te hago una pregunta, en caso de no aparecer el malware quieres que abra una pagina donde aparezca el efecto que te digo y luego haga un escaneo nuevamente? para ver si eso es lo que lo activa y lo hace visible? como te dije ya no he abierto paginas HTTP para no meter mas la pata con tus instrucciones
Hola:
Ya lo haremos pero con alguna herramienta que monitoree el proceso.
Salu2.
Informe del ADWClear
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2018
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 4
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2127 octets] - [28/11/2018 14:08:50]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Reporte FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.11.2018
Ran by Miguel (administrator) on DESKTOP-JRGGCVQ (28-11-2018 14:19:06)
Running from C:\Users\Miguel\Desktop
Loaded Profiles: Miguel (Available Profiles: Miguel)
Platform: Windows 10 Pro Version 1809 17763.134 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7067048 2015-12-02] (Piriform Ltd)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4035696 2017-05-25] (Tonec Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.200.254
Tcpip\..\Interfaces\{e7736c1c-a824-4eca-b66d-1dea4c085d67}: [DhcpNameServer] 192.168.200.254
Internet Explorer:
==================
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Miguel\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Miguel\AppData\Roaming\IDM\idmmzcc5 [2018-11-26] [Legacy] [not signed]
FF HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-26] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default [2018-11-27]
CHR Extension: (Presentaciones) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Documentos) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Google Drive) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-26]
CHR Extension: (YouTube) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Hojas de cálculo) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-26]
CHR Extension: (IDM Integration Module) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-11-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-26]
CHR Extension: (Gmail) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-05-25]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-05-25]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-11-27] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
S3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-11-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-11-27] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315159.inf_amd64_b01c1e8cccf04a67\atikmdag.sys [36571640 2017-06-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315159.inf_amd64_b01c1e8cccf04a67\atikmpag.sys [529912 2017-06-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R3 cpuz138; C:\Users\Miguel\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2018-11-28] (CPUID) <==== ATTENTION
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-09-15] (Qualcomm Atheros, Inc.)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [171520 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-11-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-11-27] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-11-27] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-28 14:19 - 2018-11-28 14:19 - 000012547 _____ C:\Users\Miguel\Desktop\FRST.txt
2018-11-28 14:08 - 2018-11-28 14:10 - 000000000 ____D C:\AdwCleaner
2018-11-28 14:03 - 2018-11-28 14:04 - 007321808 _____ (Malwarebytes) C:\Users\Miguel\Desktop\adwcleaner_7.2.5.0.exe
2018-11-28 13:52 - 2018-11-28 13:52 - 000000000 ____D C:\Users\Miguel\AppData\Local\ElevatedDiagnostics
2018-11-27 20:32 - 2018-11-27 20:32 - 000000040 ____H C:\01696CDEB3DF
2018-11-27 20:32 - 2018-11-27 20:32 - 000000000 ____D C:\Users\Miguel\AppData\LocalLow\Adobe
2018-11-27 20:20 - 2018-11-27 20:20 - 000009601 _____ C:\Users\Miguel\Desktop\Fixlog.txt
2018-11-27 20:19 - 2018-11-28 14:19 - 000000000 ____D C:\FRST
2018-11-27 20:12 - 2018-11-27 20:12 - 002416640 _____ (Farbar) C:\Users\Miguel\Desktop\FRST64.exe
2018-11-27 17:19 - 2018-11-27 17:19 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Macromedia
2018-11-27 17:18 - 2018-11-27 17:18 - 000000000 ____D C:\Users\Miguel\AppData\LocalLow\AMD
2018-11-27 17:17 - 2018-11-27 19:36 - 000000413 _____ C:\DelFix.txt
2018-11-27 11:59 - 2018-11-27 11:59 - 000000000 ____D C:\tportable.1.1.23
2018-11-27 03:17 - 2018-11-27 03:17 - 026804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 020808704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 009696264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 006059008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003951192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003379216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 003337800 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002985328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002617856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-27 03:17 - 2018-11-27 03:17 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-11-27 03:17 - 2018-11-27 03:17 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001843432 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001751080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001715200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001641608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001402408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001181824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001064248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 001053352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000783696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000506392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000402568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000398400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-27 03:12 - 2018-11-27 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-27 03:11 - 2018-11-27 03:11 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-27 01:57 - 2018-11-27 15:33 - 000000526 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-11-27 01:04 - 2018-11-27 01:16 - 000002280 ____H C:\Users\Miguel\Documents\Default.rdp
2018-11-27 00:25 - 2018-11-27 02:33 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-11-27 00:02 - 2018-11-27 00:03 - 000000000 ____D C:\Users\Miguel\Documents\Grabaciones de sonido
2018-11-27 00:01 - 2018-11-27 00:01 - 000000279 _____ C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papelera de reciclaje.lnk
2018-11-26 23:51 - 2018-11-26 23:51 - 000000000 ____D C:\Users\Miguel\AppData\Local\DBG
2018-11-26 23:10 - 2018-11-26 23:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\mbamtray
2018-11-26 23:10 - 2018-11-26 23:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\mbam
2018-11-26 23:07 - 2010-12-05 22:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2018-11-26 23:03 - 2018-11-26 23:03 - 000000000 ____D C:\Users\Miguel\AppData\Local\PeerDistRepub
2018-11-26 22:54 - 2018-11-26 22:54 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 22:54 - 2018-11-26 22:54 - 000002334 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-26 22:50 - 2018-11-27 11:58 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\vlc
2018-11-26 22:49 - 2018-11-26 22:54 - 000000000 ____D C:\Users\Miguel\AppData\Local\Google
2018-11-26 22:49 - 2018-11-26 22:54 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-26 22:49 - 2018-11-26 22:49 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-26 22:49 - 2018-11-26 22:49 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-26 22:46 - 2018-11-26 22:46 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\WinRAR
2018-11-26 22:43 - 2018-11-26 22:47 - 000000000 ____D C:\Users\Miguel\Documents\PS Portable
2018-11-26 22:42 - 2018-11-28 14:00 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\DMCache
2018-11-26 22:42 - 2018-11-27 00:50 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\IDM
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\Users\Miguel\Downloads\Video
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\Users\Miguel\Downloads\Compressed
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\ProgramData\IDM
2018-11-26 22:40 - 2018-11-26 22:42 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-11-26 22:40 - 2018-11-26 22:40 - 000000927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2018-11-26 22:40 - 2018-11-26 22:40 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-11-26 22:40 - 2018-11-26 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-11-26 22:40 - 2018-11-26 22:40 - 000000000 ____D C:\Program Files\Sublime Text 3
2018-11-26 22:35 - 2018-11-26 22:35 - 000000000 ____D C:\Program Files\Speccy
2018-11-26 22:34 - 2018-11-27 10:46 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\SumatraPDF
2018-11-26 22:34 - 2018-11-26 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-11-26 22:34 - 2018-11-26 22:34 - 000001948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\VideoLAN
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\SumatraPDF
2018-11-26 22:15 - 2018-11-26 22:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1107566908-2914427673-2006857480-1001
2018-11-26 22:12 - 2018-11-27 15:29 - 000000000 ____D C:\Users\Miguel\AppData\Local\PlaceholderTileLogoFolder
2018-11-26 22:10 - 2018-11-27 16:53 - 000000000 ____D C:\ProgramData\Packages
2018-11-26 22:10 - 2018-11-26 22:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\Comms
2018-11-26 20:59 - 2018-11-27 20:32 - 000000000 ____D C:\Users\Miguel\AppData\Local\AMD
2018-11-26 20:56 - 2018-11-28 14:10 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-11-26 20:56 - 2018-11-26 20:56 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente de informe de problemas de AMD
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files (x86)\AMD
2018-11-26 20:55 - 2018-11-26 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-26 20:55 - 2018-11-26 20:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-11-26 20:55 - 2017-01-27 18:05 - 000103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-11-26 20:55 - 2017-01-27 18:04 - 000326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-11-26 20:55 - 2017-01-27 18:02 - 000118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-11-26 20:55 - 2017-01-27 18:01 - 000322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-11-26 20:53 - 2018-11-26 20:53 - 000000000 ____D C:\Users\Miguel\AppData\Local\D3DSCache
2018-11-26 20:52 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files\AMD
2018-11-26 20:51 - 2018-11-26 20:53 - 000000000 ____D C:\AMD
2018-11-26 20:46 - 2018-11-27 17:16 - 000000000 ___RD C:\Users\Miguel\OneDrive
2018-11-26 20:46 - 2018-11-26 20:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-11-26 20:45 - 2018-11-26 20:45 - 000000000 ___HD C:\Users\Miguel\MicrosoftEdgeBackups
