Hola, necesito ayuda para saber que esta ovacionando tanto uso del disco
Hola
Debes dar algun dato, porque no podemos adivinar las coas…jj
Sistema operativo?
Desde cuando sucede?
Si abres el administrador de tareas,que proceso o procesos marca que consumen el disco?
Mira, tengo windows 10 (Es un windows desatendido), esto sucede desde hace aproximadamente 2 días y los procesos que más consumen son el Host de servicio: sistema local y system
Pues mal empezamos…los windows desatendidos son un problema, amen de que no reciben las actualizaciones que hacen que el sistema mejore.
Pega estos logs y vemos
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits)
¿Cómo saber si mi Windows es de 32 o 64 bits? -
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.
-
En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 29-08-2020
Ejecutado por Gianni (administrador) sobre DESKTOP-GB6GUJO (30-08-2020 12:32:23)
Ejecutado desde C:\Users\Gianni\Desktop
Perfiles cargados: Gianni
Platform: Windows 10 Enterprise 2016 LTSB Versión 1607 (X64) Idioma: Español (México)
Navegador predeterminado: Opera
Modo de Inicio: Safe Mode (with Networking)
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software AS -> Opera Software) C:\Users\Gianni\AppData\Local\Programs\Opera\70.0.3728.133\opera.exe <12>
(Opera Software AS -> Opera Software) C:\Users\Gianni\AppData\Local\Programs\Opera\70.0.3728.133\opera_crashreporter.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [109160 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-08-17] (Discord Inc. -> Discord Inc.)
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;maps;otherusers;recovery;speech;windowsdefender;windowsinsider
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\Run: [Opera Browser Assistant] => C:\Users\Gianni\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-25] (Opera Software AS -> Opera Software)
IFEO\OSppSvc.exe: [Debugger] [email protected]
IFEO\SppExtComObj.exe: [Debugger] [email protected]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {03032536-7E5E-47C6-86FF-A9AEACB0B119} - System32\Tasks\Opera scheduled Autoupdate 1597615880 => C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-08-25] (Opera Software AS -> Opera Software)
Task: {077AEFA1-769B-4A20-94C4-699C648D4334} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-GB6GUJO-Gianni DESKTOP-GB6GUJO => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {855BE9BA-FFEE-474E-89E8-5EFF0108FCB2} - System32\Tasks\{2DC40187-7C85-4F33-9779-611EA0F2987D} => C:\Windows\system32\pcalua.exe -a C:\PaintToolSAI\uninst.exe -d C:\PaintToolSAI
Task: {88F27AAA-A4ED-4746-BB36-6EF518573C7C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1760360 2020-08-16] (Avast Software s.r.o. -> Avast Software)
Task: {90535E6D-F010-47CF-B8D7-3427C4D88175} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {911FC5F8-C6E6-4C7D-897F-B749493D448A} - System32\Tasks\Opera scheduled Autoupdate 1597609474 => C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-08-25] (Opera Software AS -> Opera Software)
Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {955C9F83-1A93-4BB3-985D-98940D10F623} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B24C2617-AB72-4548-B6D9-C084A70D49AB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [108752 2020-07-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {B9779B89-9459-4D51-8620-14A13F84E5C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFA028C8-BDDD-4118-BBBC-0E808767A9F1} - System32\Tasks\Opera scheduled assistant Autoupdate 1597615887 => C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-08-25] (Opera Software AS -> Opera Software)
Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {F76DFFE4-F7C2-45C7-BD69-AA4558C48DEF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7B635D0-F2A2-435E-AD9C-4FEF2CB0822D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3810408 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3f9e4aea-28a4-4b54-9e2a-33a94abd5d46}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9j98yw6d.default
FF ProfilePath: C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\9j98yw6d.default [2020-08-16]
FF ProfilePath: C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\f3vbknlc.default-release [2020-08-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Notifications: hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.reddit.com
OPR Extension: (uBlock Origin) - C:\Users\Gianni\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-21]
OPR Extension: (Install Chrome Extensions) - C:\Users\Gianni\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-08-18]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7776160 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [353696 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 KMS-R@1n; C:\Windows\[email protected] [26112 2020-08-16] () [Archivo no firmado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-08-16] (Malwarebytes Inc -> Malwarebytes)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37152 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205888 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235592 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195656 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60488 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16824 2020-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42776 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175200 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [515544 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466752 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217336 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [323784 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R3 athur; C:\Windows\System32\drivers\athuw8x.sys [3744256 2012-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216544 2020-08-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-08-30 12:32 - 2020-08-30 12:33 - 000015320 _____ C:\Users\Gianni\Desktop\FRST.txt
2020-08-30 12:32 - 2020-08-30 12:32 - 000000000 ____D C:\FRST
2020-08-30 12:31 - 2020-08-30 12:31 - 002298880 _____ (Farbar) C:\Users\Gianni\Desktop\FRST64.exe
2020-08-29 15:43 - 2020-08-29 15:43 - 000000000 ___HD C:\$GetCurrent
2020-08-29 13:12 - 2020-08-30 12:29 - 000000008 _____ C:\Users\Gianni\Desktop\18946.75.txt
2020-08-28 15:38 - 2020-08-28 15:38 - 000000000 ___HD C:\$SysReset
2020-08-28 15:30 - 2020-08-29 15:05 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2020-08-28 15:30 - 2020-08-28 15:30 - 006260552 _____ (Microsoft Corporation) C:\Users\Gianni\Downloads\Windows10Upgrade9252.exe
