29 - 2020-08-18 19:29 - 009932088 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 006436864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 003806208 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 003368616 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 002766952 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 002737664 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 002698048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 002085632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001665024 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001654312 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001482568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 001393960 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001101312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000888352 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000867840 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000823744 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000822800 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-08-18 19:29 - 2020-08-18 19:29 - 000463168 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000220984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\lpkinstall.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 007915864 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 007583272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 007270728 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 005283776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 004005376 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 003727872 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-08-18 19:28 - 2020-08-18 19:28 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 002471936 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 002260312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001756592 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-08-18 19:28 - 2020-08-18 19:28 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001660536 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001512848 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-08-18 19:28 - 2020-08-18 19:28 - 001338368 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001182248 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 001123344 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000917800 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000716312 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-08-18 19:28 - 2020-08-18 19:28 - 000548352 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000522688 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000369304 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000209208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\Winlangdb.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000186472 _____ (Microsoft Corporation) C:\Windows\system32\BCP47mrm.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000152416 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\globinputhost.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguageProfileCallback.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 017792512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 007850784 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 007297536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 004625184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 004227116 _____ C:\Windows\system32\DefaultHrtfs.bin
2020-08-18 19:27 - 2020-08-18 19:27 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 003141632 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002717696 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 002552120 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002523136 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001072128 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001059328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001055232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000875424 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\HrtfApo.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\LanguageOverlayServer.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000287232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\SpatializerApo.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000201544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-08-18 17:34 - 2020-07-18 00:07 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-08-18 17:34 - 2020-07-17 23:53 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-08-15 19:58 - 2020-08-15 19:58 - 000001581 _____ C:\Users\Elias\Desktop\RimWorldWin64 - Acceso directo.lnk
2020-08-15 19:36 - 2020-08-15 19:36 - 000000000 ____D C:\Users\Elias\Downloads\Update.v1.2.2719-Rimw0rld
2020-08-15 17:06 - 2020-08-15 17:06 - 000000000 ____D C:\Users\Elias\Downloads\R.W0rld.Roy4lty.64
2020-08-15 16:04 - 2020-08-15 16:17 - 981500463 _____ C:\Users\Elias\Downloads\R.W0rld.Roy4lty.64.rar
2020-08-15 13:08 - 2020-08-15 13:08 - 000000000 ____D C:\Users\Elias\Downloads\datashets
2020-08-03 14:03 - 2020-08-03 14:03 - 000001438 _____ C:\Users\Elias\Desktop\mow_assault_squad - Acceso directo.lnk
2020-08-02 13:57 - 2020-08-27 19:19 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-08-02 13:57 - 2020-08-27 19:19 - 000002380 _____ C:\Users\Public\Desktop\Brave.lnk
2020-08-02 13:51 - 2020-08-02 13:56 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2020-08-02 13:51 - 2020-08-02 13:51 - 000003436 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-08-02 13:51 - 2020-08-02 13:51 - 000003312 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-08-02 13:50 - 2020-08-02 13:57 - 000000000 ____D C:\Users\Elias\AppData\Local\BraveSoftware
2020-08-02 13:48 - 2020-08-02 13:48 - 001277912 _____ (BraveSoftware Inc.) C:\Users\Elias\Downloads\BraveBrowserSetup.exe
2020-08-01 12:30 - 2020-08-01 12:30 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-08-01 12:24 - 2020-08-24 19:28 - 000000000 ____D C:\Users\Elias\AppData\Local\Mozilla Firefox
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-08-29 16:03 - 2020-01-19 00:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-08-28 21:44 - 2020-01-19 00:35 - 000000000 ____D C:\Users\Elias
2020-08-28 21:41 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-28 20:47 - 2020-01-19 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-28 20:47 - 2020-01-19 00:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-08-28 17:17 - 2020-01-19 00:21 - 001767630 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-28 17:17 - 2019-03-19 08:48 - 000783276 _____ C:\Windows\system32\perfh00A.dat
2020-08-28 17:17 - 2019-03-19 08:48 - 000152746 _____ C:\Windows\system32\perfc00A.dat
2020-08-28 17:17 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2020-08-28 15:07 - 2020-06-05 13:44 - 000003580 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 15:07 - 2020-06-05 13:44 - 000003456 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-26 20:52 - 2020-02-19 13:13 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-08-26 20:52 - 2020-02-19 13:13 - 000000000 ____D C:\Users\Elias\AppData\Roaming\Notepad++
2020-08-26 20:51 - 2020-01-18 21:40 - 000000921 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-08-26 20:33 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-08-26 20:21 - 2019-03-19 01:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-08-24 23:00 - 2020-01-18 21:43 - 000000000 ____D C:\Users\Elias\AppData\LocalLow\Mozilla
2020-08-24 19:40 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-08-24 18:37 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-08-23 21:37 - 2020-06-05 22:27 - 000000826 _____ C:\Users\Elias\Desktop\speed - Acceso directo.lnk
2020-08-22 20:55 - 2020-06-05 13:44 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-22 20:55 - 2020-06-05 13:44 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-08-19 21:42 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2020-08-19 21:41 - 2020-01-19 00:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-19 21:41 - 2020-01-19 00:35 - 000000000 ___RD C:\Users\Elias\3D Objects
2020-08-19 21:40 - 2020-01-19 00:05 - 000451280 _____ C:\Windows\system32\FNTCACHE.DAT
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\setup
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\oobe
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\es-MX
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Dism
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\Provisioning
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2020-08-19 21:37 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\servicing
2020-08-19 20:04 - 2020-01-18 21:48 - 000003366 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1875704696-2256852656-2191576050-1001
2020-08-19 20:03 - 2020-04-17 12:05 - 000002372 _____ C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-19 20:02 - 2020-01-18 21:48 - 000000000 ___RD C:\Users\Elias\OneDrive