2018-11-26 20:44 - 2018-11-27 15:30 - 000000000 ____D C:\Users\Miguel\AppData\Local\Packages
2018-11-26 20:44 - 2018-11-27 12:18 - 000000000 ____D C:\Users\Miguel\AppData\Local\ConnectedDevicesPlatform
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ___RD C:\Users\Miguel\3D Objects
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Adobe
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\VirtualStore
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\Publishers
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\MicrosoftEdge
2018-11-26 20:42 - 2018-11-26 20:46 - 000000000 ____D C:\Users\Miguel
2018-11-26 20:42 - 2018-11-26 20:42 - 000000020 ___SH C:\Users\Miguel\ntuser.ini
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Reciente
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Plantillas
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Mis documentos
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Menú Inicio
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Impresoras
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Entorno de red
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mis vídeos
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mis imágenes
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mi música
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Datos de programa
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Configuración local
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Historial
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Datos de programa
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Archivos temporales de Internet
2018-11-26 20:37 - 2018-11-27 20:31 - 001684176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-26 20:35 - 2018-11-26 20:35 - 000000000 ____D C:\WINDOWS\CSC
2018-11-26 20:35 - 2018-11-26 20:35 - 000000000 ____D C:\ProgramData\USOShared
2018-11-26 20:35 - 2018-09-15 03:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Reciente
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Plantillas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Mis documentos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Impresoras
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Entorno de red
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Configuración local
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Plantillas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Escritorio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Documentos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Program Files\Archivos comunes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Documents and Settings
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Archivos de programa
2018-11-26 20:29 - 2018-11-28 14:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-26 20:29 - 2018-11-27 20:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-26 20:29 - 2018-11-27 04:06 - 000258144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-26 20:29 - 2018-11-27 02:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-11-26 20:29 - 2018-11-26 20:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-11-26 20:29 - 2018-11-26 20:29 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-11-26 15:28 - 2018-11-26 20:30 - 000000000 ____D C:\WINDOWS\Panther
2018-10-29 19:01 - 2018-10-29 19:01 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-10-29 19:01 - 2018-10-29 19:01 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-10-29 19:01 - 2018-10-29 19:01 - 003600896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-10-29 19:01 - 2018-10-29 19:01 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 001279000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-10-29 19:01 - 2018-10-29 19:01 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000298488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-10-29 19:01 - 2018-10-29 19:01 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-29 19:01 - 2018-10-29 19:01 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-28 14:13 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-28 14:10 - 2018-09-15 02:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-28 12:22 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-28 12:08 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-27 20:31 - 2018-09-15 12:37 - 000752322 _____ C:\WINDOWS\system32\perfh00A.dat
2018-11-27 20:31 - 2018-09-15 12:37 - 000147902 _____ C:\WINDOWS\system32\perfc00A.dat
2018-11-27 20:31 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2018-11-27 16:53 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-27 16:53 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-27 04:05 - 2018-09-15 12:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-11-27 04:05 - 2018-09-15 12:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-11-27 04:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-27 03:18 - 2018-09-15 02:09 - 000000000 ____D C:\WINDOWS\servicing
2018-11-27 03:11 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\appcompat
2018-11-27 02:21 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Windows Defender
2018-11-26 22:25 - 2018-09-15 12:39 - 000000000 ____D C:\WINDOWS\OCR
2018-11-26 22:25 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-11-26 22:10 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ServiceState
2018-11-26 20:49 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\spool
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\USOPrivate
2018-11-26 20:33 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\windows nt
2018-11-26 20:29 - 2018-09-15 03:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-11-26 20:29 - 2018-09-15 03:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-26 20:29 - 2018-09-15 02:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-26 15:28 - 2018-09-15 03:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-11-16 19:48 - 2018-09-15 03:36 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-16 19:48 - 2018-09-15 03:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-29 19:01 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Hola @kenichi3000:
Lo detectado por Adwercleaner es en el Explorador Edge de la pagina /App/Chat privado de Chatango.
Nada que ver con lo anterior.
Prueba lo siguiente:
1.- Descarga a el escritorio Process Explorer.
-
Lo descomprimes, (botón derecho sobre el icono , extraer aquí).
-
Dentro de la carpeta, botón derecho sobre proceexp64.exe. Ejecutar como Administrador.
-
Veras una imagen como esta:
En este punto abre una de las paginas que te da problemas.
Veras todos los procesos que corren en tu equipo en la primera columna. Revisa cual es el que se consume todo el uso de CPU. Puede ser mas de uno.
Colocas el ratón sobre el y te mostrara la ventana con la información que necesitamos.
2.- Tomas una imagen y la subes.
Como insertar una imagen en el Foro?
Salu2.
hola @SanMar me deja un poco con la duda de lo sucedido pero ya creo entender, Primero ya el abrir las web con HTTP no me aparece mas el cosumo excesivo de CPU ni las molestas publicidad, la cosa es que no se que fue lo que lo elimino en primera instancia y lo único que note diferente fue que el adwclear que me mandaste a descargar creo fue diferente al que yo estaba usando y eso fue lo que logro eliminarlo, porque el proceso de consumo luego de usar el adwclear mas nunca apareció, ayer iba a realizar el test como me lo pediste para mandarte la captura pues no hizo falta porque nunca apareció estoy agradecido contigo por el aporte y asistencia otorgada pero aun sigo con la duda y la sospecha de que quizás aparezca nuevamente en un par de días(ojala y no), dicho esto como procedemos con el tema? le damos solución? o esperamos unas 48h mas para ver si ya realmente se soluciono? nuevamente te agradezco de verdad por la ayuda brindada hasta ahora no se que abria hecho sin tu ayuda y este foro
Hola:
Prueba el equipo 48 hs, reincia varias veces, ten cuidado de donde descargas.
Luego vuelves y comentas.
Salu2.
bueno @SanMar estoy MUY agradecido contigo, gracias a ti pude resolver lo del malware que tenia en el pc, ya a dia de hoy nada que aparece nada cuando visito paginas web HTTP gracias al foro y gracias a ti por colaborarme paso a paso espero cualquier cosa poder contar con el foro y ustedes como STAFF muchisimas gracias, saludos, cuidates y un abrazo.
Hola:
Cualquier nuevo problema puedes volver que por aquí te ayudaremos…
hola @SanMar esto me paso hace un ratico, aproveche las ultimas instrucciones que me diste para ver si te sirve de algo, pero creo que el malware nunca dejo de estar , te dejare las 2 capturas de pantalla que hice, me estan volviendo los sintomas, las web HTTP que ejecuto me salen con mucha publicidad y el computador comienza a usar todo el CPU, te dejo adjunto las imagenes que saque.
Hola:
1.- Tienes demasiadas pestañas de Google Chrome abiertas, prueba de a una página para que sea valido el informe.
2.- No te lo he preguntado, pero que características técnicas tiene ese equipo?
3.- Prueba lo siguiente:
Cómo desactivar el refresco automático en Google Chrome?
Luego navega en esas paginas pero no abras mas de dos o tres, y revisa el Consumo. Traes nuevas imágenes.
Salu2.
8gb ram ddr3 1333mhz
fx 6300 - Six core 3.4GHZ
gpu r7 240 2gb vram
SSD kingston 120gb (AQUI VA EL SO)
Con una sola pestaña y todo lo que CHROME se utiliza:
Otra Captura
Otra web donde aparece el mismo elevado de consumo
En EDGE
Al principio siempre es asi, solo muestra mucha ad en las web HTTP y luego comienza el consumo en exceso de utilizar la CPU.Otra en EDGE
Aqui se uiliza todo el cpu en una sola web y esa publicidad exagerada que al tratar de cerrar saltan Pop UpHola
Pues comencemos de nuevo.
Realiza los siguientes pasos, sin cambiar el orden:
1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.
2.- Descarga a tu escritorio las siguientes herramientas:
3.- Luego realizas lo siguiente, respetando el orden de los pasos:
Malwarebytes
Instalalo y actualizalo. Realiza un Análisis Completo de acuerdo a su Manual.
AdwCleaner
Ejecutalo. (Clic derecho y selecciona Ejecutar como Administrador). Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar. Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas. Guardas el reporte que te aparecerá para copiarlo y pegarlo en tu próxima respuesta. El informe también se puede encontrar en “C:\AdwCleaner\AdwCleaner.txt”
ZHPCleaner
Siguiendo su manual, lo instalas y ejecutas. Cuando termine, eliminas todo lo que encuentre.
NOTA IMPORTANTE:
En tu próxima respuesta debes pegar los reportes de Malwarebytes, AdwCleaner y ZHPCleaner.
Envuelve cada uno de los informes con una etiqueta escrita al inicio del informe y otra como este al final del mismo.
Nos comentas.
Salu2.
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2018.12.05.04
rootkit: v2018.12.05.04
Windows 10 x64 NTFS
Internet Explorer 11.134.17763.0
Miguel :: DESKTOP-JRGGCVQ [administrator]
5/12/2018 8:46:52 a. m.