2020-08-28 15:30 - 2020-08-28 15:30 - 000000000 ____D C:\Windows10Upgrade
2020-08-28 15:26 - 2020-08-28 15:26 - 000000000 ___HD C:\$Windows.~WS
2020-08-28 15:26 - 2020-08-28 15:26 - 000000000 ____D C:\$WINDOWS.~BT
2020-08-28 14:07 - 2020-08-28 14:07 - 002483904 _____ (Intel) C:\Users\Gianni\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2020-08-28 13:18 - 2020-08-28 13:22 - 000000000 ____D C:\Windows\system32\MRT
2020-08-28 13:18 - 2020-08-28 13:18 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-08-28 12:04 - 2020-06-10 22:44 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-08-28 12:04 - 2020-06-10 22:37 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-08-28 11:32 - 2020-08-28 11:37 - 295969399 _____ C:\Users\Gianni\Downloads\McW10E 1.16.0 OFICIAL PARA 64 BITS + INFO IMPORTANTE.zip
2020-08-27 21:46 - 2020-08-27 21:50 - 000000000 ____D C:\Users\Gianni\Documents\---
2020-08-27 21:39 - 2020-08-27 21:39 - 000000000 ____D C:\Users\Gianni\AppData\Local\TechSmith
2020-08-27 21:37 - 2020-08-27 21:37 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\TechSmith
2020-08-27 21:35 - 2020-08-27 21:36 - 088618063 _____ C:\Users\Gianni\Downloads\reparar el JOYCON DRIFT (se mueve solo) ✔️ MUY FÁCIL - SOLUCIÓN DEFINITIVA para Nintendo SWITCH.mp4
2020-08-27 13:00 - 2020-08-30 12:13 - 000216544 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-08-27 13:00 - 2020-08-27 13:00 - 000000000 ____D C:\Users\Gianni\AppData\Local\mbamtray
2020-08-26 21:37 - 2020-08-26 21:37 - 000000000 ____D C:\Users\Gianni\Documents\SYSTEMAX Software Development
2020-08-26 21:37 - 2018-02-02 14:50 - 000000000 ____D C:\Users\Gianni\Downloads\Paint Tool SAI 2.0 (32bit)
2020-08-26 21:35 - 2020-08-26 21:36 - 012329049 _____ C:\Users\Gianni\Downloads\Paint Tool SAI 2.0 (32bit).rar
2020-08-26 21:33 - 2020-08-26 21:33 - 000003252 _____ C:\Windows\system32\Tasks\{2DC40187-7C85-4F33-9779-611EA0F2987D}
2020-08-26 21:24 - 2020-08-26 21:24 - 000001031 _____ C:\Users\Gianni\AppData\Local\recently-used.xbel
2020-08-26 21:24 - 2020-08-26 21:24 - 000000000 ____D C:\Users\Gianni\AppData\Local\gtk-2.0
2020-08-26 21:21 - 2020-08-26 21:27 - 000000000 ____D C:\Users\Gianni\AppData\Local\babl-0.1
2020-08-26 21:21 - 2020-08-26 21:21 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\GIMP
2020-08-26 21:21 - 2020-08-26 21:21 - 000000000 ____D C:\Users\Gianni\AppData\Local\GIMP
2020-08-26 21:21 - 2020-08-26 21:21 - 000000000 ____D C:\Users\Gianni\AppData\Local\gegl-0.4
2020-08-26 12:12 - 2020-08-26 12:12 - 000411805 _____ C:\Users\Gianni\Downloads\ACTIVIDADES-FCyE-2DO-25-AGOST.pdf
2020-08-24 18:02 - 2020-08-24 18:02 - 000000000 ____D C:\Users\Gianni\AppData\Local\caida_libre
2020-08-24 18:00 - 2020-08-24 18:00 - 000000000 ____D C:\Users\Gianni\Documents\Custom Production Presets 8.0
2020-08-24 15:26 - 2020-08-24 15:26 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\SYSTEMAX Software Development
2020-08-24 15:26 - 2020-08-24 15:26 - 000000000 ____D C:\ProgramData\SYSTEMAX Software Development
2020-08-24 15:25 - 2020-08-24 15:25 - 002470900 _____ C:\Users\Gianni\Downloads\sai-1.2.5-ful-en.exe
2020-08-24 00:27 - 2020-08-24 00:27 - 000000000 ____D C:\Users\Gianni\AppData\Local\Microsoft_Corporation
2020-08-23 19:48 - 2020-08-23 19:48 - 000000000 ____D C:\Users\Gianni\Documents\MuseScore3
2020-08-23 19:43 - 2020-08-23 19:51 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\MuseScore
2020-08-23 19:43 - 2020-08-23 19:43 - 000000000 ____D C:\Users\Gianni\AppData\Local\MuseScore
2020-08-23 19:40 - 2020-08-23 19:40 - 000001089 _____ C:\Users\Gianni\Desktop\MuseScore 3.lnk
2020-08-23 19:39 - 2020-08-23 19:40 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2020-08-23 19:39 - 2020-08-23 19:39 - 000000000 ____D C:\Program Files\MuseScore 3
2020-08-23 19:34 - 2020-08-23 19:37 - 110641152 _____ C:\Users\Gianni\Downloads\MuseScore-3.5.0-x86_64.msi
2020-08-23 14:43 - 2020-08-26 18:35 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\audacity
2020-08-23 14:43 - 2020-08-23 14:43 - 000000000 ____D C:\Users\Gianni\AppData\Local\Audacity
2020-08-23 14:42 - 2020-08-23 14:42 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2020-08-23 14:42 - 2020-08-23 14:42 - 000001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2020-08-23 14:41 - 2020-08-23 14:43 - 000000000 ____D C:\Program Files (x86)\Audacity
2020-08-23 14:41 - 2020-08-23 14:42 - 000000000 ____D C:\AdwCleaner
2020-08-23 14:40 - 2020-08-23 14:40 - 008414384 _____ (Malwarebytes) C:\Users\Gianni\Downloads\adwcleaner_8.0.7.exe
2020-08-23 14:39 - 2020-08-23 14:40 - 028141904 _____ (Audacity Team ) C:\Users\Gianni\Downloads\audacity-win-2.4.2.exe
2020-08-23 11:49 - 2016-07-16 06:44 - 000446976 _____ (Microsoft Corporation) C:\Users\Gianni\powershell.exe
2020-08-23 11:07 - 2020-08-23 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2020-08-23 11:07 - 2020-08-23 11:07 - 000000000 ____D C:\Program Files\Classic Shell
2020-08-22 14:43 - 2020-08-27 21:37 - 000000000 ____D C:\ProgramData\TechSmith
2020-08-22 13:51 - 2020-08-22 13:51 - 000000000 ____D C:\Windows\pss
2020-08-18 20:58 - 2020-08-28 20:00 - 000005324 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-GB6GUJO-Gianni DESKTOP-GB6GUJO
2020-08-17 13:59 - 2020-08-29 17:34 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\discord
2020-08-17 13:59 - 2020-08-17 13:59 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-08-17 13:58 - 2020-08-17 13:59 - 000000000 ____D C:\Users\Gianni\AppData\Local\Discord
2020-08-17 13:57 - 2020-08-17 13:57 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2020-08-17 13:56 - 2020-08-17 13:59 - 000000000 ____D C:\Users\Gianni\AppData\Local\SquirrelTemp
2020-08-17 13:40 - 2020-08-17 13:40 - 000000000 ____D C:\Users\Gianni\AppData\Local\EpicGamesLauncher
2020-08-17 13:40 - 2020-08-17 13:40 - 000000000 ____D C:\Users\Gianni\AppData\Local\CrashReportClient
2020-08-17 12:56 - 2020-08-17 12:56 - 000000000 ____D C:\Users\Gianni\AppData\LocalLow\Daedalic Entertainment GmbH
2020-08-17 12:56 - 2020-08-17 12:56 - 000000000 ____D C:\Users\Gianni\AppData\Local\Daedalic Entertainment GmbH
2020-08-17 12:42 - 2020-08-17 13:40 - 000000000 ____D C:\Program Files\Epic Games
2020-08-16 21:53 - 2020-08-16 21:53 - 000000000 ____D C:\Users\Gianni\AppData\Local\NetworkTiles
2020-08-16 21:09 - 2020-08-16 21:09 - 000000000 ____D C:\Users\Gianni\AppData\Local\Comms
2020-08-16 19:01 - 2020-08-17 17:28 - 000001426 _____ C:\Users\Gianni\Downloads\Roblox Player.lnk
2020-08-16 19:00 - 2020-08-28 22:57 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-08-16 19:00 - 2020-08-28 22:16 - 000001249 _____ C:\Users\Gianni\Downloads\Roblox Studio.lnk