2020-08-18 19:54 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-08-11 19:49 - 2020-01-20 12:25 - 000000000 ____D C:\Users\Elias\AppData\Roaming\Wargaming.net
2020-08-04 13:02 - 2020-05-04 13:15 - 000000000 ____D C:\Users\Elias\AppData\Local\Roblox
2020-08-03 20:16 - 2020-05-04 13:15 - 000000252 _____ C:\Users\Elias\AppData\LocalLow\rbxcsettings.rbx
2020-08-01 12:30 - 2020-01-18 21:43 - 000001277 _____ C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-08-2020
Ejecutado por Elias (29-08-2020 16:07:25)
Ejecutado desde C:\Users\Elias\Downloads
Windows 10 Home Versión 1909 18363.1016 (X64) (2020-01-19 03:18:59)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1875704696-2256852656-2191576050-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1875704696-2256852656-2191576050-503 - Limited - Disabled)
Elias (S-1-5-21-1875704696-2256852656-2191576050-1001 - Administrator - Enabled) => C:\Users\Elias
Invitado (S-1-5-21-1875704696-2256852656-2191576050-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1875704696-2256852656-2191576050-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 85.1.13.82 - Los creadores de Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
GIMP 2.10.14 (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.4.1080.1113 - Microsoft Corporation)
Mozilla Firefox 79.0 (x86 es-AR) (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\Mozilla Firefox 79.0 (x86 es-AR)) (Version: 79.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.9 - Notepad++ Team)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8799.1 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Ultimate General Civil War (HKLM-x32\...\Ultimate General Civil War_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\Wargaming.net Game Center) (Version: 20.4.1.1449 - Wargaming.net)
WGCheck_NA (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\WGCHK.NA.PRODUCTION) (Version: - Wargaming.net)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Tanks NA (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2020-01-19] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c [2020-01-19] (Skype)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6669000 2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171464 2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-01-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-07-15] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-01-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Elias\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Mordekaiser_1249985001_166872_1024x576.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{6418F6E4-C539-44DF-ADCE-44D44234FB4B}H:\0- sdi_rus\sdi_x64_r1909.exe] => (Allow) H:\0- sdi_rus\sdi_x64_r1909.exe => Ningún archivo
FirewallRules: [UDP Query User{EB4BC135-F64C-4914-8DCA-96AA586F6636}H:\0- sdi_rus\sdi_x64_r1909.exe] => (Allow) H:\0- sdi_rus\sdi_x64_r1909.exe => Ningún archivo
FirewallRules: [TCP Query User{BBCFC484-CFBB-4665-A4B0-49A4D3342A0C}E:\copia de seguridad\riot games\league of legends\game\league of legends.exe] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{34605827-8DE1-4CEC-A2AB-3CF53A5CE57B}E:\copia de seguridad\riot games\league of legends\game\league of legends.exe] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{EDB4E48F-C84C-4564-9377-C1FE1F6DBEE9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{9ED1D18C-759B-45D9-9F4D-566E83F51961}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{720AA60B-C8C5-4D47-8C18-CF45B81A3C14}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6BE632B4-FE91-4269-8324-AD8277D77815}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{3696F91D-70CB-49F6-AFB5-F8FF95D3DD89}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{9053A158-60D9-4951-83A7-7638AC7B87EC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3D1D88A6-6D88-48CD-8726-1FE1C25AF481}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4D686BB6-FD4B-43B1-B44E-88175C085B38}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{BE7234C4-F3BB-4121-85E6-6C2B9C14DDC4}] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92EFDD74-2F33-4823-9C1A-05C4C8C904B1}] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{6B7AA895-0ABE-4A61-9738-FA156D529815}E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe] => (Allow) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B36D3E31-7CE4-4BFF-A31C-AA891E9E6F30}E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe] => (Allow) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{C5D7FACF-66E3-4BBD-AD4A-1305D5A8CA0D}] => (Block) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{89B72EC8-3AD0-4F5D-94D0-3D6C54738F65}] => (Block) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0012FA56-302D-4D63-88D4-DDC976585012}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe (Activision Blizzard, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{AFA7BB94-E0E8-4761-A690-DE8E1E372E25}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe (Activision Blizzard, Inc.) [Archivo no firmado]
FirewallRules: [{3F3A0D09-004A-474D-ACF8-4941EB5DAC4B}] => (Allow) E:\Cosas de ISaquito\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{22F8AEE3-6E4D-45ED-A4D0-75F5430D6B09}] => (Allow) E:\Cosas de ISaquito\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F50883AD-0EA0-4CE0-A376-663DD98B482A}] => (Allow) E:\Cosas de ISaquito\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A1034608-D6C7-44DE-A586-D0F75245F214}] => (Allow) E:\Cosas de ISaquito\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0297804-BE5D-49DB-8FB5-6E004701B904}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{FC5C0FDD-6759-4F05-9751-C3CBFDD6E17F}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{498FC7E6-233E-4530-A9F7-D14C3F692D45}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Fallout\FalloutLauncher.exe (ZeniMax Media) [Archivo no firmado]
FirewallRules: [{62637B96-D7D9-4270-88BE-8190326398A7}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Fallout\FalloutLauncher.exe (ZeniMax Media) [Archivo no firmado]
FirewallRules: [{2ED59689-7D89-4870-AC1C-011C5F7E218E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{FEAABAA8-E45A-453C-9EAD-F8545F4F927B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{258BE88D-E1B0-4DA2-9AF6-3F413D97306C}] => (Allow) E:\copia de seguridad\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{55E3DC44-0207-488D-91EA-F595440D4C00}] => (Allow) E:\copia de seguridad\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{D99E93C9-685A-46CC-A7C1-9371BBDA98AE}E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe] => (Allow) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [UDP Query User{C4DF6EE9-3CAB-426A-910C-4C0D40ADB704}E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe] => (Allow) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{230D4750-EFF0-4039-9ACD-653131969C0F}] => (Block) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{F6D80871-6CD3-45D2-B38A-E8EFFEE498C9}] => (Block) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{BEE3B275-F32B-465C-84E4-A8955EBBFABC}] => (Allow) E:\copia de seguridad\WGCheck NA\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{F16CD436-5F8C-41AC-AEF0-2D71B1BD3F20}] => (Allow) E:\copia de seguridad\WGCheck NA\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{B3F600B7-5BC5-4D49-A980-40E4E7845097}] => (Allow) E:\copia de seguridad\World_of_Tanks_NA\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A8793FB8-AC7F-4FEA-BA18-610AAFB8827D}] => (Allow) E:\copia de seguridad\World_of_Tanks_NA\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{2564B836-A614-400D-9B54-B2C1CE12F9EF}E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{D5A544CE-C649-4EE4-ABF8-A3584DB6DB30}E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{0A37A08A-C73D-4DF3-B145-80AFBD58D8E5}] => (Block) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{FC2E2AC6-7070-42ED-9A08-5E7F703F6E96}] => (Block) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{BC86047B-8ECF-40E5-9869-CF711E63A810}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Puntos de Restauración =========================
12-08-2020 15:55:41 Windows Update
18-08-2020 17:33:36 Windows Update
27-08-2020 11:58:15 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (08/29/2020 04:01:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (08/29/2020 03:50:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=3
Error: (08/29/2020 03:49:59 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe". Error en el archivo de manifiesto o directiva "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe" en la línea 0.
Sintaxis XML no válida.
Error: (08/29/2020 11:36:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
Error: (08/29/2020 11:35:36 AM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe". Error en el archivo de manifiesto o directiva "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe" en la línea 0.
Sintaxis XML no válida.