mbar-log-2018-12-05 (08-46-52).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 175377
Time elapsed: 5 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 10.0.9200 Windows 10 x64
Account is Administrative
Internet Explorer version: 11.134.17763.0
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED
CPU speed: 3.516000 GHz
Memory total: 7762640896, free: 4097024000
Downloaded database version: v2018.12.05.04
Downloaded database version: v2018.12.05.04
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
12/05/2018 08:46:47
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\mssecflt.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\wd\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\Vid.sys
\SystemRoot\System32\drivers\winhvr.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\DriverStore\FileRepository\c0315159.inf_amd64_b01c1e8cccf04a67\atikmpag.sys
\SystemRoot\System32\DriverStore\FileRepository\c0315159.inf_amd64_b01c1e8cccf04a67\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\usbohci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\e2xw10x64.sys
\SystemRoot\system32\DRIVERS\bcmwl63a.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\amdppm.sys
\SystemRoot\System32\drivers\dtultrausbbus.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys
\SystemRoot\System32\drivers\dtultrascsibus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\drivers\AtihdWT6.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\DRIVERS\HdAudio.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\KMWDFILTER.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\winquic.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\idmwfp.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\??\C:\Users\Miguel\AppData\Local\Temp\cpuz138\cpuz138_x64.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\rdpvideominiport.sys
\??\C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\xusb22.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\566637C6.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2018.12.05.04
rootkit: v2018.12.05.04
<<<2>>>
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffff8185f7407060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff8185f720b860, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff8185f7407060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffff8185f711b060, DeviceName: \Device\0000002e\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffff8185f73ec060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff8185f7209860, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff8185f73ec060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffff8185f7117060, DeviceName: \Device\0000002c\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: AF2C
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 625137664
Partition is bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffff8185f74060a0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff8185f720a860, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff8185f74060a0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xffff8185f7119060, DeviceName: \Device\0000002d\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BFE2AD1
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 1953519616
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Drive 2
This is a System drive
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BE148A9B
Partition information:
Partition 0 type is HIDDEN (0x17)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 716800
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 718848 Numsec = 233717760
Partition is not bootable
Partition file system is NTFS
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 120034123776 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xffff8185f7408060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff8185f720c860, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff8185f7408060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xffff8185f711d060, DeviceName: \Device\0000002f\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DE3D8E1C
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 625137664
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xffff8185f7409060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff8185f720d860, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff8185f7409060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffff8185f7120060, DeviceName: \Device\00000030\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A2844685
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 488390017
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 250058268160 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 512
Drive: 5, DevicePointer: 0xffff8185f740a060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffff8185f7210860, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff8185f740a060, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffff8185f71620a0, DeviceName: \Device\00000031\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 5
Scanning MBR on drive 5...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5DE72161
Partition information:
Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 625133568
Partition is not bootable
Partition file system is NTFS
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition is not bootable
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\Microsoft\Network\Downloader\qmgr.db" is sparse (flags = 32768)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-0CEB6E6D5C9EDEF173A5C84055D373C1A3FA604C.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-0CEB6E6D5C9EDEF173A5C84055D373C1A3FA604C.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-0CEB6E6D5C9EDEF173A5C84055D373C1A3FA604C.bin.83" is compressed (flags = 1)
File "C:\Windows\System32\config\SYSTEMPROFILE\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-1-718848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-3-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-4-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-5-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-5-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-5-r.mbam...
Removal finished
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-14.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-05-2018
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 4
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2127 octets] - [05/12/2018 09:00:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-14.2 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-05-2018
# Duration: 00:00:21
# OS: Windows 10 Pro
# Scanned: 32162
# Detected: 4
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
PUP.Optional.Legacy HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
El manuel decia que se abriria un reporte luego de reiniciar el pc pero en mi caso no fue asi, y tuve que buscarlo manual, espero sea esto y te sirva.
Una pregunta, puedo eliminar los que estan en cuarentena correcto?
~ ZHPCleaner v2018.12.4.202 by Nicolas Coolman (2018/12/04)
~ Run by Miguel (Administrator) (05/12/2018 09:21:18)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\Miguel\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Miguel\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 17763)
---\\ Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Hosts carpeta (1)
~ El archivo hosts es legítimo (18)
---\\ Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Explorador ( Archivos, Carpetas ) (57)
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\{05F9E8B4-B9D1-496D-B88C-7885EFE9639F}.png =>.SUP.Temporary.Picture
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF05829C7043D8361F.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF0B15B11AFE55B8A6.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF0F15145BAA6B249D.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF1A8B7D6F81ADCEB6.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF1C90FE4C4174AD6C.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF32B4E20AF10286BD.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF54E745933FA8CDAE.TMP =>.SUP.Temporary.Other
MOVIDO carpeta^: C:\Users\Miguel\AppData\Local\Temp\~DF5940AFD039310A34.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF648EEB04D9A2B993.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF6549C700D0EF32A3.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF655DAD48E8ED988B.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF75B643AFFC2E1290.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF841E28285EC46519.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF85D3F284437EA4EA.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF89DD03CE6CA388B7.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF992062893DC2700B.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF9A12AB6CDD8C5965.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF9ECAA00A8C38BD94.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DF9FC5B5FED31CDC67.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFBF638A843FC51AB6.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFC1E7EF36667D6712.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFD1FCF086B2219095.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFD4A3AFA52DE729CD.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFD583663A2150E3D2.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFD6F804F5789EC65F.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFE81BEDDAEE196EFE.TMP =>.SUP.Temporary.Other
MOVIDO carpeta: C:\Users\Miguel\AppData\Local\Temp\~DFFBE59DFAAC833AE7.TMP =>.SUP.Temporary.Other
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\000 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\001 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\002 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\003 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\004 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\005 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\006 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\007 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\008 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\009 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\010 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\011 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\012 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\013 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\014 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\015 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\016 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\017 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\018 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\019 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\020 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\021 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\022 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\023 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\024 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\025 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\File System\026 =>.SUP.Temporary.Chrome
MOVIDO archivo: C:\Users\Miguel\AppData\LocalLow\Adobe =>.SUP.Empty
MOVIDO archivo: C:\Users\Miguel\AppData\LocalLow\AMD =>.SUP.Empty
---\\ Registro ( Claves, Valores, Datos) (0)
~ No malintencionados o innecesarios artículos encontrados.
---\\ Resumen de elementos en su estación de trabajo (4)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Picture
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Other
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.Chrome
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Empty
---\\ Limpieza adicional. (5)
~ Clave de registro Tracing borrados (5)
~ Quitar los antiguos informes de ZHPCleaner. (0)
---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ falta este navegador! (Mozilla Firefox)
~ falta este navegador! (Opera Software)
~ El sistema ha sido reiniciado.
---\\ STATISTIQUES
~ Items escaneado : 419
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 12/12
~ Ahorro de espacio (bytes) : 444304
~ End of clean in 00h00mn17s
---\\ Reporte (2)
ZHPCleaner-[S]-05122018-09_17_53.txt
ZHPCleaner-[R]-05122018-09_21_35.txt
Hola:
No te preocupes por lo que está en cuarentena que de ahí no se escapan.
Luego eliminamos todo junto.
Ejecuta nuevamente FRST como lo hiciste anteriormente y pega un nuevo reporte
Salu2.
Parte 2
2018-12-02 08:55 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2018-12-02 08:55 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2018-12-02 08:55 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2018-12-02 08:55 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2018-12-02 08:55 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2018-12-02 08:55 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2018-12-02 08:55 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2018-12-02 08:55 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2018-12-02 08:55 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2018-12-02 08:55 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2018-12-02 08:45 - 2018-12-02 08:55 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-12-02 08:37 - 2018-12-02 08:44 - 000000000 ____D C:\Dragon Ball FighterZ
2018-12-02 08:37 - 2018-12-02 08:37 - 000001783 _____ C:\Users\Public\Desktop\Dragon Ball FighterZ.lnk
2018-12-02 08:27 - 2018-12-02 08:27 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-12-02 08:27 - 2018-12-02 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-11-29 06:23 - 2018-11-29 06:23 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-11-29 06:22 - 2018-11-29 06:22 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Google