2020-08-16 19:00 - 2020-08-18 12:39 - 000000000 ____D C:\Users\Gianni\AppData\Local\Roblox
2020-08-16 19:00 - 2020-08-18 12:36 - 000000253 _____ C:\Users\Gianni\AppData\LocalLow\rbxcsettings.rbx
2020-08-16 19:00 - 2020-08-16 19:00 - 001582648 _____ (Roblox Corporation) C:\Users\Gianni\Downloads\RobloxPlayerLauncher.exe
2020-08-16 18:07 - 2020-08-16 18:07 - 000000000 ____D C:\Users\Gianni\AppData\Local\SYSTEMAX Software Development
2020-08-16 17:58 - 2020-08-16 17:58 - 000000000 ____D C:\Users\Gianni\AppData\Local\ElevatedDiagnostics
2020-08-16 17:57 - 2020-08-30 12:13 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-08-16 17:39 - 2020-08-17 13:39 - 000000000 ____D C:\Windows\system32\appmgmt
2020-08-16 17:27 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-08-16 17:27 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-08-16 17:27 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-08-16 17:27 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2020-08-16 17:27 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-08-16 17:27 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-08-16 17:27 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-08-16 17:26 - 2020-08-16 17:26 - 000000000 ____D C:\ProgramData\Package Cache
2020-08-16 17:19 - 2020-08-16 17:19 - 000000000 ____D C:\Users\Gianni\AppData\Local\UnrealEngineLauncher
2020-08-16 17:18 - 2020-08-16 17:18 - 000000000 ____D C:\Users\Gianni\AppData\Local\UnrealEngine
2020-08-16 17:18 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-08-16 17:18 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-08-16 17:18 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2020-08-16 17:18 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2020-08-16 17:18 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-08-16 17:11 - 2020-08-29 00:45 - 000004222 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1597615880
2020-08-16 17:11 - 2020-08-29 00:45 - 000001412 _____ C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-08-16 17:11 - 2020-08-26 12:10 - 000004470 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1597615887
2020-08-16 17:05 - 2020-08-16 17:06 - 002309680 _____ (Opera Software) C:\Users\Gianni\Downloads\OperaSetup.exe
2020-08-16 16:49 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Gianni\Desktop\Carpeta
2020-08-16 16:42 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\LocalLow\Adobe
2020-08-16 16:19 - 2020-08-16 16:19 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\WinRAR
2020-08-16 16:18 - 2020-08-16 16:18 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-08-16 16:18 - 2020-08-16 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-08-16 16:18 - 2020-08-16 16:18 - 000000000 ____D C:\Program Files\WinRAR
2020-08-16 16:17 - 2020-08-16 16:17 - 003340504 _____ (Alexander Roshal) C:\Users\Gianni\Downloads\winrar-x64-591es.exe
2020-08-16 16:08 - 2020-08-16 16:08 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Avast Software
2020-08-16 16:08 - 2020-08-16 16:08 - 000000000 ____D C:\Users\Gianni\AppData\Local\CEF
2020-08-16 16:07 - 2020-08-16 16:07 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-08-16 16:07 - 2020-08-16 16:07 - 000000000 ____D C:\Users\Gianni\AppData\Local\mbam
2020-08-16 16:06 - 2020-08-16 16:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-16 16:05 - 2020-08-27 13:00 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-16 16:05 - 2020-08-16 16:04 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-08-16 16:04 - 2020-08-16 16:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-16 16:03 - 2020-08-30 11:23 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-08-16 16:03 - 2020-08-24 22:04 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-08-16 16:03 - 2020-08-16 16:03 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000515544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000466752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000335968 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-08-16 16:03 - 2020-08-16 16:03 - 000323784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000235592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000217336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000205888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000195656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000175200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000060488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000042776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000016824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-16 16:03 - 2020-08-16 16:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-08-16 16:02 - 2020-08-24 22:04 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-08-16 16:01 - 2020-08-20 11:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-16 16:01 - 2020-08-16 16:54 - 000000000 ____D C:\Users\Gianni\Downloads\FORMATO
2020-08-16 16:01 - 2020-08-16 16:01 - 000000000 ____D C:\Program Files\Avast Software
2020-08-16 16:00 - 2020-08-30 12:12 - 000000000 ____D C:\ProgramData\Avast Software
2020-08-16 16:00 - 2020-08-16 16:42 - 000000000 ____D C:\ProgramData\Adobe
2020-08-16 16:00 - 2020-08-16 16:00 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-08-16 15:58 - 2020-08-28 15:28 - 000000000 ____D C:\Windows\Panther
2020-08-16 15:57 - 2020-08-16 16:44 - 000000000 ____D C:\Windows\AutoKMS
2020-08-16 15:57 - 2020-08-16 15:57 - 000008192 __RSH C:\BOOTSECT.BAK
2020-08-16 15:56 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\Local\Adobe
2020-08-16 15:56 - 2020-08-16 15:56 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2020-08-16 15:54 - 2020-08-16 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Windows\PCHEALTH
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2020-08-16 15:52 - 2020-08-16 15:53 - 000000000 ____D C:\Windows\SHELLNEW
2020-08-16 15:52 - 2020-08-16 15:52 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2020-08-16 15:52 - 2020-08-16 15:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-08-16 15:51 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 __RHD C:\MSOCache
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 ____D C:\Users\Gianni\AppData\Local\Microsoft Help
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 ____D C:\ProgramData\USOShared
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-16 15:43 - 2020-08-16 15:43 - 000000000 ____D C:\Users\Gianni\AppData\Local\cloud