Error: (08/28/2020 09:36:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: brave.exe, versión: 85.1.13.82, marca de tiempo: 0x5f41b39e
Nombre del módulo con errores: ole32.dll, versión: 10.0.18362.693, marca de tiempo: 0x00331c0f
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00000000000a21c2
Identificador del proceso con errores: 0x17b8
Hora de inicio de la aplicación con errores: 0x01d67d9c684edccb
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\ole32.dll
Identificador del informe: c8446c98-5726-463f-9672-1fe59496eea8
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (08/28/2020 09:36:14 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe". Error en el archivo de manifiesto o directiva "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe" en la línea 0.
Sintaxis XML no válida.
Error: (08/28/2020 09:35:47 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Errores del sistema:
=============
Error: (08/29/2020 04:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Actualización de inteligencia de seguridad para Microsoft Defender Antivirus - KB2267602 (Versión 1.323.131.0).
Error: (08/28/2020 08:47:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 18:08:10 del 28/8/2020 resultó inesperado.
Error: (08/28/2020 05:59:50 PM) (Source: DCOM) (EventID: 10010) (User: ELIAS-PC)
Description: El servidor Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/28/2020 05:12:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 16:03:41 del 28/8/2020 resultó inesperado.
Error: (08/28/2020 03:24:27 PM) (Source: DCOM) (EventID: 10010) (User: ELIAS-PC)
Description: El servidor Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/27/2020 09:07:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (08/27/2020 09:07:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Elias\AppData\Local\Temp\ehdrv.sys
Error: (08/27/2020 09:07:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Windows Defender:
===================================
Date: 2020-08-23 22:03:17.005
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {83D9E16F-5380-4704-AEFE-2EF6BF0C2D71}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: ELIAS-PC\Elias
Date: 2020-08-23 22:03:16.999
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {3824D06A-A542-4878-B634-997F05592ACA}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: ELIAS-PC\Elias
Date: 2020-08-23 22:00:21.959
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.D3!ml&threatid=2147757782&enterprise=0
Nombre: Trojan:Win32/Wacatac.D3!ml
Id.: 2147757782
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk; file:_C:\Users\Elias\AppData\Roaming\Smart Clock\SmartClock.exe; startup:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Usuario
Usuario: ELIAS-PC\Elias
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.321.2041.0, AS: 1.321.2041.0, NIS: 1.321.2041.0
Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-23 22:00:18.676
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DC!ml&threatid=2147757791&enterprise=0
Nombre: Trojan:Win32/Wacatac.DC!ml
Id.: 2147757791
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Elias\AppData\Local\Temp\avgfipnh.exe; process:_pid:5140,ProcessStart:132427042957594415
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Users\Elias\AppData\Local\Temp\avgfipnh.exe
Versión de inteligencia de seguridad: AV: 1.321.2041.0, AS: 1.321.2041.0, NIS: 1.321.2041.0
Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-23 22:00:18.673
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.D3!ml&threatid=2147757782&enterprise=0
Nombre: Trojan:Win32/Wacatac.D3!ml
Id.: 2147757782
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk; file:_C:\Users\Elias\AppData\Roaming\Smart Clock\SmartClock.exe; startup:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: ELIAS-PC\Elias
Nombre de proceso: C:\Users\Elias\AppData\Local\Temp\wqkjbsmvollg.exe
Versión de inteligencia de seguridad: AV: 1.321.2041.0, AS: 1.321.2041.0, NIS: 1.321.2041.0
Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-23 22:36:33.404
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.2041.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.17300.4
Código de error: 0x8024402c
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
Date: 2020-08-19 20:14:39.535
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.1767.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.17300.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico.
Date: 2020-07-18 16:18:41.261
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.319.1745.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor:
Versión anterior del motor: 1.1.17200.2
Código de error: 0x80070102
Descripción del error: Tiempo de espera de la operación de espera agotado.
CodeIntegrity:
===================================
Date: 2020-08-24 23:00:32.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-24 23:00:32.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-24 19:35:18.457
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-24 19:35:18.122
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-08 11:01:53.352
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-08 11:01:53.335
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-08 11:01:53.046
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-08 11:01:53.002
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. V2.4 11/20/2007
Placa base: MSI MS-7369
Procesador: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Porcentaje de memoria en uso: 79%
RAM física total: 2047.36 MB
RAM física disponible: 414.56 MB
Virtual total: 3967.36 MB
Virtual disponible: 2118.93 MB
==================== Unidades ================================
Drive c: (Win10) (Fixed) (Total:461.47 GB) (Free:267.24 GB) NTFS
Drive e: (backup) (Fixed) (Total:469.48 GB) (Free:218.64 GB) NTFS
\\?\Volume{071b901c-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.57 GB) (Free:0.11 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 071B901C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=461.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469.5 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================por favor quiero saber si tengo o no virus asi puedo usar la computadora y usar el internet y todo
Hola
No has descargado y ejecutado FRST desde el escritorio como te indiqué, muévelo allí si no fallará el siguiente paso.
MUY Importante 
Realiza una copia de seguridad del registro :
-
Para hacerlo descarga
DelFix.exe( en tu escritorio). -
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
A continuación 
con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
2020-08-23 21:58 - 2020-08-23 22:00 - 000000000 ____D C:\ProgramData\vcgrqidbb
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
ENDGuárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
- Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
- Presionar el botón FIX/Corregir y aguardar a que termine.
- La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pega el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Un saludo
1 me gusta
Tengo dudas, 1abro y escaneo con el farbar y te lo paso,eso no me puede cambiar unas cosas o algo 2 que es eso del delfix,que hace 3 que es eso del Notepad ,No me puede romper nada? 4 es necesario usar el 2 método? Si no encuentra nada lo otro Porque me asusta que me cambie todo y me toque todo porque los otros programas ya me borraron cosas
Necesito tener el Internet activado para eso?me va a hacer muchos cambios y borrarme algunas cosas? otra cosa me dijiste que el otro paso estaba mal lo hago de nuevo y hago esos pasos?