2018-11-29 06:13 - 2018-12-04 10:24 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-11-29 06:12 - 2018-12-04 10:43 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Psiphon3
2018-11-29 06:11 - 2018-11-29 06:12 - 006098032 _____ C:\Users\Miguel\Desktop\psiphon3.exe
2018-11-28 16:40 - 2018-11-29 17:13 - 000000000 ____D C:\Users\Miguel\Downloads\Telegram Desktop
2018-11-28 15:37 - 2018-11-28 15:37 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-11-28 14:53 - 2018-11-28 16:43 - 000000424 __RSH C:\ProgramData\ntuser.pol
2018-11-28 13:52 - 2018-11-28 13:52 - 000000000 ____D C:\Users\Miguel\AppData\Local\ElevatedDiagnostics
2018-11-27 20:32 - 2018-11-27 20:32 - 000000040 ____H C:\01696CDEB3DF
2018-11-27 17:19 - 2018-11-27 17:19 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Macromedia
2018-11-27 17:17 - 2018-12-02 08:10 - 000000542 _____ C:\DelFix.txt
2018-11-27 11:59 - 2018-11-27 11:59 - 000000000 ____D C:\tportable.1.1.23
2018-11-27 03:17 - 2018-11-27 03:17 - 026804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 020808704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 009696264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 006059008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003951192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003379216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 003337800 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002985328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002617856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-27 03:17 - 2018-11-27 03:17 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-11-27 03:17 - 2018-11-27 03:17 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001843432 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001751080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001715200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001641608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001402408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001181824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001064248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 001053352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000783696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000506392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000402568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000398400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-27 03:12 - 2018-11-27 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-27 03:11 - 2018-11-27 03:11 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-27 01:57 - 2018-11-29 06:11 - 000000526 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-11-27 01:04 - 2018-12-05 13:25 - 000002288 ____H C:\Users\Miguel\Documents\Default.rdp
2018-11-27 00:25 - 2018-11-27 02:33 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-11-27 00:02 - 2018-11-27 00:03 - 000000000 ____D C:\Users\Miguel\Documents\Grabaciones de sonido
2018-11-27 00:01 - 2018-11-27 00:01 - 000000279 _____ C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papelera de reciclaje.lnk
2018-11-26 23:51 - 2018-11-26 23:51 - 000000000 ____D C:\Users\Miguel\AppData\Local\DBG
2018-11-26 23:10 - 2018-11-26 23:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\mbamtray
2018-11-26 23:10 - 2018-11-26 23:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\mbam
2018-11-26 23:07 - 2010-12-05 22:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2018-11-26 23:03 - 2018-11-26 23:03 - 000000000 ____D C:\Users\Miguel\AppData\Local\PeerDistRepub
2018-11-26 22:54 - 2018-11-26 22:54 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 22:50 - 2018-12-03 22:59 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\vlc
2018-11-26 22:49 - 2018-11-29 06:50 - 000000000 ____D C:\Users\Miguel\AppData\Local\Google
2018-11-26 22:49 - 2018-11-26 22:54 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-26 22:49 - 2018-11-26 22:49 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-26 22:49 - 2018-11-26 22:49 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-26 22:46 - 2018-11-26 22:46 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\WinRAR
2018-11-26 22:43 - 2018-11-26 22:47 - 000000000 ____D C:\Users\Miguel\Documents\PS Portable
2018-11-26 22:42 - 2018-12-05 09:21 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\DMCache
2018-11-26 22:42 - 2018-12-02 08:30 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\IDM
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\Users\Miguel\Downloads\Video
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\Users\Miguel\Downloads\Compressed
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\ProgramData\IDM
2018-11-26 22:40 - 2018-12-02 08:30 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-11-26 22:40 - 2018-11-26 22:40 - 000000927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2018-11-26 22:40 - 2018-11-26 22:40 - 000000000 ____D C:\Program Files\Sublime Text 3
2018-11-26 22:35 - 2018-11-26 22:35 - 000000000 ____D C:\Program Files\Speccy
2018-11-26 22:34 - 2018-11-27 10:46 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\SumatraPDF
2018-11-26 22:34 - 2018-11-26 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-11-26 22:34 - 2018-11-26 22:34 - 000001948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\VideoLAN
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\SumatraPDF
2018-11-26 22:15 - 2018-11-26 22:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1107566908-2914427673-2006857480-1001
2018-11-26 22:12 - 2018-11-28 15:54 - 000000000 ____D C:\Users\Miguel\AppData\Local\PlaceholderTileLogoFolder
2018-11-26 22:10 - 2018-11-27 16:53 - 000000000 ____D C:\ProgramData\Packages
2018-11-26 22:10 - 2018-11-26 22:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\Comms
2018-11-26 20:59 - 2018-11-27 20:32 - 000000000 ____D C:\Users\Miguel\AppData\Local\AMD
2018-11-26 20:56 - 2018-12-05 09:22 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-11-26 20:56 - 2018-11-26 20:56 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente de informe de problemas de AMD
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files (x86)\AMD
2018-11-26 20:55 - 2018-11-26 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-26 20:55 - 2018-11-26 20:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-11-26 20:55 - 2017-01-27 18:05 - 000103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-11-26 20:55 - 2017-01-27 18:04 - 000326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-11-26 20:55 - 2017-01-27 18:02 - 000118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-11-26 20:55 - 2017-01-27 18:01 - 000322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-11-26 20:53 - 2018-11-26 20:53 - 000000000 ____D C:\Users\Miguel\AppData\Local\D3DSCache
2018-11-26 20:52 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files\AMD
2018-11-26 20:51 - 2018-11-26 20:53 - 000000000 ____D C:\AMD
2018-11-26 20:46 - 2018-11-27 17:16 - 000000000 ___RD C:\Users\Miguel\OneDrive
2018-11-26 20:46 - 2018-11-26 20:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-11-26 20:45 - 2018-11-26 20:45 - 000000000 ___HD C:\Users\Miguel\MicrosoftEdgeBackups
2018-11-26 20:44 - 2018-11-28 14:47 - 000000000 ____D C:\Users\Miguel\AppData\Local\Packages
2018-11-26 20:44 - 2018-11-27 12:18 - 000000000 ____D C:\Users\Miguel\AppData\Local\ConnectedDevicesPlatform
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ___RD C:\Users\Miguel\3D Objects
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Adobe
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\VirtualStore
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\Publishers
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\MicrosoftEdge
2018-11-26 20:42 - 2018-12-03 08:26 - 000000000 ____D C:\Users\Miguel
2018-11-26 20:42 - 2018-11-26 20:42 - 000000020 ___SH C:\Users\Miguel\ntuser.ini
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Reciente
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Plantillas
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Mis documentos
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Menú Inicio
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Impresoras
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Entorno de red
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mis vídeos
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mis imágenes
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mi música
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Datos de programa
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Configuración local
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Historial
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Datos de programa
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Archivos temporales de Internet
2018-11-26 20:37 - 2018-12-05 09:31 - 001684176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-26 20:35 - 2018-11-26 20:35 - 000000000 ____D C:\WINDOWS\CSC
2018-11-26 20:35 - 2018-11-26 20:35 - 000000000 ____D C:\ProgramData\USOShared
2018-11-26 20:35 - 2018-09-15 03:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Reciente
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Plantillas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Mis documentos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Impresoras
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Entorno de red
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Configuración local
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Plantillas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Escritorio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Documentos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Program Files\Archivos comunes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Documents and Settings
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Archivos de programa
2018-11-26 20:29 - 2018-12-05 12:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-26 20:29 - 2018-12-05 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-26 20:29 - 2018-12-02 11:26 - 000276216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-26 20:29 - 2018-11-27 02:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-11-26 20:29 - 2018-11-26 20:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-11-26 20:29 - 2018-11-26 20:29 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-11-26 15:28 - 2018-11-26 20:30 - 000000000 ____D C:\WINDOWS\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-05 10:22 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-05 09:31 - 2018-09-15 12:37 - 000752322 _____ C:\WINDOWS\system32\perfh00A.dat
2018-12-05 09:31 - 2018-09-15 12:37 - 000147902 _____ C:\WINDOWS\system32\perfc00A.dat
2018-12-05 09:31 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2018-12-05 09:22 - 2018-09-15 02:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-05 09:04 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-05 06:54 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-05 06:54 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-05 01:04 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-02 10:31 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-28 14:53 - 2018-09-15 03:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-11-28 14:53 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-11-27 04:05 - 2018-09-15 12:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-11-27 04:05 - 2018-09-15 12:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-11-27 04:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-27 03:18 - 2018-09-15 02:09 - 000000000 ____D C:\WINDOWS\servicing
2018-11-27 03:11 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\appcompat
2018-11-27 02:21 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Windows Defender
2018-11-26 22:25 - 2018-09-15 12:39 - 000000000 ____D C:\WINDOWS\OCR
2018-11-26 22:25 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-11-26 22:10 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ServiceState
2018-11-26 20:49 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\spool
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\USOPrivate
2018-11-26 20:33 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\windows nt
2018-11-26 20:29 - 2018-09-15 03:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-11-26 20:29 - 2018-09-15 03:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-26 20:29 - 2018-09-15 02:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-26 15:28 - 2018-09-15 03:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-11-16 19:48 - 2018-09-15 03:36 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-16 19:48 - 2018-09-15 03:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Some files in TEMP:
====================
2018-11-29 06:12 - 2018-12-04 10:25 - 012579952 _____ () C:\Users\Miguel\AppData\Local\Temp\psiphon-tunnel-core.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Borre los anteriores reporte porque me fije que luego de un reinicio el defender inicia activado.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by Miguel (administrator) on DESKTOP-JRGGCVQ (05-12-2018 13:39:23)
Running from C:\Users\Miguel\Desktop
Loaded Profiles: Miguel (Available Profiles: Miguel)
Platform: Windows 10 Pro Version 1809 17763.134 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Telegram Messenger LLP) C:\tportable.1.1.23\tportable.1.1.23\Telegram\Telegram.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7067048 2015-12-02] (Piriform Ltd)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3948600 2018-07-09] (Tonec Inc.)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [451952 2018-11-29] (Disc Soft Ltd)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\MountPoints2: {3e18883d-f62e-11e8-bec5-3052cb9df504} - "I:\setup.exe"