2020-08-16 15:41 - 1987-12-19 16:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libcrypto-1_1-x64.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libcrypto-1_1.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001070232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libssl-1_1-x64.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000660120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libssl-1_1.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000444328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000259736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000222360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000163480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000131728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000130712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2020-08-16 15:34 - 2020-08-16 15:34 - 000000000 ____D C:\Program Files (x86)\Intel
2020-08-16 15:34 - 2020-08-16 15:34 - 000000000 ____D C:\Intel
2020-08-16 15:24 - 2020-08-24 22:04 - 000003618 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1597609474
2020-08-16 15:24 - 2020-08-16 17:11 - 000000000 ____D C:\Users\Gianni\AppData\Local\Opera Software
2020-08-16 15:24 - 2020-08-16 16:50 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Opera Software
2020-08-16 15:22 - 2020-08-16 15:22 - 000000000 ____D C:\Users\Gianni\.cache
2020-08-16 15:19 - 2020-08-16 17:06 - 000000000 ____D C:\Users\Gianni\AppData\LocalLow\Mozilla
2020-08-16 15:19 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-08-16 15:19 - 2020-08-16 15:19 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Users\Gianni\AppData\Local\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-08-16 15:18 - 2020-08-16 15:18 - 000001051 _____ C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Características opcionales.lnk
2020-08-16 15:18 - 2020-08-16 15:18 - 000000000 ____D C:\Windows\OCR
2020-08-16 15:17 - 2020-08-29 12:47 - 000004222 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EC9F4B18-C80B-4CB1-B054-420CE06636C2}
2020-08-16 15:14 - 2020-08-16 15:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-08-16 15:14 - 2020-08-16 15:14 - 000000000 ____D C:\Users\Gianni\AppData\Local\TP-Link
2020-08-16 15:07 - 2020-08-28 11:56 - 000000000 ____D C:\Users\Gianni\AppData\Local\mpress
2020-08-16 15:07 - 2020-08-16 15:07 - 000026112 _____ C:\Windows\[email protected]
2020-08-16 15:07 - 2020-08-16 15:07 - 000004096 _____ C:\Windows\[email protected]
2020-08-16 15:07 - 2020-08-16 15:07 - 000000000 ____D C:\Users\Gianni\AppData\Local\PeerDistRepub
2020-08-16 15:06 - 2020-08-30 11:54 - 000000000 ____D C:\Users\Gianni\AppData\Local\ClassicShell
2020-08-16 15:06 - 2020-08-16 15:06 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\ClassicShell
2020-08-16 15:04 - 2020-08-29 18:14 - 000000000 ____D C:\Users\Gianni
2020-08-16 15:04 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Adobe
2020-08-16 15:04 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\Local\Packages
2020-08-16 15:04 - 2020-08-16 16:27 - 000000000 ____D C:\Users\Gianni\AppData\Local\ConnectedDevicesPlatform
2020-08-16 15:04 - 2020-08-16 15:04 - 000000020 ___SH C:\Users\Gianni\ntuser.ini
2020-08-16 15:04 - 2020-08-16 15:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-16 15:04 - 2020-08-16 15:04 - 000000000 ____D C:\Users\Gianni\AppData\Local\VirtualStore
2020-08-16 15:04 - 2020-08-16 15:04 - 000000000 ____D C:\Users\Gianni\AppData\Local\TileDataLayer
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2020-08-16 15:02 - 2016-07-16 06:41 - 002716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-08-16 15:00 - 2020-08-28 16:04 - 000000000 ____D C:\Users\defaultuser0
2020-08-16 15:00 - 2020-08-16 15:00 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2020-08-16 15:00 - 2017-08-10 12:06 - 000004187 _____ C:\Users\defaultuser0\Desktop\Leeme.htm
2020-08-16 14:59 - 2020-08-30 12:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-16 14:59 - 2020-08-26 21:43 - 002401988 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-16 14:59 - 2020-08-16 14:59 - 001532788 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-08-16 14:58 - 2020-08-30 11:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-08-16 14:58 - 2020-08-16 16:25 - 000341504 _____ C:\Windows\system32\FNTCACHE.DAT
2020-08-16 14:58 - 2020-08-16 14:58 - 000000000 ____D C:\Windows\ServiceProfiles
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-08-30 11:54 - 2016-07-16 06:36 - 000000000 ____D C:\Windows\CbsTemp
2020-08-28 16:10 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\rescache
2020-08-28 14:19 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\NDF
2020-08-28 13:36 - 2016-07-16 06:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-08-28 13:36 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\es-MX
2020-08-28 13:36 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-08-28 11:43 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\AppReadiness
2020-08-26 21:43 - 2016-07-16 17:38 - 000947854 _____ C:\Windows\system32\perfh00A.dat
2020-08-26 21:43 - 2016-07-16 17:38 - 000231076 _____ C:\Windows\system32\perfc00A.dat
2020-08-17 15:06 - 2016-07-16 06:45 - 000000000 ____D C:\Windows\INF
2020-08-16 15:57 - 2016-07-16 06:47 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-08-16 15:53 - 2016-07-16 06:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-16 15:53 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-08-16 15:51 - 2016-07-16 06:47 - 000000167 _____ C:\Windows\win.ini
2020-08-16 15:51 - 2016-07-16 06:47 - 000000000 ____D C:\ProgramData\USOPrivate
2020-08-16 15:51 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Common Files\System
2020-08-16 15:03 - 2016-07-16 06:49 - 000000000 ____D C:\Windows\Setup
2020-08-16 15:03 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-08-16 15:02 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\spool
2020-08-16 14:59 - 2016-07-16 01:04 - 000008192 _____ C:\Windows\system32\config\BBI
2020-08-16 14:59 - 2016-07-16 01:04 - 000000000 ____D C:\Windows\system32\Sysprep
==================== Archivos en la raíz de algunos directorios ========
2020-08-23 11:49 - 2016-07-16 06:44 - 000446976 _____ (Microsoft Corporation) C:\Users\Gianni\powershell.exe
2020-08-26 21:24 - 2020-08-26 21:24 - 000001031 _____ () C:\Users\Gianni\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
safeboot: Network => El sistema está configurado para iniciarse en Modo Seguro <==== ATENCIÓN
LastRegBack: 2020-08-26 15:18
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 29-08-2020
Ejecutado por Gianni (30-08-2020 12:33:37)
Ejecutado desde C:\Users\Gianni\Desktop