acá ya hice un registro otra vez con el farbar y copie mis registros con delfix
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-08-2020
Ejecutado por Elias (administrador) sobre ELIAS-PC (MSI MS-7369) (02-09-2020 17:47:12)
Ejecutado desde C:\Users\Elias\Desktop
Perfiles cargados: Elias
Platform: Windows 10 Home Versión 1909 18363.1016 (X64) Idioma: Español (México)
Navegador predeterminado: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1"
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1012_none_171983fb2a153d25\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MsMpEng.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2019-09-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29271224 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\85.1.13.82\Installer\chrmstp.exe [2020-08-27] (Brave Software, Inc.) [Archivo no firmado]
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {165F523A-E0AC-48E0-8A3B-6AD92A9EC565} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2EB96BE3-527E-4650-AFCB-49BFAE25726E} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6AD36625-EE45-47FE-96D9-7553D734B8E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent DAC650644B211952 => C:\Users\Elias\AppData\Local\Mozilla Firefox\default-browser-agent.exe [108752 2020-08-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {B006B59C-AE5A-4640-8DCA-BC726230C930} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0773B14-3974-4CFD-9746-09E4E7B96027} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fc46d0bc-4b6f-4126-9e5e-0216f248e7c6}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge Profile: C:\Users\Elias\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-27]
FireFox:
========
FF DefaultProfile: 0zfq35u3.default
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\0zfq35u3.default [2020-01-18]
FF ProfilePath: C:\Users\Elias\AppData\Roaming\Mozilla\Firefox\Profiles\5770oetn.default-release-1598308175296 [2020-09-01]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [155848 2020-08-02] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7138296 2020-08-24] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-08-29] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [Archivo no firmado]
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [217088 2020-08-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-08-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-08-24] (Malwarebytes Inc -> Malwarebytes)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2020-08-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428256 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-09-02 17:47 - 2020-09-02 17:48 - 000009558 _____ C:\Users\Elias\Desktop\FRST.txt
2020-09-02 17:28 - 2020-09-02 17:28 - 000797760 _____ C:\Users\Elias\Downloads\delfix.exe
2020-08-29 16:03 - 2020-08-29 16:03 - 000000000 ____D C:\Users\Elias\Downloads\FRST-OlderVersion
2020-08-29 16:02 - 2020-09-02 17:47 - 000000000 ____D C:\FRST
2020-08-28 21:36 - 2020-08-29 16:03 - 002298880 _____ (Farbar) C:\Users\Elias\Desktop\FRST64.exe
2020-08-28 20:49 - 2020-08-28 20:49 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\13804801.sys
2020-08-28 15:06 - 2020-08-28 20:49 - 000000000 ____D C:\KVRT_Data
2020-08-28 00:09 - 2020-08-28 00:10 - 000003122 _____ C:\Users\Elias\Downloads\registros.txt.txt
2020-08-27 19:21 - 2020-08-28 00:17 - 000000651 _____ C:\Users\Elias\Desktop\ESET Online Scanner.lnk
2020-08-27 19:13 - 2020-08-28 00:17 - 000000797 _____ C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-08-27 19:13 - 2020-08-27 19:13 - 000000000 ____D C:\Users\Elias\AppData\Local\ESET
2020-08-27 19:03 - 2020-08-27 19:12 - 183878032 _____ (AO Kaspersky Lab) C:\Users\Elias\Desktop\KVRT.exe
2020-08-27 18:59 - 2020-08-27 19:30 - 014860896 _____ (ESET spol. s r.o.) C:\Users\Elias\Desktop\ESETOnlineScanner_ESL.exe
2020-08-27 11:15 - 2020-08-27 11:16 - 000017822 _____ C:\Users\Elias\Downloads\cc_20200827_111509.reg
2020-08-26 21:07 - 2020-08-26 21:07 - 000112744 _____ C:\Users\Elias\Downloads\cc_20200826_210714.reg
2020-08-26 20:59 - 2020-08-26 21:12 - 000075302 _____ C:\Users\Elias\Downloads\registry.txt
2020-08-26 20:52 - 2020-08-26 20:52 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-08-26 20:27 - 2020-09-02 17:25 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-08-26 20:27 - 2020-08-26 20:27 - 000002874 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-08-26 20:27 - 2020-08-26 20:27 - 000000868 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-08-26 20:27 - 2020-08-26 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-08-26 20:26 - 2020-08-26 20:54 - 000000000 ____D C:\Program Files\CCleaner
2020-08-26 20:18 - 2020-08-26 20:24 - 000000000 ____D C:\AdwCleaner
2020-08-26 20:17 - 2020-08-26 20:17 - 000002408 _____ C:\Users\Elias\Downloads\registro 8 y 30hs.txt
2020-08-26 11:39 - 2020-08-26 11:48 - 027072952 _____ (Piriform Software Ltd) C:\Users\Elias\Downloads\cctrialsetup.exe
2020-08-26 11:37 - 2020-08-26 11:37 - 008414384 _____ (Malwarebytes) C:\Users\Elias\Downloads\adwcleaner_8.0.7.exe
2020-08-26 11:31 - 2020-08-26 11:31 - 000002453 _____ C:\Users\Elias\Downloads\registro de virus.txt
2020-08-24 19:29 - 2020-08-24 19:29 - 000000000 ____D C:\Users\Elias\Desktop\Datos viejos de Firefox
2020-08-24 18:41 - 2020-09-02 17:28 - 000000000 ____D C:\Users\Elias\AppData\Local\CrashDumps
2020-08-24 18:38 - 2020-08-24 18:38 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-08-24 18:38 - 2020-08-24 18:38 - 000217088 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-08-24 18:38 - 2020-08-24 18:38 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-24 18:38 - 2020-08-24 18:38 - 000002026 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-08-24 18:38 - 2020-08-24 18:38 - 000000000 ____D C:\Users\Elias\AppData\Local\mbam
2020-08-24 18:37 - 2020-08-24 18:36 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-24 18:37 - 2020-08-24 18:36 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-08-24 18:36 - 2020-08-24 18:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-24 18:35 - 2020-08-24 18:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-24 18:34 - 2020-08-24 18:34 - 002040904 _____ (Malwarebytes) C:\Users\Elias\Downloads\MBSetup.exe
2020-08-24 01:25 - 2020-08-28 17:12 - 082837504 _____ C:\Windows\system32\config\SOFTWARE
2020-08-24 01:12 - 2020-08-24 01:25 - 000000000 ____D C:\Windows\Microsoft Antimalware
2020-08-23 21:58 - 2020-08-23 22:00 - 000000000 ____D C:\ProgramData\vcgrqidbb
2020-08-23 21:58 - 2020-08-23 21:58 - 000000000 ____D C:\ProgramData\Riate
2020-08-19 22:02 - 2020-08-19 22:02 - 000001112 _____ C:\Users\Elias\Desktop\steam - Acceso directo.lnk
2020-08-18 19:32 - 2020-08-18 19:32 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 005013504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 004129408 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 003637760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 002950808 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 002588688 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 002422384 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 002259192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 002138280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 001870200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001836160 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001418832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000941568 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000738064 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000724480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000666280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000432640 _____ (Microsoft Corporation) C:\Windows\system32\WalletService.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000359496 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000343408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2020-08-18 19:32 - 2020-08-18 19:32 - 000338944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2020-08-18 19:32 - 2020-08-18 19:32 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 025903104 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 022642688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 019852288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 018032128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 007758848 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 007270912 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 006294528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 005904896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 004611072 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 003822592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 003516416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-08-18 19:31 - 2020-08-18 19:31 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-08-18 19:31 - 2020-08-18 19:31 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000995840 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000843776 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000692224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000671744 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000671040 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000525824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\DispBroker.Desktop.