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.200.254
Tcpip\..\Interfaces\{e7736c1c-a824-4eca-b66d-1dea4c085d67}: [DhcpNameServer] 192.168.200.254
Internet Explorer:
==================
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Miguel\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Miguel\AppData\Roaming\IDM\idmmzcc5 [2018-12-02] [Legacy] [not signed]
FF HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-11-26] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://puya.si/?p=66345
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default [2018-12-05]
CHR Extension: (Presentaciones) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-26]
CHR Extension: (Documentos) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-26]
CHR Extension: (Google Drive) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-26]
CHR Extension: (YouTube) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-26]
CHR Extension: (Hojas de cálculo) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-26]
CHR Extension: (Authy) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2018-11-29]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-26]
CHR Extension: (Cache Killer) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmknnnjliniefekpicbaaobdnjjikfp [2018-11-29]
CHR Extension: (IDM Integration Module) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-12-02]
CHR Extension: (Auto Refresh Blocker) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhmgghfmjjoejobimppckbalonobkck [2018-12-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-26]
CHR Extension: (Gmail) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\Miguel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-10]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-07-10]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-11-27] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [6986096 2018-11-29] (Disc Soft Ltd)
S3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-11-27] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-11-27] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315159.inf_amd64_b01c1e8cccf04a67\atikmdag.sys [36571640 2017-06-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315159.inf_amd64_b01c1e8cccf04a67\atikmpag.sys [529912 2017-06-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R3 cpuz138; C:\Users\Miguel\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2018-12-05] (CPUID) <==== ATTENTION
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2018-12-02] (Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2018-12-02] (Disc Soft Ltd)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-09-15] (Qualcomm Atheros, Inc.)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
S3 smbdirect; C:\WINDOWS\System32\DRIVERS\smbdirect.sys [171520 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46184 2018-11-27] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [328696 2018-11-27] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-11-27] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-05 13:25 - 2018-12-05 13:39 - 000015464 _____ C:\Users\Miguel\Desktop\FRST.txt
2018-12-05 13:25 - 2018-12-05 13:39 - 000000000 ____D C:\FRST
2018-12-05 13:24 - 2018-12-05 13:24 - 002417152 _____ (Farbar) C:\Users\Miguel\Desktop\FRST64.exe
2018-12-05 09:23 - 2018-12-05 09:23 - 000000000 ____D C:\Users\Miguel\AppData\LocalLow\AMD
2018-12-05 09:17 - 2018-12-05 09:21 - 000008442 _____ C:\Users\Miguel\Desktop\ZHPCleaner.txt
2018-12-05 09:12 - 2018-12-05 09:21 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\ZHP
2018-12-05 09:12 - 2018-12-05 09:12 - 000000876 _____ C:\Users\Miguel\Desktop\ZHPCleaner.lnk
2018-12-05 09:12 - 2018-12-05 09:12 - 000000000 ____D C:\Users\Miguel\AppData\Local\ZHP
2018-12-05 09:00 - 2018-12-05 09:04 - 000000000 ____D C:\AdwCleaner
2018-12-05 08:46 - 2018-12-05 08:46 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\566637C6.sys
2018-12-05 08:46 - 2018-12-05 08:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-05 08:44 - 2018-12-05 13:39 - 000000000 ____D C:\Users\Miguel\Desktop\mbar
2018-12-05 08:44 - 2018-12-05 08:53 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-12-05 08:44 - 2018-12-05 08:44 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2018-12-05 08:41 - 2018-12-05 08:42 - 003296640 _____ C:\Users\Miguel\Desktop\ZHPCleaner.exe
2018-12-05 08:38 - 2018-12-05 08:39 - 007321808 _____ (Malwarebytes) C:\Users\Miguel\Desktop\adwcleaner_7.2.5.0.exe
2018-12-05 08:36 - 2018-12-05 08:37 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Miguel\Desktop\mbar-1.10.3.1001.exe
2018-12-05 07:19 - 2018-12-05 07:19 - 000000000 _____ C:\Users\Miguel\Desktop\seguir en la pagina 35 cambiando link.txt
2018-12-05 03:35 - 2018-12-05 03:35 - 000000384 _____ C:\Users\Miguel\Downloads\xenoverse.txt
2018-12-04 10:33 - 2018-12-04 10:33 - 000000028 _____ C:\Users\Miguel\Desktop\abrir esto.txt
2018-12-03 05:17 - 2017-05-01 07:31 - 002724512 ____N (Sysinternals - www.sysinternals.com) C:\Users\Miguel\Desktop\procexp.exe
2018-12-03 05:17 - 2017-05-01 07:25 - 001458856 ____N (Sysinternals - www.sysinternals.com) C:\Users\Miguel\Desktop\procexp64.exe
2018-12-03 05:17 - 2017-05-01 07:19 - 000072154 ____N C:\Users\Miguel\Desktop\procexp.chm
2018-12-03 05:17 - 2017-03-13 09:14 - 000007490 ____N C:\Users\Miguel\Desktop\Eula.txt
2018-12-03 05:16 - 2018-12-03 05:17 - 001931969 _____ C:\Users\Miguel\Desktop\ProcessExplorer.zip
2018-12-02 11:21 - 2018-12-02 11:21 - 000000000 ____D C:\Users\Miguel\Documents\CPY_SAVES
2018-12-02 11:21 - 2018-12-02 11:21 - 000000000 ____D C:\ProgramData\KONAMI
2018-12-02 11:20 - 2018-12-02 11:20 - 000000000 ____D C:\Users\Miguel\Documents\KONAMI
2018-12-02 11:19 - 2018-12-02 11:19 - 000001317 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2018 - Settings.lnk
2018-12-02 11:19 - 2018-12-02 11:19 - 000001308 _____ C:\Users\Public\Desktop\Pro Evolution Soccer 2018.lnk
2018-12-02 11:19 - 2018-12-02 11:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2018
2018-12-02 11:09 - 2018-12-02 11:21 - 000000000 ____D C:\Program Files (x86)\Pro Evolution Soccer 2018
2018-12-02 10:58 - 2018-12-02 10:58 - 000000000 ____D C:\Users\Miguel\AppData\Local\Disc_Soft_Ltd
2018-12-02 10:53 - 2018-12-02 10:53 - 000000000 ____D C:\Users\Public\Documents\Catch!
2018-12-02 10:52 - 2018-12-02 10:54 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra
2018-12-02 10:52 - 2018-12-02 10:53 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\DAEMON Tools Ultra
2018-12-02 10:52 - 2018-12-02 10:53 - 000000000 ____D C:\ProgramData\DAEMON Tools Ultra
2018-12-02 10:52 - 2018-12-02 10:52 - 000059344 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrausbbus.sys
2018-12-02 10:52 - 2018-12-02 10:52 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtultrascsibus.sys
2018-12-02 10:52 - 2018-12-02 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2018-12-02 10:31 - 2018-12-02 10:31 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-12-02 10:31 - 2018-12-02 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-12-02 10:30 - 2018-12-02 10:30 - 000000000 ____D C:\Program Files\Microsoft Office
2018-12-02 10:29 - 2018-12-02 10:29 - 000000000 __RHD C:\MSOCache
2018-12-02 10:29 - 2018-12-02 10:29 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-12-02 10:29 - 2018-12-02 10:29 - 000000000 ____D C:\Users\Miguel\AppData\Local\Microsoft Help
2018-12-02 10:29 - 2018-12-02 10:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-02 08:58 - 2018-12-02 08:58 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-12-02 08:57 - 2018-12-02 08:57 - 000000000 ____D C:\Users\Miguel\AppData\Local\UnrealEngine
2018-12-02 08:57 - 2018-12-02 08:57 - 000000000 ____D C:\Users\Miguel\AppData\Local\DBFighterZ
2018-12-02 08:55 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2018-12-02 08:55 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2018-12-02 08:55 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2018-12-02 08:55 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2018-12-02 08:55 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2018-12-02 08:55 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2018-12-02 08:55 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2018-12-02 08:55 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2018-12-02 08:55 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2018-12-02 08:55 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2018-12-02 08:55 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2018-12-02 08:55 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2018-12-02 08:55 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2018-12-02 08:55 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2018-12-02 08:55 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2018-12-02 08:55 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2018-12-02 08:55 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2018-12-02 08:55 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2018-12-02 08:55 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2018-12-02 08:55 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2018-12-02 08:55 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2018-12-02 08:55 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2018-12-02 08:55 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2018-12-02 08:55 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2018-12-02 08:55 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2018-12-02 08:55 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2018-12-02 08:55 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2018-12-02 08:55 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2018-12-02 08:55 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2018-12-02 08:55 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2018-12-02 08:55 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2018-12-02 08:55 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2018-12-02 08:55 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2018-12-02 08:55 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2018-12-02 08:55 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2018-12-02 08:55 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2018-12-02 08:55 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2018-12-02 08:55 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2018-12-02 08:55 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2018-12-02 08:55 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2018-12-02 08:55 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2018-12-02 08:55 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2018-12-02 08:55 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2018-12-02 08:55 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2018-12-02 08:55 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2018-12-02 08:55 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2018-12-02 08:55 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2018-12-02 08:55 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2018-12-02 08:55 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2018-12-02 08:55 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2018-12-02 08:55 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2018-12-02 08:55 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2018-12-02 08:55 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2018-12-02 08:55 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2018-12-02 08:55 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2018-12-02 08:55 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2018-12-02 08:55 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2018-12-02 08:55 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2018-12-02 08:55 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2018-12-02 08:55 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2018-12-02 08:55 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2018-12-02 08:55 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2018-12-02 08:55 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2018-12-02 08:55 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2018-12-02 08:55 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2018-12-02 08:55 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2018-12-02 08:55 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2018-12-02 08:55 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2018-12-02 08:55 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2018-12-02 08:55 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2018-12-02 08:55 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2018-12-02 08:55 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2018-12-02 08:55 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2018-12-02 08:55 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2018-12-02 08:55 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2018-12-02 08:55 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2018-12-02 08:55 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2018-12-02 08:55 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2018-12-02 08:55 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2018-12-02 08:55 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2018-12-02 08:55 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2018-12-02 08:55 