Windows 10 Enterprise 2016 LTSB Versión 1607 (X64) (2020-08-16 20:03:08)
Modo de Inicio: Safe Mode (with Networking)
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1859344977-3461123348-1976736232-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1859344977-3461123348-1976736232-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1859344977-3461123348-1976736232-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gianni (S-1-5-21-1859344977-3461123348-1976736232-1001 - Administrator - Enabled) => C:\Users\Gianni
Invitado (S-1-5-21-1859344977-3461123348-1976736232-501 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.6.2420 - Avast Software)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Discord (HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Mozilla Firefox 79.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 79.0 (x86 es-MX)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
MuseScore 3 (HKLM\...\{1D5EDD9A-B856-4088-B06B-BB7488ED0C5D}) (Version: 3.5.0.13199 - Werner Schweer and Others)
Opera Stable 70.0.3728.133 (HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\Opera 70.0.3728.133) (Version: 70.0.3728.133 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Roblox Player for Gianni (HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\roblox-player) (Version: - Roblox Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellServiceObjects: Sin Nombre -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} =>
ShellServiceObjects: Sin Nombre -> {900c0763-5cad-4a34-bc1f-40cd513679d5} =>
ShellServiceObjects-x32: Sin Nombre -> {900c0763-5cad-4a34-bc1f-40cd513679d5} =>
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-07-16 06:42 - 2016-07-16 06:42 - 000327680 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\System32\container.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\minios10.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{013EEE6A-B683-48B4-8C5B-21833E3610DB}] => (Allow) C:\Windows\[email protected] () [Archivo no firmado]
FirewallRules: [{ED158CAE-3EB1-427B-9D33-CB0109927CCE}] => (Allow) C:\Windows\[email protected] () [Archivo no firmado]
FirewallRules: [{813288C2-E04E-44A4-BD72-78B26F0D12A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DF308CD-6C07-4774-9723-CBF2A8A2FC26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{596B0742-DC9A-49EC-8154-60D403CBDF84}] => (Allow) C:\Users\Gianni\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => Ningún archivo
FirewallRules: [{B4522917-311B-4F40-83DC-B4C8A0F967FB}] => (Allow) C:\Users\Gianni\AppData\Local\Programs\Opera\69.0.3686.77\opera.exe => Ningún archivo
FirewallRules: [{A3E8B2CE-8B45-4E7E-9C8D-29789283E8F8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4D84B00-9F5D-431C-9255-08F7A6302E4D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7DB73B1-CB11-4AFD-A81C-85F03A0C4CDD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DF77536-247D-401D-88B0-ABB16410EEAA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5324B1FB-A8EB-408D-89CB-6D9516E08475}C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{CA2F6EF6-9B06-4EE0-A63A-5A0D0FD2DC08}C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{224CE85C-C106-4541-ABE5-F4705DC807CA}C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{6D9E31DE-DB3C-4059-98D2-3CE3EDEE3D2C}C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe (Opera Software AS -> Opera Software)
==================== Puntos de Restauración =========================
ATENCIÓN: Restaurar Sistema está deshabilitado (Total:62.98 GB) (Free:32.51 GB) (52%)
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (08/30/2020 12:04:57 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 12:04:38 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 11:32:00 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 11:22:08 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 11:21:52 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 11:21:35 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/29/2020 06:12:17 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/29/2020 05:50:15 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Errores del sistema:
=============
Error: (08/30/2020 12:34:11 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Error de DCOM "1084" al intentar iniciar el servicio EventSystem con argumentos "No disponible" para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Error: (08/30/2020 12:33:48 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (08/30/2020 12:33:37 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (08/30/2020 12:33:17 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (08/30/2020 12:32:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (08/30/2020 12:32:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (08/30/2020 12:32:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (08/30/2020 12:32:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "No disponible" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
CodeIntegrity:
===================================
Date: 2020-08-27 13:00:28.518
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\Gianni\AppData\Local\Programs\Opera\70.0.3728.106\opera.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-23 15:07:22.025
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\Gianni\AppData\Local\Programs\Opera\70.0.3728.106\opera.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:18:06.513
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:18:01.018
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:15:34.372
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:15:34.278
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: Intel Corp. TCIBX10H.86A.0037.2010.0614.1712 06/14/2010
Placa base: Intel Corporation DH55HC
Procesador: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
Porcentaje de memoria en uso: 44%
RAM física total: 1909.32 MB
RAM física disponible: 1062.09 MB
Virtual total: 3957.32 MB
Virtual disponible: 3204.95 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:62.98 GB) (Free:32.51 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
Drive d: (Documentos) (Fixed) (Total:402.28 GB) (Free:156.01 GB) NTFS
\\?\Volume{33f59ee4-0000-0000-0000-20bf0f000000}\ () (Fixed) (Total:0.49 GB) (Free:0.18 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 33F59EE4)
Partition 1: (Active) - (Size=63 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=502 MB) - (Type=27)
Partition 3: (Not Active) - (Size=402.3 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================No se ha indicado que el programa ló ejecutase en ningún momento en modo seguro.