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-08-18 19:31 - 2020-08-18 19:31 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2020-08-18 19:31 - 2020-08-18 19:31 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 014820352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 006526448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 006074552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005946368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005849872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005767224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005111296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 005003824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 003974376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 003743056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 002739200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002583496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002576896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 002022400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001672544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001669344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001564160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001420320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001406464 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 001282872 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-08-18 19:30 - 2020-08-18 19:30 - 001215488 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 001197056 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 001015296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000950784 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000914432 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000899072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000897648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000894032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000875520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000775480 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000717312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000690536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000675040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000675024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000673088 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000672256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000593480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000572200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000568128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000564488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000495104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000462848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TileDataRepository.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000431104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000379704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000339456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\HrtfApo.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000273744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatializerApo.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000165176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Winlangdb.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000133256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47mrm.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000124512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\globinputhost.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000090936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000089328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguageProfileCallback.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acwow64.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-08-18 19:30 - 2020-08-18 19:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-08-18 19:30 - 2020-08-18 19:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-08-18 19:30 - 2020-08-18 19:30 - 000000357 _____ C:\Windows\system32\DrtmAuthKeyDelegate_From_20190529_To_20200303.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000357 _____ C:\Windows\system32\DrtmAuth1KeyDelegate.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-08-18 19:30 - 2020-08-18 19:30 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-08-18 19:29 - 2020-08-18 19:29 - 009932088 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 006436864 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 003806208 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 003368616 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 002766952 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 002737664 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 002698048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 002085632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001665024 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001654312 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001482568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 001393960 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 001101312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000888352 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000867840 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000823744 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000822800 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-08-18 19:29 - 2020-08-18 19:29 - 000463168 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000461112 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000247856 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000220984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000179512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-08-18 19:29 - 2020-08-18 19:29 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000132408 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\lpkinstall.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-08-18 19:29 - 2020-08-18 19:29 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-08-18 19:29 - 2020-08-18 19:29 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 007915864 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 007583272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 007270728 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 005283776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 004565248 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 004005376 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 003727872 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-08-18 19:28 - 2020-08-18 19:28 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 002471936 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 002260312 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001756592 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-08-18 19:28 - 2020-08-18 19:28 - 001743680 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001660536 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001512848 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 001366144 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-08-18 19:28 - 2020-08-18 19:28 - 001338368 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001274128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001182248 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 001123344 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000917800 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000716312 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-08-18 19:28 - 2020-08-18 19:28 - 000548352 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000522688 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000369304 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000314368 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000209208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000208384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\Winlangdb.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000186472 _____ (Microsoft Corporation) C:\Windows\system32\BCP47mrm.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000152416 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\globinputhost.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-08-18 19:28 - 2020-08-18 19:28 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguageProfileCallback.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-08-18 19:28 - 2020-08-18 19:28 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 017792512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 007850784 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 007297536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 004625184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 004227116 _____ C:\Windows\system32\DefaultHrtfs.bin
2020-08-18 19:27 - 2020-08-18 19:27 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 003581240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 003141632 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002717696 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 002552120 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002523136 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001072128 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001059328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 001055232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000875424 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\HrtfApo.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\LanguageOverlayServer.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000287232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000252928 _____ (Microsoft Corporation) C:\Windows\system32\SpatializerApo.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000201544 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SIUF.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2020-08-18 19:27 - 2020-08-18 19:27 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-08-18 19:27 - 2020-08-18 19:27 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-08-18 19:27 - 2020-08-18 19:27 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-08-18 17:34 - 2020-07-18 00:07 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-08-18 17:34 - 2020-07-17 23:53 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-08-15 19:58 - 2020-08-15 19:58 - 000001581 _____ C:\Users\Elias\Desktop\RimWorldWin64 - Acceso directo.lnk