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2018-12-02 08:55 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2018-12-02 08:55 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2018-12-02 08:55 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2018-12-02 08:55 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2018-12-02 08:55 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2018-12-02 08:55 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2018-12-02 08:55 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2018-12-02 08:55 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2018-12-02 08:55 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2018-12-02 08:55 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2018-12-02 08:55 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2018-12-02 08:55 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2018-12-02 08:55 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2018-12-02 08:55 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2018-12-02 08:55 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2018-12-02 08:55 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2018-12-02 08:55 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2018-12-02 08:55 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2018-12-02 08:55 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2018-12-02 08:55 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2018-12-02 08:55 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2018-12-02 08:55 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2018-12-02 08:55 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2018-12-02 08:55 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2018-12-02 08:55 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2018-12-02 08:55 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2018-12-02 08:55 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2018-12-02 08:55 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2018-12-02 08:55 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2018-12-02 08:55 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2018-12-02 08:55 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2018-12-02 08:55 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2018-12-02 08:55 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2018-12-02 08:55 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2018-12-02 08:55 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2018-12-02 08:55 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2018-12-02 08:55 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2018-12-02 08:55 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2018-12-02 08:55 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2018-12-02 08:55 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2018-12-02 08:55 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2018-12-02 08:55 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2018-12-02 08:55 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2018-12-02 08:55 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2018-12-02 08:55 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2018-12-02 08:55 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2018-12-02 08:55 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2018-12-02 08:55 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2018-12-02 08:55 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2018-12-02 08:55 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2018-12-02 08:55 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2018-12-02 08:55 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2018-12-02 08:55 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2018-12-02 08:55 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2018-12-02 08:55 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2018-12-02 08:55 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2018-12-02 08:55 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2018-12-02 08:55 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2018-12-02 08:55 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2018-12-02 08:55 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2018-12-02 08:55 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2018-12-02 08:55 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2018-12-02 08:55 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2018-12-02 08:55 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2018-12-02 08:55 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2018-12-02 08:55 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2018-12-02 08:55 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2018-12-02 08:55 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2018-12-02 08:45 - 2018-12-02 08:55 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-12-02 08:37 - 2018-12-02 08:44 - 000000000 ____D C:\Dragon Ball FighterZ
2018-12-02 08:37 - 2018-12-02 08:37 - 000001783 _____ C:\Users\Public\Desktop\Dragon Ball FighterZ.lnk
2018-12-02 08:27 - 2018-12-02 08:27 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-12-02 08:27 - 2018-12-02 08:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2018-11-29 06:23 - 2018-11-29 06:23 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-11-29 06:22 - 2018-11-29 06:22 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Google
2018-11-29 06:13 - 2018-12-04 10:24 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-11-29 06:12 - 2018-12-04 10:43 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Psiphon3
2018-11-29 06:11 - 2018-11-29 06:12 - 006098032 _____ C:\Users\Miguel\Desktop\psiphon3.exe
2018-11-28 16:40 - 2018-11-29 17:13 - 000000000 ____D C:\Users\Miguel\Downloads\Telegram Desktop
2018-11-28 15:37 - 2018-11-28 15:37 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2018-11-28 14:53 - 2018-11-28 16:43 - 000000424 __RSH C:\ProgramData\ntuser.pol
2018-11-28 13:52 - 2018-11-28 13:52 - 000000000 ____D C:\Users\Miguel\AppData\Local\ElevatedDiagnostics
2018-11-27 20:32 - 2018-11-27 20:32 - 000000040 ____H C:\01696CDEB3DF
2018-11-27 17:19 - 2018-11-27 17:19 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Macromedia
2018-11-27 17:17 - 2018-12-02 08:10 - 000000542 _____ C:\DelFix.txt
2018-11-27 11:59 - 2018-11-27 11:59 - 000000000 ____D C:\tportable.1.1.23
2018-11-27 03:17 - 2018-11-27 03:17 - 026804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 020808704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 009696264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 006059008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003951192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 003379216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 003337800 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002985328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002617856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-27 03:17 - 2018-11-27 03:17 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-11-27 03:17 - 2018-11-27 03:17 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001843432 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001751080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001715200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001641608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001402408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001181824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001064248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 001053352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000783696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000506392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000402568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000398400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-27 03:17 - 2018-11-27 03:17 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2018-11-27 03:17 - 2018-11-27 03:17 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-27 03:17 - 2018-11-27 03:17 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-27 03:12 - 2018-11-27 03:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-27 03:11 - 2018-11-27 03:11 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-27 01:57 - 2018-11-29 06:11 - 000000526 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-11-27 01:04 - 2018-12-05 13:25 - 000002288 ____H C:\Users\Miguel\Documents\Default.rdp
2018-11-27 00:25 - 2018-11-27 02:33 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-11-27 00:02 - 2018-11-27 00:03 - 000000000 ____D C:\Users\Miguel\Documents\Grabaciones de sonido
2018-11-27 00:01 - 2018-11-27 00:01 - 000000279 _____ C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papelera de reciclaje.lnk
2018-11-26 23:51 - 2018-11-26 23:51 - 000000000 ____D C:\Users\Miguel\AppData\Local\DBG
2018-11-26 23:10 - 2018-11-26 23:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\mbamtray
2018-11-26 23:10 - 2018-11-26 23:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\mbam
2018-11-26 23:07 - 2010-12-05 22:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2018-11-26 23:03 - 2018-11-26 23:03 - 000000000 ____D C:\Users\Miguel\AppData\Local\PeerDistRepub
2018-11-26 22:54 - 2018-11-26 22:54 - 000002375 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 22:50 - 2018-12-03 22:59 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\vlc
2018-11-26 22:49 - 2018-11-29 06:50 - 000000000 ____D C:\Users\Miguel\AppData\Local\Google
2018-11-26 22:49 - 2018-11-26 22:54 - 000000000 ____D C:\Program Files (x86)\Google
2018-11-26 22:49 - 2018-11-26 22:49 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-26 22:49 - 2018-11-26 22:49 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-26 22:46 - 2018-11-26 22:46 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\WinRAR
2018-11-26 22:43 - 2018-11-26 22:47 - 000000000 ____D C:\Users\Miguel\Documents\PS Portable
2018-11-26 22:42 - 2018-12-05 09:21 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\DMCache
2018-11-26 22:42 - 2018-12-02 08:30 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\IDM
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\Users\Miguel\Downloads\Video
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\Users\Miguel\Downloads\Compressed
2018-11-26 22:42 - 2018-11-26 22:42 - 000000000 ____D C:\ProgramData\IDM
2018-11-26 22:40 - 2018-12-02 08:30 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2018-11-26 22:40 - 2018-11-26 22:40 - 000000927 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2018-11-26 22:40 - 2018-11-26 22:40 - 000000000 ____D C:\Program Files\Sublime Text 3
2018-11-26 22:35 - 2018-11-26 22:35 - 000000000 ____D C:\Program Files\Speccy
2018-11-26 22:34 - 2018-11-27 10:46 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\SumatraPDF
2018-11-26 22:34 - 2018-11-26 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-11-26 22:34 - 2018-11-26 22:34 - 000001948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\WinRAR
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\VideoLAN
2018-11-26 22:34 - 2018-11-26 22:34 - 000000000 ____D C:\Program Files\SumatraPDF
2018-11-26 22:15 - 2018-11-26 22:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1107566908-2914427673-2006857480-1001
2018-11-26 22:12 - 2018-11-28 15:54 - 000000000 ____D C:\Users\Miguel\AppData\Local\PlaceholderTileLogoFolder
2018-11-26 22:10 - 2018-11-27 16:53 - 000000000 ____D C:\ProgramData\Packages
2018-11-26 22:10 - 2018-11-26 22:10 - 000000000 ____D C:\Users\Miguel\AppData\Local\Comms
2018-11-26 20:59 - 2018-11-27 20:32 - 000000000 ____D C:\Users\Miguel\AppData\Local\AMD
2018-11-26 20:56 - 2018-12-05 09:22 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-11-26 20:56 - 2018-11-26 20:56 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente de informe de problemas de AMD
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-11-26 20:56 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files (x86)\AMD
2018-11-26 20:55 - 2018-11-26 20:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-26 20:55 - 2018-11-26 20:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-11-26 20:55 - 2017-01-27 18:05 - 000103936 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-11-26 20:55 - 2017-01-27 18:04 - 000326656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-11-26 20:55 - 2017-01-27 18:02 - 000118272 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-11-26 20:55 - 2017-01-27 18:01 - 000322560 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-11-26 20:53 - 2018-11-26 20:53 - 000000000 ____D C:\Users\Miguel\AppData\Local\D3DSCache
2018-11-26 20:52 - 2018-11-26 20:56 - 000000000 ____D C:\Program Files\AMD
2018-11-26 20:51 - 2018-11-26 20:53 - 000000000 ____D C:\AMD
2018-11-26 20:46 - 2018-11-27 17:16 - 000000000 ___RD C:\Users\Miguel\OneDrive
2018-11-26 20:46 - 2018-11-26 20:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-11-26 20:45 - 2018-11-26 20:45 - 000000000 ___HD C:\Users\Miguel\MicrosoftEdgeBackups
2018-11-26 20:44 - 2018-11-28 14:47 - 000000000 ____D C:\Users\Miguel\AppData\Local\Packages
2018-11-26 20:44 - 2018-11-27 12:18 - 000000000 ____D C:\Users\Miguel\AppData\Local\ConnectedDevicesPlatform
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ___RD C:\Users\Miguel\3D Objects
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Roaming\Adobe
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\VirtualStore
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\Publishers
2018-11-26 20:44 - 2018-11-26 20:44 - 000000000 ____D C:\Users\Miguel\AppData\Local\MicrosoftEdge
2018-11-26 20:42 - 2018-12-03 08:26 - 000000000 ____D C:\Users\Miguel