Vuelve a ejecutarlo en modo normal y me pegas unos informes
Perdón por no contestar, se me fue el internet
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 03-09-2020
Ejecutado por Gianni (administrador) sobre DESKTOP-GB6GUJO (03-09-2020 21:20:52)
Ejecutado desde C:\Users\Gianni\Desktop
Perfiles cargados: Gianni
Platform: Windows 10 Enterprise 2016 LTSB Versión 1607 (X64) Idioma: Español (México)
Navegador predeterminado: Opera
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
() [Archivo no firmado] C:\Windows\[email protected]
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.3801_none_7ed07ae422175cd5\TiWorker.exe
(Opera Software AS -> Opera Software) C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe <3>
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [109160 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62636856 2020-08-17] (Discord Inc. -> Discord Inc.)
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;maps;otherusers;recovery;speech;windowsdefender;windowsinsider
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\Run: [Opera Browser Assistant] => C:\Users\Gianni\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3126296 2020-08-25] (Opera Software AS -> Opera Software)
IFEO\OSppSvc.exe: [Debugger] [email protected]
IFEO\SppExtComObj.exe: [Debugger] [email protected]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {03032536-7E5E-47C6-86FF-A9AEACB0B119} - System32\Tasks\Opera scheduled Autoupdate 1597615880 => C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-08-25] (Opera Software AS -> Opera Software)
Task: {077AEFA1-769B-4A20-94C4-699C648D4334} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-GB6GUJO-Gianni DESKTOP-GB6GUJO => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {855BE9BA-FFEE-474E-89E8-5EFF0108FCB2} - System32\Tasks\{2DC40187-7C85-4F33-9779-611EA0F2987D} => C:\Windows\system32\pcalua.exe -a C:\PaintToolSAI\uninst.exe -d C:\PaintToolSAI
Task: {88F27AAA-A4ED-4746-BB36-6EF518573C7C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1760360 2020-08-16] (Avast Software s.r.o. -> Avast Software)
Task: {90535E6D-F010-47CF-B8D7-3427C4D88175} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {911FC5F8-C6E6-4C7D-897F-B749493D448A} - System32\Tasks\Opera scheduled Autoupdate 1597609474 => C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-08-25] (Opera Software AS -> Opera Software)
Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {955C9F83-1A93-4BB3-985D-98940D10F623} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B24C2617-AB72-4548-B6D9-C084A70D49AB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [108752 2020-07-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {B9779B89-9459-4D51-8620-14A13F84E5C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFA028C8-BDDD-4118-BBBC-0E808767A9F1} - System32\Tasks\Opera scheduled assistant Autoupdate 1597615887 => C:\Users\Gianni\AppData\Local\Programs\Opera\launcher.exe [1529880 2020-08-25] (Opera Software AS -> Opera Software)
Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {F76DFFE4-F7C2-45C7-BD69-AA4558C48DEF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7B635D0-F2A2-435E-AD9C-4FEF2CB0822D} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [3810408 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3f9e4aea-28a4-4b54-9e2a-33a94abd5d46}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/1640637376194852/
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 9j98yw6d.default
FF ProfilePath: C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\9j98yw6d.default [2020-08-16]
FF ProfilePath: C:\Users\Gianni\AppData\Roaming\Mozilla\Firefox\Profiles\f3vbknlc.default-release [2020-08-16]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-08-17] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Notifications: hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.reddit.com
OPR Extension: (uBlock Origin) - C:\Users\Gianni\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-08-21]
OPR Extension: (Install Chrome Extensions) - C:\Users\Gianni\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-08-18]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7776160 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [353696 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 KMS-R@1n; C:\Windows\[email protected] [26112 2020-08-16] () [Archivo no firmado]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-08-16] (Malwarebytes Inc -> Malwarebytes)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37152 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205888 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [235592 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [195656 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60488 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16824 2020-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42776 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175200 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [515544 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109280 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84856 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851608 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466752 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [217336 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [323784 2020-08-16] (Avast Software s.r.o. -> AVAST Software)
R3 athur; C:\Windows\System32\drivers\athuw8x.sys [3744256 2012-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-08-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-09-03 21:19 - 2020-09-03 21:25 - 000016008 _____ C:\Users\Gianni\Desktop\FRST.txt
2020-09-03 21:15 - 2020-09-03 21:15 - 000000000 ____D C:\Users\Gianni\Desktop\FRST-OlderVersion
2020-08-30 12:32 - 2020-09-03 21:23 - 000000000 ____D C:\FRST
2020-08-30 12:31 - 2020-09-03 21:15 - 002299392 _____ (Farbar) C:\Users\Gianni\Desktop\FRST64.exe
2020-08-29 15:43 - 2020-08-29 15:43 - 000000000 ___HD C:\$GetCurrent
2020-08-29 13:12 - 2020-08-30 12:29 - 000000008 _____ C:\Users\Gianni\Desktop\18946.75.txt
2020-08-28 15:38 - 2020-08-28 15:38 - 000000000 ___HD C:\$SysReset