2020-08-15 19:36 - 2020-08-15 19:36 - 000000000 ____D C:\Users\Elias\Downloads\Update.v1.2.2719-Rimw0rld
2020-08-15 17:06 - 2020-08-15 17:06 - 000000000 ____D C:\Users\Elias\Downloads\R.W0rld.Roy4lty.64
2020-08-15 16:04 - 2020-08-15 16:17 - 981500463 _____ C:\Users\Elias\Downloads\R.W0rld.Roy4lty.64.rar
2020-08-15 13:08 - 2020-08-15 13:08 - 000000000 ____D C:\Users\Elias\Downloads\datashets
2020-08-03 14:03 - 2020-08-03 14:03 - 000001438 _____ C:\Users\Elias\Desktop\mow_assault_squad - Acceso directo.lnk
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-09-01 21:54 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-30 12:12 - 2020-06-05 13:44 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-30 12:12 - 2020-06-05 13:44 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-08-29 16:15 - 2020-01-19 00:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-08-29 16:03 - 2020-01-19 00:08 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-08-28 21:44 - 2020-01-19 00:35 - 000000000 ____D C:\Users\Elias
2020-08-28 20:47 - 2020-01-19 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-28 17:17 - 2020-01-19 00:21 - 001767630 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-28 17:17 - 2019-03-19 08:48 - 000783276 _____ C:\Windows\system32\perfh00A.dat
2020-08-28 17:17 - 2019-03-19 08:48 - 000152746 _____ C:\Windows\system32\perfc00A.dat
2020-08-28 17:17 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2020-08-28 15:07 - 2020-06-05 13:44 - 000003580 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 15:07 - 2020-06-05 13:44 - 000003456 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-27 19:19 - 2020-08-02 13:57 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2020-08-27 19:19 - 2020-08-02 13:57 - 000002380 _____ C:\Users\Public\Desktop\Brave.lnk
2020-08-26 20:52 - 2020-02-19 13:13 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-08-26 20:52 - 2020-02-19 13:13 - 000000000 ____D C:\Users\Elias\AppData\Roaming\Notepad++
2020-08-26 20:51 - 2020-01-18 21:40 - 000000921 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-08-26 20:33 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-08-26 20:21 - 2019-03-19 01:37 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-08-24 23:00 - 2020-01-18 21:43 - 000000000 ____D C:\Users\Elias\AppData\LocalLow\Mozilla
2020-08-24 19:40 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-08-24 19:28 - 2020-08-01 12:24 - 000000000 ____D C:\Users\Elias\AppData\Local\Mozilla Firefox
2020-08-24 18:37 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-08-23 21:37 - 2020-06-05 22:27 - 000000826 _____ C:\Users\Elias\Desktop\speed - Acceso directo.lnk
2020-08-19 21:42 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2020-08-19 21:41 - 2020-01-19 00:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-19 21:41 - 2020-01-19 00:35 - 000000000 ___RD C:\Users\Elias\3D Objects
2020-08-19 21:40 - 2020-01-19 00:05 - 000451280 _____ C:\Windows\system32\FNTCACHE.DAT
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\setup
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\oobe
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\es-MX
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Dism
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\Provisioning
2020-08-19 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2020-08-19 21:37 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\servicing
2020-08-19 20:04 - 2020-01-18 21:48 - 000003366 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1875704696-2256852656-2191576050-1001
2020-08-19 20:03 - 2020-04-17 12:05 - 000002372 _____ C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-19 20:02 - 2020-01-18 21:48 - 000000000 ___RD C:\Users\Elias\OneDrive
2020-08-18 19:54 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-08-11 19:49 - 2020-01-20 12:25 - 000000000 ____D C:\Users\Elias\AppData\Roaming\Wargaming.net
2020-08-04 13:02 - 2020-05-04 13:15 - 000000000 ____D C:\Users\Elias\AppData\Local\Roblox
2020-08-03 20:16 - 2020-05-04 13:15 - 000000252 _____ C:\Users\Elias\AppData\LocalLow\rbxcsettings.rbx
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ======================== Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-08-2020
Ejecutado por Elias (02-09-2020 17:49:44)
Ejecutado desde C:\Users\Elias\Desktop
Windows 10 Home Versión 1909 18363.1016 (X64) (2020-01-19 03:18:59)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1875704696-2256852656-2191576050-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1875704696-2256852656-2191576050-503 - Limited - Disabled)
Elias (S-1-5-21-1875704696-2256852656-2191576050-1001 - Administrator - Enabled) => C:\Users\Elias
Invitado (S-1-5-21-1875704696-2256852656-2191576050-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1875704696-2256852656-2191576050-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 85.1.13.82 - Los creadores de Brave)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) 1.2 Patch (HKLM-x32\...\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}) (Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}) (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (HKLM-x32\...\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}) (Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (HKLM-x32\...\InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}) (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (HKLM-x32\...\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}) (Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (HKLM-x32\...\InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}) (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (HKLM-x32\...\{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}) (Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}) (Version: - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (HKLM-x32\...\{750C87B8-AF19-4C3C-B791-50D9C83AE572}) (Version: 1.7 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}) (Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
Fallout 3 Game of the Year Edition MULTi6 - ElAmigos versión 1.7.0.3 (HKLM-x32\...\{D4B9A9FA-4547-493B-A455-CC8DD5CAA00B}_is1) (Version: 1.7.0.3 - Bethesda Softworks)
Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: - )
GIMP 2.10.14 (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Malwarebytes version 4.2.0.82 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.0.82 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.41 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\OneDriveSetup.exe) (Version: 20.134.0705.0008 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.4.1080.1113 - Microsoft Corporation)
Mozilla Firefox 79.0 (x86 es-AR) (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\Mozilla Firefox 79.0 (x86 es-AR)) (Version: 79.0 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.9 - Notepad++ Team)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Prison Architect Island Bound (HKLM-x32\...\Prison Architect Island Bound_is1) (Version: - )
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8799.1 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Trilogy versión 1.6.02 (HKLM-x32\...\S.T.A.L.K.E.R. Trilogy_is1) (Version: 1.6.02 - GSC Game World)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Ultimate General Civil War (HKLM-x32\...\Ultimate General Civil War_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\Wargaming.net Game Center) (Version: 20.4.1.1449 - Wargaming.net)
WGCheck_NA (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\WGCHK.NA.PRODUCTION) (Version: - Wargaming.net)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
World of Tanks NA (HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\...\WOT.NA.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2020-01-19] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c [2020-01-19] (Skype)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6669000 2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171464 2013-03-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-01-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-07-15] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-01-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Elias\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Mordekaiser_1249985001_166872_1024x576.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [TCP Query User{6418F6E4-C539-44DF-ADCE-44D44234FB4B}H:\0- sdi_rus\sdi_x64_r1909.exe] => (Allow) H:\0- sdi_rus\sdi_x64_r1909.exe => Ningún archivo
FirewallRules: [UDP Query User{EB4BC135-F64C-4914-8DCA-96AA586F6636}H:\0- sdi_rus\sdi_x64_r1909.exe] => (Allow) H:\0- sdi_rus\sdi_x64_r1909.exe => Ningún archivo
FirewallRules: [{1751C268-0F3E-499D-976D-FA76D348CAA7}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe (Activision Publishing -> Activision Blizzard, Inc.)
FirewallRules: [{26052544-C9D6-487B-B2A4-E4C21E68AD8B}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe (Activision Publishing -> Activision Blizzard, Inc.)
FirewallRules: [{70FA2C28-9EA5-498C-AEC6-A4EEF34116F2}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe (Activision Publishing -> Activision Blizzard, Inc.)