2018-11-26 20:42 - 2018-11-26 20:42 - 000000020 ___SH C:\Users\Miguel\ntuser.ini
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Reciente
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Plantillas
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Mis documentos
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Menú Inicio
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Impresoras
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Entorno de red
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mis vídeos
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mis imágenes
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Documents\Mi música
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Datos de programa
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\Configuración local
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Historial
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Datos de programa
2018-11-26 20:42 - 2018-11-26 20:42 - 000000000 _SHDL C:\Users\Miguel\AppData\Local\Archivos temporales de Internet
2018-11-26 20:37 - 2018-12-05 09:31 - 001684176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-26 20:35 - 2018-11-26 20:35 - 000000000 ____D C:\WINDOWS\CSC
2018-11-26 20:35 - 2018-11-26 20:35 - 000000000 ____D C:\ProgramData\USOShared
2018-11-26 20:35 - 2018-09-15 03:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Public\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Reciente
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Plantillas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Mis documentos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Menú Inicio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Impresoras
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Entorno de red
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\Configuración local
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Plantillas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Menú Inicio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Escritorio
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Documentos
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\ProgramData\Datos de programa
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Program Files\Archivos comunes
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Documents and Settings
2018-11-26 20:33 - 2018-11-26 20:33 - 000000000 _SHDL C:\Archivos de programa
2018-11-26 20:29 - 2018-12-05 12:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-26 20:29 - 2018-12-05 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-26 20:29 - 2018-12-02 11:26 - 000276216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-26 20:29 - 2018-11-27 02:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-11-26 20:29 - 2018-11-26 20:29 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-11-26 20:29 - 2018-11-26 20:29 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-11-26 15:28 - 2018-11-26 20:30 - 000000000 ____D C:\WINDOWS\Panther
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-05 10:22 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-05 09:31 - 2018-09-15 12:37 - 000752322 _____ C:\WINDOWS\system32\perfh00A.dat
2018-12-05 09:31 - 2018-09-15 12:37 - 000147902 _____ C:\WINDOWS\system32\perfc00A.dat
2018-12-05 09:31 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2018-12-05 09:22 - 2018-09-15 02:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-05 09:04 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-05 06:54 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-05 06:54 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-05 01:04 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-02 10:31 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-28 14:53 - 2018-09-15 03:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-11-28 14:53 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-11-27 04:05 - 2018-09-15 12:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-11-27 04:05 - 2018-09-15 12:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-11-27 04:05 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-27 03:18 - 2018-09-15 02:09 - 000000000 ____D C:\WINDOWS\servicing
2018-11-27 03:11 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\appcompat
2018-11-27 02:21 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\Windows Defender
2018-11-26 22:25 - 2018-09-15 12:39 - 000000000 ____D C:\WINDOWS\OCR
2018-11-26 22:25 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-11-26 22:10 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ServiceState
2018-11-26 20:49 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\spool
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-11-26 20:35 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\USOPrivate
2018-11-26 20:33 - 2018-09-15 03:33 - 000000000 ____D C:\Program Files\windows nt
2018-11-26 20:29 - 2018-09-15 03:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-11-26 20:29 - 2018-09-15 03:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-26 20:29 - 2018-09-15 02:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-11-26 15:28 - 2018-09-15 03:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-11-16 19:48 - 2018-09-15 03:36 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-16 19:48 - 2018-09-15 03:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Some files in TEMP:
====================
2018-11-29 06:12 - 2018-12-04 10:25 - 012579952 _____ () C:\Users\Miguel\AppData\Local\Temp\psiphon-tunnel-core.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Miguel (05-12-2018 13:40:00)
Running from C:\Users\Miguel\Desktop
Windows 10 Pro Version 1809 17763.134 (X64) (2018-11-27 00:33:48)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1107566908-2914427673-2006857480-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1107566908-2914427673-2006857480-503 - Limited - Disabled)
Invitado (S-1-5-21-1107566908-2914427673-2006857480-501 - Limited - Disabled)
Miguel (S-1-5-21-1107566908-2914427673-2006857480-1001 - Administrator - Enabled) => C:\Users\Miguel
WDAGUtilityAccount (S-1-5-21-1107566908-2914427673-2006857480-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{15979E65-792E-474B-BC5D-42257709D4D9}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{D6ACA0E4-2488-AE52-E73D-24DB98F9AD65}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B8C421E8-BDF9-F598-832C-659A513F79EB}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{83D75873-9603-EA5A-948F-A5AEE78082C1}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{DD3A9C85-51E9-854D-EB9B-F0AE8E5B2F7C}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A00A5425-8899-055A-404C-8F96C2EC647F}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{CB71E054-00CF-182D-6C78-F9D85D10B7BA}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{30B97DD0-3646-AD22-2E77-3792B11BB5E6}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{8342F234-A97E-D691-3C01-F060CB7DA175}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{CD47D86C-737D-4818-F059-CF8A53F37B76}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DB0E2806-DE62-D60E-9BD9-E3A89FB2A5A8}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{D4EF1657-8835-A5AE-DBA0-658EF2869048}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED71C4B4-4C00-F7C9-9151-60411373DC35}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{28FFCD28-01FF-9792-B1A9-B944D44FB37D}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{DAEF66AB-6EA7-B0A8-96FB-243A2F33B8B2}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{3DBC48E0-7DE6-295B-448E-5F53D1491AC3}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{CAF3DAD2-A7E8-5472-F8E3-D71E92B7FA65}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{E7666716-625F-9E54-ECB3-39CC3C7FFB14}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{30A5B188-80AB-2CF5-22D8-8E20D66907D4}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A38C8B57-D3E6-5748-F2D3-FDC383D1203A}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{1CD84FD4-26F3-08FC-32F5-17DA9E8A4ED7}) (Version: 2017.0612.1651.28496 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 5.4.1.0928 - Disc Soft Ltd)
Dragon Ball FighterZ (HKLM-x32\...\Dragon Ball FighterZ_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Pro Evolution Soccer 2018 (HKLM-x32\...\{9C9C432B-A926-42D1-B16D-6C566431AC59}_is1) (Version: - Konami)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\18.192.0920.0015\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\18.192.0920.0015\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1107566908-2914427673-2006857480-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Miguel\AppData\Local\Microsoft\OneDrive\18.192.0920.0015\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveUltra] -> {F0E53CA3-02F8-40AE-9470-309F0309036F} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageUltra] -> {B5EBA666-2B94-4C7A-9CAA-A4539F329646} => C:\Program Files\DAEMON Tools Ultra\DTShl64.dll [2018-11-29] (Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-06-12] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {27648EB5-311C-476B-A3A4-319331523A16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-27] (Microsoft Corporation)
Task: {5FC8DD4B-130E-4413-BD96-6E256BA14412} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-26] (Google Inc.)
Task: {6908C2FB-C131-4EB5-A2C1-3ACEF084A7ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-27] (Microsoft Corporation)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7D0252C3-A848-4535-8A55-090BC66F9596} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-06-12] (Advanced Micro Devices, Inc.)
Task: {9F621643-0B80-4592-84D1-33849C830FC9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-27] (Microsoft Corporation)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {CD32B7F9-D179-4CFD-A62B-5DB6BF2D3E15} - System32\Tasks\S-1-5-21-1107566908-2914427673-2006857480-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation)
Task: {D251A0E9-E7D9-46B4-94B5-8DC81A2530EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-11-27] (Microsoft Corporation)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E76866B7-D3C2-42C1-BD5F-0F11F324B062} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-11-26] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Miguel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Authy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
==================== Loaded Modules (Whitelisted) ==============
2018-09-15 03:28 - 2018-09-15 03:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-09-15 03:28 - 2018-09-15 03:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 03:28 - 2018-09-15 03:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-09-13 14:37 - 2016-09-13 14:37 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 14:37 - 2016-09-13 14:37 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 14:37 - 2016-09-13 14:37 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 14:37 - 2016-09-13 14:37 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 14:36 - 2016-09-13 14:36 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 14:36 - 2016-09-13 14:36 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 14:37 - 2016-09-13 14:37 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-09-15 03:28 - 2018-09-15 03:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-15 12:41 - 2018-09-15 12:41 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-05 06:40 - 2018-12-05 06:42 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-05 06:40 - 2018-12-05 06:54 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-27 02:11 - 2018-11-27 02:15 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-11-27 02:11 - 2018-11-27 02:14 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-11-27 02:11 - 2018-11-27 02:12 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-11-26 23:39 - 2018-11-26 23:41 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-27 02:11 - 2018-11-27 02:13 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2015-12-02 11:57 - 2015-12-02 11:57 - 000081920 _____ () C:\Program Files\Speccy\lang\lang-1034.dll
2018-11-26 22:54 - 2018-11-16 01:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-26 22:54 - 2018-11-16 01:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-26 22:37 - 2018-11-26 22:43 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-26 22:37 - 2018-11-26 22:39 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-26 22:37 - 2018-11-26 22:39 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-28 14:29 - 2018-11-28 14:45 - 032247296 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-11-28 14:29 - 2018-11-28 14:45 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-11-27 02:11 - 2018-11-27 02:14 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 14:29 - 2018-11-28 14:39 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-28 14:29 - 2018-11-28 14:31 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-11-28 14:29 - 2018-11-28 14:36 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-11-28 14:29 - 2018-11-28 14:39 - 000069120 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.Effects.dll
2018-09-15 12:42 - 2018-09-15 12:42 - 000117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2018-11-27 02:53 - 2018-11-27 02:55 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-11-26 23:37 - 2018-11-26 23:55 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-26 22:15 - 2018-11-26 22:17 - 000017920 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
2018-11-26 22:15 - 2018-11-26 22:17 - 017164800 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.dll
2018-11-26 22:18 - 2018-11-26 22:19 - 005673832 _____ () C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll
2018-09-15 12:42 - 2018-09-15 12:42 - 000291328 _____ () C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2018-11-26 23:49 - 2018-11-27 16:44 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-26 23:49 - 2018-11-27 16:44 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-26 23:49 - 2018-11-27 16:51 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-26 23:49 - 2018-11-27 16:50 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-26 23:49 - 2018-11-27 16:23 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-26 23:49 - 2018-11-27 16:53 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-11-26 23:49 - 2018-11-27 16:47 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-11-26 23:49 - 2018-11-27 16:44 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-11-26 23:49 - 2018-11-27 16:51 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-26 23:49 - 2018-11-27 16:50 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-26 23:49 - 2018-11-27 16:22 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-26 23:49 - 2018-11-27 00:00 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-11-26 23:49 - 2018-11-27 16:51 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-15 12:44 - 2018-09-15 12:44 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-26 23:49 - 2018-11-27 16:51 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\SKU.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 03:31 - 2018-12-02 08:30 - 000001005 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 tonec.com
127.0.0.1 www.tonec.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 star.tonec.com
127.0.0.1 rev.dyxnet.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\Control Panel\Desktop\\Wallpaper -> E:\Wallpapers Anime\36000-shino-aburame-naruto-1366x768-anime-wallpaper.jpg
DNS Servers: 192.168.200.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1107566908-2914427673-2006857480-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{3220D0B5-9872-45C3-B09E-CA2E717E918A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D4B0CA86-DF48-4E6C-939D-D6C6BBBD336F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1E67FA91-0ABD-4083-901F-3EECAE63E0D3}] => (Allow) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
FirewallRules: [TCP Query User{DD9F9945-46A1-4642-9261-809A65DF2E26}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe
FirewallRules: [UDP Query User{8B1EA251-5C4A-43A5-8916-BD454175D30E}C:\program files (x86)\pro evolution soccer 2018\pes2018.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2018\pes2018.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/05/2018 01:01:40 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/04/2018 10:48:00 AM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description:
Error: (12/04/2018 10:47:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: atieclxx.exe, versión: 22.19.171.257, marca de tiempo: 0x593ef86c
Nombre del módulo con errores: atieclxx.exe, versión: 22.19.171.257, marca de tiempo: 0x593ef86c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000015a96
Identificador del proceso con errores: 0x15bc
Hora de inicio de la aplicación con errores: 0x01d48baec8df4160
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\atieclxx.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\system32\atieclxx.exe
Identificador del informe: 26b165cf-1833-48ff-99cb-faeda169632a
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/02/2018 10:41:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DTUltra.exe, versión: 2.0.0.0, marca de tiempo: 0x52404e93
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17763.134, marca de tiempo: 0xc30ded87
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0011ab32
Identificador del proceso con errores: 0xffc
Hora de inicio de la aplicación con errores: 0x01d48a4d0d416124
Ruta de acceso de la aplicación con errores: G:\Programas comprimidos\Daemon tools ultra\Crack\DTUltra.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 52e7c62b-9295-4cc1-8870-4a3739945015
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/02/2018 10:41:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: DTUltra.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
en DTClient.App.OnStartup(System.Windows.StartupEventArgs)
en System.Windows.Application.<.ctor>b__1_0(System.Object)
en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
en System.Windows.Threading.DispatcherOperation.InvokeImpl()
en System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
en System.Windows.Threading.DispatcherOperation.Invoke()
en System.Windows.Threading.Dispatcher.ProcessQueue()
en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
en System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
en System.Windows.Application.RunDispatcher(System.Object)
en System.Windows.Application.RunInternal(System.Windows.Window)
en System.Windows.Application.Run(System.Windows.Window)
en DTClient.App.Main()
Error: (12/02/2018 10:40:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DTUltra.exe, versión: 2.0.0.0, marca de tiempo: 0x52404e93
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17763.134, marca de tiempo: 0xc30ded87
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0011ab32
Identificador del proceso con errores: 0x1a88
Hora de inicio de la aplicación con errores: 0x01d48a4d09021ed5
Ruta de acceso de la aplicación con errores: G:\Programas comprimidos\Daemon tools ultra\Crack\DTUltra.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 6df6cfac-8cc6-4c83-be47-b2395d525112
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/02/2018 10:40:57 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: DTUltra.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
en DTClient.App.OnStartup(System.Windows.StartupEventArgs)
en System.Windows.Application.<.ctor>b__1_0(System.Object)
en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
en System.Windows.Threading.DispatcherOperation.InvokeImpl()
en System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
en MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
en System.Windows.Threading.DispatcherOperation.Invoke()
en System.Windows.Threading.Dispatcher.ProcessQueue()
en System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
en MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
en MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
en System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
en System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
en System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
en MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
en MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
en System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
en System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
en System.Windows.Application.RunDispatcher(System.Object)
en System.Windows.Application.RunInternal(System.Windows.Window)
en System.Windows.Application.Run(System.Windows.Window)
en DTClient.App.Main()
Error: (12/02/2018 10:40:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DTUltra.exe, versión: 2.0.0.0, marca de tiempo: 0x52404e93
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17763.134, marca de tiempo: 0xc30ded87
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0011ab32
Identificador del proceso con errores: 0x1b4
Hora de inicio de la aplicación con errores: 0x01d48a4d01d43bed
Ruta de acceso de la aplicación con errores: G:\Programas comprimidos\Daemon tools ultra\Crack\DTUltra.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: a2a5a415-9ad1-4d1a-b9cb-7e4875ebeaff
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
System errors:
=============
Error: (12/05/2018 09:24:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscBrokerManager
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:24:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:24:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.SecurityAppBroker
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:23:18 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-JRGGCVQ)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-JRGGCVQ\Miguel con SID (S-1-5-21-1107566908-2914427673-2006857480-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:18:18 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-JRGGCVQ)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
y APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
al usuario DESKTOP-JRGGCVQ\Miguel con SID (S-1-5-21-1107566908-2914427673-2006857480-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:06:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:06:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.SecurityAppBroker
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Error: (12/05/2018 09:06:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID
Windows.SecurityCenter.WscDataProtection
y APPID
No disponible
al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
Windows Defender:
===================================
Date: 2018-12-04 10:43:05.541
Description:
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {B61715B7-4B0F-4A39-BCF9-293D425D255E}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM
Date: 2018-12-02 07:51:11.338
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_G:\Programas comprimidos\6.31.3\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka+PORTABLE\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka\idm.6.30.8+-patch.exe; process:_pid:1168,ProcessStart:131882250457907734
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: G:\Programas comprimidos\6.31.3\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka+PORTABLE\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka\idm.6.30.8+-patch.exe
Versión de firma: AV: 1.281.1186.0, AS: 1.281.1186.0, NIS: 1.281.1186.0
Versión de motor: AM: 1.1.15400.5, NIS: 1.1.15400.5
Date: 2018-12-02 07:50:46.294
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_G:\Programas comprimidos\6.31.3\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka+PORTABLE\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka\idm.6.30.8+-patch.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.281.1186.0, AS: 1.281.1186.0, NIS: 1.281.1186.0
Versión de motor: AM: 1.1.15400.5, NIS: 1.1.15400.5
Date: 2018-12-02 07:28:05.656
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Bluteal!rfn&threatid=2147724737&enterprise=0
Nombre: Trojan:Win32/Bluteal!rfn
Id.: 2147724737
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_G:\Programas comprimidos\6.31.3\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka+PORTABLE\Internet.Download.Manager.v6.31.Build.3.Retail.FiNAL.Incl.Crack-addhaloka\idm.6.30.8+patch.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-JRGGCVQ\Miguel
Nombre de proceso: C:\Program Files\WinRAR\WinRAR.exe
Versión de firma: AV: 1.281.1186.0, AS: 1.281.1186.0, NIS: 1.281.1186.0
Versión de motor: AM: 1.1.15400.5, NIS: 1.1.15400.5
Date: 2018-11-27 10:19:46.037
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe->[MSILRES:AutoPico.SECOH-QAD.x64.dll]; file:_C:\Program Files\KMSpico\Service_KMS.exe->[MSILRES:Service_KMS.SECOH-QAD.x64.dll]
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-JRGGCVQ\Miguel
Nombre de proceso: G:\Programas 64 bits\FRST64.exe
Versión de firma: AV: 1.281.899.0, AS: 1.281.899.0, NIS: 1.281.899.0
Versión de motor: AM: 1.1.15400.5, NIS: 1.1.15400.5
Date: 2018-12-03 07:56:10.533
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.281.1244.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15400.5
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2018-12-01 11:56:07.794
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.281.1075.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15400.5
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
Date: 2018-11-28 14:21:32.905
Description:
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior: 1.281.943.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior: 1.1.15400.5
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico.
CodeIntegrity:
===================================
Date: 2018-11-27 10:07:59.042
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 10:03:08.768
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 09:57:41.968
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 09:57:31.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 09:57:02.475
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 09:56:57.141
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 09:56:47.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-11-27 09:56:30.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 7403.03 MB
Available physical RAM: 4233.2 MB
Total Virtual: 8555.03 MB
Available Virtual: 5110.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.45 GB) (Free:67.27 GB) NTFS
Drive d: (HDD 2) (Fixed) (Total:298.09 GB) (Free:96.64 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Anime Rules) (Fixed) (Total:931.51 GB) (Free:160.6 GB) NTFS
Drive f: (Jdownloader) (Fixed) (Total:298.09 GB) (Free:171.64 GB) NTFS
Drive g: (HDD 1) (Fixed) (Total:232.88 GB) (Free:60.34 GB) NTFS
Drive h: (Adicional) (Fixed) (Total:298.09 GB) (Free:262.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0000AF2C)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0BFE2AD1)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: BE148A9B)
Partition 1: (Active) - (Size=350 MB) - (Type=17)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: DE3D8E1C)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: A2844685)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 298.1 GB) (Disk ID: 5DE72161)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================