2020-08-28 15:30 - 2020-08-29 15:05 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2020-08-28 15:30 - 2020-08-28 15:30 - 006260552 _____ (Microsoft Corporation) C:\Users\Gianni\Downloads\Windows10Upgrade9252.exe
2020-08-28 15:30 - 2020-08-28 15:30 - 000000000 ____D C:\Windows10Upgrade
2020-08-28 15:26 - 2020-08-28 15:26 - 000000000 ___HD C:\$Windows.~WS
2020-08-28 15:26 - 2020-08-28 15:26 - 000000000 ____D C:\$WINDOWS.~BT
2020-08-28 14:07 - 2020-08-28 14:07 - 002483904 _____ (Intel) C:\Users\Gianni\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2020-08-28 13:18 - 2020-08-28 13:22 - 000000000 ____D C:\Windows\system32\MRT
2020-08-28 13:18 - 2020-08-28 13:18 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-08-28 12:04 - 2020-06-10 22:44 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-08-28 12:04 - 2020-06-10 22:37 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-08-28 11:32 - 2020-08-28 11:37 - 295969399 _____ C:\Users\Gianni\Downloads\McW10E 1.16.0 OFICIAL PARA 64 BITS + INFO IMPORTANTE.zip
2020-08-27 21:46 - 2020-08-27 21:50 - 000000000 ____D C:\Users\Gianni\Documents\---
2020-08-27 21:39 - 2020-08-27 21:39 - 000000000 ____D C:\Users\Gianni\AppData\Local\TechSmith
2020-08-27 21:37 - 2020-08-27 21:37 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\TechSmith
2020-08-27 21:35 - 2020-08-27 21:36 - 088618063 _____ C:\Users\Gianni\Downloads\reparar el JOYCON DRIFT (se mueve solo) ✔️ MUY FÁCIL - SOLUCIÓN DEFINITIVA para Nintendo SWITCH.mp4
2020-08-27 13:00 - 2020-08-27 13:00 - 000000000 ____D C:\Users\Gianni\AppData\Local\mbamtray
2020-08-26 21:37 - 2020-08-26 21:37 - 000000000 ____D C:\Users\Gianni\Documents\SYSTEMAX Software Development
2020-08-26 21:37 - 2018-02-02 14:50 - 000000000 ____D C:\Users\Gianni\Downloads\Paint Tool SAI 2.0 (32bit)
2020-08-26 21:35 - 2020-08-26 21:36 - 012329049 _____ C:\Users\Gianni\Downloads\Paint Tool SAI 2.0 (32bit).rar
2020-08-26 21:33 - 2020-08-26 21:33 - 000003252 _____ C:\Windows\system32\Tasks\{2DC40187-7C85-4F33-9779-611EA0F2987D}
2020-08-26 21:24 - 2020-08-26 21:24 - 000001031 _____ C:\Users\Gianni\AppData\Local\recently-used.xbel
2020-08-26 21:24 - 2020-08-26 21:24 - 000000000 ____D C:\Users\Gianni\AppData\Local\gtk-2.0
2020-08-26 21:21 - 2020-08-26 21:27 - 000000000 ____D C:\Users\Gianni\AppData\Local\babl-0.1
2020-08-26 21:21 - 2020-08-26 21:21 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\GIMP
2020-08-26 21:21 - 2020-08-26 21:21 - 000000000 ____D C:\Users\Gianni\AppData\Local\GIMP
2020-08-26 21:21 - 2020-08-26 21:21 - 000000000 ____D C:\Users\Gianni\AppData\Local\gegl-0.4
2020-08-26 12:12 - 2020-08-26 12:12 - 000411805 _____ C:\Users\Gianni\Downloads\ACTIVIDADES-FCyE-2DO-25-AGOST.pdf
2020-08-24 18:02 - 2020-08-24 18:02 - 000000000 ____D C:\Users\Gianni\AppData\Local\caida_libre
2020-08-24 18:00 - 2020-08-24 18:00 - 000000000 ____D C:\Users\Gianni\Documents\Custom Production Presets 8.0
2020-08-24 15:26 - 2020-08-24 15:26 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\SYSTEMAX Software Development
2020-08-24 15:26 - 2020-08-24 15:26 - 000000000 ____D C:\ProgramData\SYSTEMAX Software Development
2020-08-24 15:25 - 2020-08-24 15:25 - 002470900 _____ C:\Users\Gianni\Downloads\sai-1.2.5-ful-en.exe
2020-08-24 00:27 - 2020-08-24 00:27 - 000000000 ____D C:\Users\Gianni\AppData\Local\Microsoft_Corporation
2020-08-23 19:48 - 2020-08-23 19:48 - 000000000 ____D C:\Users\Gianni\Documents\MuseScore3
2020-08-23 19:43 - 2020-08-23 19:51 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\MuseScore
2020-08-23 19:43 - 2020-08-23 19:43 - 000000000 ____D C:\Users\Gianni\AppData\Local\MuseScore
2020-08-23 19:40 - 2020-08-23 19:40 - 000001089 _____ C:\Users\Gianni\Desktop\MuseScore 3.lnk
2020-08-23 19:39 - 2020-08-23 19:40 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 3
2020-08-23 19:39 - 2020-08-23 19:39 - 000000000 ____D C:\Program Files\MuseScore 3
2020-08-23 19:34 - 2020-08-23 19:37 - 110641152 _____ C:\Users\Gianni\Downloads\MuseScore-3.5.0-x86_64.msi
2020-08-23 14:43 - 2020-08-26 18:35 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\audacity
2020-08-23 14:43 - 2020-08-23 14:43 - 000000000 ____D C:\Users\Gianni\AppData\Local\Audacity
2020-08-23 14:42 - 2020-08-23 14:42 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2020-08-23 14:42 - 2020-08-23 14:42 - 000001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2020-08-23 14:41 - 2020-08-23 14:43 - 000000000 ____D C:\Program Files (x86)\Audacity
2020-08-23 14:41 - 2020-08-23 14:42 - 000000000 ____D C:\AdwCleaner
2020-08-23 14:40 - 2020-08-23 14:40 - 008414384 _____ (Malwarebytes) C:\Users\Gianni\Downloads\adwcleaner_8.0.7.exe
2020-08-23 14:39 - 2020-08-23 14:40 - 028141904 _____ (Audacity Team ) C:\Users\Gianni\Downloads\audacity-win-2.4.2.exe
2020-08-23 11:49 - 2016-07-16 06:44 - 000446976 _____ (Microsoft Corporation) C:\Users\Gianni\powershell.exe
2020-08-23 11:07 - 2020-08-23 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2020-08-23 11:07 - 2020-08-23 11:07 - 000000000 ____D C:\Program Files\Classic Shell
2020-08-22 14:43 - 2020-08-27 21:37 - 000000000 ____D C:\ProgramData\TechSmith
2020-08-22 13:51 - 2020-08-22 13:51 - 000000000 ____D C:\Windows\pss
2020-08-18 20:58 - 2020-08-28 20:00 - 000005324 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-GB6GUJO-Gianni DESKTOP-GB6GUJO
2020-08-17 13:59 - 2020-08-29 17:34 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\discord
2020-08-17 13:59 - 2020-08-17 13:59 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-08-17 13:58 - 2020-08-17 13:59 - 000000000 ____D C:\Users\Gianni\AppData\Local\Discord
2020-08-17 13:57 - 2020-08-17 13:57 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls
2020-08-17 13:56 - 2020-08-17 13:59 - 000000000 ____D C:\Users\Gianni\AppData\Local\SquirrelTemp
2020-08-17 13:40 - 2020-08-17 13:40 - 000000000 ____D C:\Users\Gianni\AppData\Local\EpicGamesLauncher
2020-08-17 13:40 - 2020-08-17 13:40 - 000000000 ____D C:\Users\Gianni\AppData\Local\CrashReportClient
2020-08-17 12:56 - 2020-08-17 12:56 - 000000000 ____D C:\Users\Gianni\AppData\LocalLow\Daedalic Entertainment GmbH
2020-08-17 12:56 - 2020-08-17 12:56 - 000000000 ____D C:\Users\Gianni\AppData\Local\Daedalic Entertainment GmbH