FirewallRules: [{24732258-5649-418A-8F84-107A7617DFB9}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe (Activision Publishing -> Activision Blizzard, Inc.)
FirewallRules: [TCP Query User{502644F9-3739-401D-932F-C09AD055DDE8}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe] => (Block) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe (Activision Blizzard, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{1503AA82-AFC7-415F-8164-259357F8B9D8}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe] => (Block) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe (Activision Blizzard, Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{BBCFC484-CFBB-4665-A4B0-49A4D3342A0C}E:\copia de seguridad\riot games\league of legends\game\league of legends.exe] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{34605827-8DE1-4CEC-A2AB-3CF53A5CE57B}E:\copia de seguridad\riot games\league of legends\game\league of legends.exe] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{EDB4E48F-C84C-4564-9377-C1FE1F6DBEE9}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{9ED1D18C-759B-45D9-9F4D-566E83F51961}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{720AA60B-C8C5-4D47-8C18-CF45B81A3C14}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6BE632B4-FE91-4269-8324-AD8277D77815}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{3696F91D-70CB-49F6-AFB5-F8FF95D3DD89}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{9053A158-60D9-4951-83A7-7638AC7B87EC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{3D1D88A6-6D88-48CD-8726-1FE1C25AF481}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{4D686BB6-FD4B-43B1-B44E-88175C085B38}] => (Block) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{BE7234C4-F3BB-4121-85E6-6C2B9C14DDC4}] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92EFDD74-2F33-4823-9C1A-05C4C8C904B1}] => (Allow) E:\copia de seguridad\riot games\league of legends\game\league of legends.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{6B7AA895-0ABE-4A61-9738-FA156D529815}E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe] => (Allow) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B36D3E31-7CE4-4BFF-A31C-AA891E9E6F30}E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe] => (Allow) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{C5D7FACF-66E3-4BBD-AD4A-1305D5A8CA0D}] => (Block) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{89B72EC8-3AD0-4F5D-94D0-3D6C54738F65}] => (Block) E:\copia de seguridad\world_of_tanks_na\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0012FA56-302D-4D63-88D4-DDC976585012}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe (Activision Blizzard, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{AFA7BB94-E0E8-4761-A690-DE8E1E372E25}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed_cheat.exe (Activision Blizzard, Inc.) [Archivo no firmado]
FirewallRules: [{3F3A0D09-004A-474D-ACF8-4941EB5DAC4B}] => (Allow) E:\Cosas de ISaquito\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{22F8AEE3-6E4D-45ED-A4D0-75F5430D6B09}] => (Allow) E:\Cosas de ISaquito\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F50883AD-0EA0-4CE0-A376-663DD98B482A}] => (Allow) E:\Cosas de ISaquito\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A1034608-D6C7-44DE-A586-D0F75245F214}] => (Allow) E:\Cosas de ISaquito\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E0297804-BE5D-49DB-8FB5-6E004701B904}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{FC5C0FDD-6759-4F05-9751-C3CBFDD6E17F}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{498FC7E6-233E-4530-A9F7-D14C3F692D45}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Fallout\FalloutLauncher.exe (ZeniMax Media) [Archivo no firmado]
FirewallRules: [{62637B96-D7D9-4270-88BE-8190326398A7}] => (Allow) E:\Cosas de ISaquito\steam\steamapps\common\Fallout\FalloutLauncher.exe (ZeniMax Media) [Archivo no firmado]
FirewallRules: [{2ED59689-7D89-4870-AC1C-011C5F7E218E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{FEAABAA8-E45A-453C-9EAD-F8545F4F927B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{258BE88D-E1B0-4DA2-9AF6-3F413D97306C}] => (Allow) E:\copia de seguridad\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{55E3DC44-0207-488D-91EA-F595440D4C00}] => (Allow) E:\copia de seguridad\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{D99E93C9-685A-46CC-A7C1-9371BBDA98AE}E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe] => (Allow) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [UDP Query User{C4DF6EE9-3CAB-426A-910C-4C0D40ADB704}E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe] => (Allow) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{230D4750-EFF0-4039-9ACD-653131969C0F}] => (Block) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{F6D80871-6CD3-45D2-B38A-E8EFFEE498C9}] => (Block) E:\cosas de isaquito\men of war - assault squad goty\mow_assault_squad.exe (Digitalmindsoft) [Archivo no firmado]
FirewallRules: [{BEE3B275-F32B-465C-84E4-A8955EBBFABC}] => (Allow) E:\copia de seguridad\WGCheck NA\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{F16CD436-5F8C-41AC-AEF0-2D71B1BD3F20}] => (Allow) E:\copia de seguridad\WGCheck NA\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{B3F600B7-5BC5-4D49-A980-40E4E7845097}] => (Allow) E:\copia de seguridad\World_of_Tanks_NA\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{A8793FB8-AC7F-4FEA-BA18-610AAFB8827D}] => (Allow) E:\copia de seguridad\World_of_Tanks_NA\WorldOfTanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{2564B836-A614-400D-9B54-B2C1CE12F9EF}E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{D5A544CE-C649-4EE4-ABF8-A3584DB6DB30}E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe] => (Allow) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{0A37A08A-C73D-4DF3-B145-80AFBD58D8E5}] => (Block) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [{FC2E2AC6-7070-42ED-9A08-5E7F703F6E96}] => (Block) E:\cosas de isaquito\steam\steamapps\common\left 4 dead 2\left4dead2.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{FCBD2844-6997-49F2-81AD-47FECB899EC1}E:\cosas de isaquito\need for speed most wanted\speed.exe] => (Allow) E:\cosas de isaquito\need for speed most wanted\speed.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{BE8083C1-ADE9-47B4-A296-2E434D0D37DB}E:\cosas de isaquito\need for speed most wanted\speed.exe] => (Allow) E:\cosas de isaquito\need for speed most wanted\speed.exe () [Archivo no firmado]
FirewallRules: [{EB66A4C5-B032-4E1A-8C28-2EF158FAB1B9}] => (Block) E:\cosas de isaquito\need for speed most wanted\speed.exe () [Archivo no firmado]
FirewallRules: [{5C7C6739-6570-4B47-AC30-0E434D5E6D09}] => (Block) E:\cosas de isaquito\need for speed most wanted\speed.exe () [Archivo no firmado]
FirewallRules: [{BC86047B-8ECF-40E5-9869-CF711E63A810}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
==================== Puntos de Restauración =========================
12-08-2020 15:55:41 Windows Update
18-08-2020 17:33:36 Windows Update
27-08-2020 11:58:15 Punto de control programado
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (09/02/2020 05:46:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/02/2020 05:28:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: brave.exe, versión: 85.1.13.82, marca de tiempo: 0x5f41b39e
Nombre del módulo con errores: SHELL32.dll_unloaded, versión: 10.0.18362.997, marca de tiempo: 0x703952b6
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000027bc1a
Identificador del proceso con errores: 0x1c80
Hora de inicio de la aplicación con errores: 0x01d68167a367a30b
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
Ruta de acceso del módulo con errores: SHELL32.dll
Identificador del informe: b070644c-96ea-4939-a2df-8aeddc35999a
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (09/02/2020 05:28:33 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe". Error en el archivo de manifiesto o directiva "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe" en la línea 0.
Sintaxis XML no válida.
Error: (09/02/2020 05:26:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (09/02/2020 05:24:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=7
Error: (09/02/2020 05:24:00 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Error al generar el contexto de activación para "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe". Error en el archivo de manifiesto o directiva "E:\copia de seguridad\Riot Games\Riot Client\RiotClientServices.exe" en la línea 0.
Sintaxis XML no válida.
Error: (09/01/2020 09:53:50 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=TimerEvent
Error: (09/01/2020 09:53:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=58e97c99-f377-4ef1-81d5-4ad5522b5fd8;NotificationInterval=1440;Trigger=UserLogon;SessionId=6
Errores del sistema:
=============
Error: (09/02/2020 05:26:44 PM) (Source: DCOM) (EventID: 10010) (User: ELIAS-PC)
Description: El servidor Microsoft.XboxGamingOverlay_2.26.14003.0_x64__8wekyb3d8bbwe!App.AppXrfdt3p0f38tc4nxz7ajrd5as6ctb0dck.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/29/2020 04:05:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Actualización de inteligencia de seguridad para Microsoft Defender Antivirus - KB2267602 (Versión 1.323.131.0).
Error: (08/28/2020 08:47:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 18:08:10 del 28/8/2020 resultó inesperado.
Error: (08/28/2020 05:59:50 PM) (Source: DCOM) (EventID: 10010) (User: ELIAS-PC)
Description: El servidor Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/28/2020 05:12:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: El cierre anterior del sistema a las 16:03:41 del 28/8/2020 resultó inesperado.
Error: (08/28/2020 03:24:27 PM) (Source: DCOM) (EventID: 10010) (User: ELIAS-PC)
Description: El servidor Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (08/27/2020 09:07:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error:
Se ha bloqueado la descarga de este controlador
Error: (08/27/2020 09:07:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Elias\AppData\Local\Temp\ehdrv.sys
Windows Defender:
===================================
Date: 2020-08-23 22:03:17.005
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {83D9E16F-5380-4704-AEFE-2EF6BF0C2D71}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: ELIAS-PC\Elias
Date: 2020-08-23 22:03:16.999
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {3824D06A-A542-4878-B634-997F05592ACA}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: ELIAS-PC\Elias
Date: 2020-08-23 22:00:21.959
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.D3!ml&threatid=2147757782&enterprise=0
Nombre: Trojan:Win32/Wacatac.D3!ml
Id.: 2147757782
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk; file:_C:\Users\Elias\AppData\Roaming\Smart Clock\SmartClock.exe; startup:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Usuario
Usuario: ELIAS-PC\Elias
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.321.2041.0, AS: 1.321.2041.0, NIS: 1.321.2041.0
Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-23 22:00:18.676
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.DC!ml&threatid=2147757791&enterprise=0
Nombre: Trojan:Win32/Wacatac.DC!ml
Id.: 2147757791
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Elias\AppData\Local\Temp\avgfipnh.exe; process:_pid:5140,ProcessStart:132427042957594415
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Users\Elias\AppData\Local\Temp\avgfipnh.exe
Versión de inteligencia de seguridad: AV: 1.321.2041.0, AS: 1.321.2041.0, NIS: 1.321.2041.0
Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-08-23 22:00:18.673
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.D3!ml&threatid=2147757782&enterprise=0
Nombre: Trojan:Win32/Wacatac.D3!ml
Id.: 2147757782
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk; file:_C:\Users\Elias\AppData\Roaming\Smart Clock\SmartClock.exe; startup:_C:\Users\Elias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartClock.lnk
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: ELIAS-PC\Elias
Nombre de proceso: C:\Users\Elias\AppData\Local\Temp\wqkjbsmvollg.exe
Versión de inteligencia de seguridad: AV: 1.321.2041.0, AS: 1.321.2041.0, NIS: 1.321.2041.0
Versión de motor: AM: 1.1.17300.4, NIS: 1.1.17300.4
Date: 2020-09-02 17:45:30.542
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.2253.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor:
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2020-09-02 17:45:30.541
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.2253.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor:
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2020-09-02 17:45:30.540
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.2253.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor:
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2020-09-02 17:45:30.426
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.2253.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor:
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
Date: 2020-09-02 17:45:30.425
Description:
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad:
Versión anterior de inteligencia de seguridad: 1.321.2253.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de inteligencia de seguridad: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión actual del motor:
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección
CodeIntegrity:
===================================
Date: 2020-08-24 23:00:32.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-24 23:00:32.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-24 19:35:18.457
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-24 19:35:18.122
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-05-08 11:01:53.352
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-08 11:01:53.335
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-08 11:01:53.046
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-05-08 11:01:53.002
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
==================== Información de la memoria ===========================
BIOS: American Megatrends Inc. V2.4 11/20/2007
Placa base: MSI MS-7369
Procesador: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Porcentaje de memoria en uso: 84%
RAM física total: 2047.36 MB
RAM física disponible: 324.62 MB
Virtual total: 3967.36 MB
Virtual disponible: 2058.18 MB
==================== Unidades ================================
Drive c: (Win10) (Fixed) (Total:461.47 GB) (Free:267.02 GB) NTFS
Drive e: (backup) (Fixed) (Total:469.48 GB) (Free:218.64 GB) NTFS
\\?\Volume{071b901c-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.57 GB) (Free:0.11 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 071B901C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=461.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469.5 GB) - (Type=07 NTFS)
==================== Final de Addition.txt ======================= Hola
No tienes que escanear de nuevo con FRST, tienes que realizar los pasos que te indiqué, n te va ha hacer cambios.
Delfix es para hacer un backup del registro, nada más …
Notepad es el bloc de notas.
Si sabes entrar en modo seguro de otra forma, puedes hacerlo.
Los programas que yo te he indicado no te ha eliminado nada ni ha hecho cambios, como ya te dije … has utilizado otros programas que no son fiables que han podido ser los causantes de los cambios, he indicado miles de veces estos programas y nunca ha pasado nada, cuando hace cambios en el equipo es porque se ha hacho otras cosas no indicadas o por tener un sistema muy inestable y cualquier cosa que hagas puede hacerte cambios.
Un saludo
Ha de haber Sido el cccleaner o el Malwarebytes pero no pasa nada ahora voy a hacer lo que me dijiste otra cosa ahi dice algo de 7 zip pero yo no uso 7zip ni lo tengo
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 29-08-2020
Ejecutado por Elias (02-09-2020 20:22:37) Run:1
Ejecutado desde C:\Users\Elias\Desktop
Perfiles cargados: Elias
Modo de Inicio: Safe Mode (minimal)
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
2020-08-23 21:58 - 2020-08-23 22:00 - 000000000 ____D C:\ProgramData\vcgrqidbb
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
C:\ProgramData\vcgrqidbb => movido correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1875704696-2256852656-2191576050-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to connect to BITS - 0x8007043c
========= Final de CMD: =========
========= netsh advfirewall reset =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est ejecutando e intenta la solicitud de nuevo.
========= Final de CMD: =========
========= netsh int ipv4 reset =========
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
No hay valores configurados por el usuario para restablecer.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28648945 B
Java, Flash, Steam htmlcache => 200143799 B
Windows/system/drivers => 138319570 B
Edge => 37901 B
Chrome => 0 B
Firefox => 29070490 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 32526 B
NetworkService => 4554306 B
Elias => 3956960837 B
RecycleBin => 101986 B
EmptyTemp: => 4.1 GB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 20:22:53 ====siento la computadora mas rápida y el malwarebytes en sus dos procesos dejaron de usar tantos recursos,antes estaba siempre en consumo alto ahora muy poco. Ya puedo desinstalar Malwarebytes, kvrt ,delfix ,frst,eset, ccleaner y eliminar todos esos registros?
Le vengo a decir muchas gracias por el asesoramiento que me dió para solucionar el problema y ahora siento la computadora más rápida y le vengo a decir si ya se solucionó todo o tengo que seguir unos pasos más?
Hola
Sigue estos pasos, para eliminar las herramientas utilizadas:
Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para desinstalar Malwarebytes utiliza su herramienta. Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall
Si tu PC anda ya bien no haría falta pasar ningún otro programa.
Confirma si ya se resolvió el problema por el que iniciaste el tema.
Un saludo
1 me gusta
En delfix hay casillas que dicen Actívate UAC REMOVE DESINFECTION TOOL Create registry backup Purge system Restore Rest sistema settings Lo hago? Me suena algo peligroso
Hola
Es para eliminar los programas utilizados, nada más.
Un saludo
Entonces solo marco REMOVE disinfection Tool y create registry backup o todos