2020-08-17 12:42 - 2020-08-17 13:40 - 000000000 ____D C:\Program Files\Epic Games
2020-08-16 21:53 - 2020-08-16 21:53 - 000000000 ____D C:\Users\Gianni\AppData\Local\NetworkTiles
2020-08-16 21:09 - 2020-08-16 21:09 - 000000000 ____D C:\Users\Gianni\AppData\Local\Comms
2020-08-16 19:01 - 2020-08-17 17:28 - 000001426 _____ C:\Users\Gianni\Downloads\Roblox Player.lnk
2020-08-16 19:00 - 2020-08-28 22:57 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-08-16 19:00 - 2020-08-28 22:16 - 000001249 _____ C:\Users\Gianni\Downloads\Roblox Studio.lnk
2020-08-16 19:00 - 2020-08-18 12:39 - 000000000 ____D C:\Users\Gianni\AppData\Local\Roblox
2020-08-16 19:00 - 2020-08-18 12:36 - 000000253 _____ C:\Users\Gianni\AppData\LocalLow\rbxcsettings.rbx
2020-08-16 19:00 - 2020-08-16 19:00 - 001582648 _____ (Roblox Corporation) C:\Users\Gianni\Downloads\RobloxPlayerLauncher.exe
2020-08-16 18:07 - 2020-08-16 18:07 - 000000000 ____D C:\Users\Gianni\AppData\Local\SYSTEMAX Software Development
2020-08-16 17:58 - 2020-08-16 17:58 - 000000000 ____D C:\Users\Gianni\AppData\Local\ElevatedDiagnostics
2020-08-16 17:57 - 2020-09-03 21:11 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2020-08-16 17:39 - 2020-08-17 13:39 - 000000000 ____D C:\Windows\system32\appmgmt
2020-08-16 17:27 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-08-16 17:27 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-08-16 17:27 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-08-16 17:27 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2020-08-16 17:27 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2020-08-16 17:27 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-08-16 17:27 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-08-16 17:27 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-08-16 17:26 - 2020-08-16 17:26 - 000000000 ____D C:\ProgramData\Package Cache
2020-08-16 17:19 - 2020-08-16 17:19 - 000000000 ____D C:\Users\Gianni\AppData\Local\UnrealEngineLauncher
2020-08-16 17:18 - 2020-08-16 17:18 - 000000000 ____D C:\Users\Gianni\AppData\Local\UnrealEngine
2020-08-16 17:18 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-08-16 17:18 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-08-16 17:18 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2020-08-16 17:18 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2020-08-16 17:18 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-08-16 17:11 - 2020-08-29 00:45 - 000004222 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1597615880
2020-08-16 17:11 - 2020-08-29 00:45 - 000001412 _____ C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2020-08-16 17:11 - 2020-08-26 12:10 - 000004470 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1597615887
2020-08-16 17:05 - 2020-08-16 17:06 - 002309680 _____ (Opera Software) C:\Users\Gianni\Downloads\OperaSetup.exe
2020-08-16 16:49 - 2020-08-29 16:26 - 000000000 ____D C:\Users\Gianni\Desktop\Carpeta
2020-08-16 16:42 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\LocalLow\Adobe
2020-08-16 16:19 - 2020-08-16 16:19 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\WinRAR
2020-08-16 16:18 - 2020-08-16 16:18 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-08-16 16:18 - 2020-08-16 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-08-16 16:18 - 2020-08-16 16:18 - 000000000 ____D C:\Program Files\WinRAR
2020-08-16 16:17 - 2020-08-16 16:17 - 003340504 _____ (Alexander Roshal) C:\Users\Gianni\Downloads\winrar-x64-591es.exe
2020-08-16 16:08 - 2020-08-16 16:08 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Avast Software
2020-08-16 16:08 - 2020-08-16 16:08 - 000000000 ____D C:\Users\Gianni\AppData\Local\CEF
2020-08-16 16:07 - 2020-08-16 16:07 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-08-16 16:07 - 2020-08-16 16:07 - 000000000 ____D C:\Users\Gianni\AppData\Local\mbam
2020-08-16 16:06 - 2020-08-16 16:06 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-08-16 16:05 - 2020-08-27 13:00 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-08-16 16:05 - 2020-08-16 16:04 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-08-16 16:04 - 2020-08-16 16:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-08-16 16:03 - 2020-08-30 11:23 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-08-16 16:03 - 2020-08-24 22:04 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2020-08-16 16:03 - 2020-08-16 16:03 - 000851608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000515544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000466752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000335968 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-08-16 16:03 - 2020-08-16 16:03 - 000323784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000235592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000217336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000205888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000195656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000175200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000109280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000084856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000060488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000042776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000037152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000016824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2020-08-16 16:03 - 2020-08-16 16:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-08-16 16:03 - 2020-08-16 16:03 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-08-16 16:02 - 2020-08-24 22:04 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-08-16 16:01 - 2020-08-20 11:16 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-16 16:01 - 2020-08-16 16:54 - 000000000 ____D C:\Users\Gianni\Downloads\FORMATO
2020-08-16 16:01 - 2020-08-16 16:01 - 000000000 ____D C:\Program Files\Avast Software
2020-08-16 16:00 - 2020-09-03 21:24 - 000000000 ____D C:\ProgramData\Avast Software
2020-08-16 16:00 - 2020-08-16 16:42 - 000000000 ____D C:\ProgramData\Adobe
2020-08-16 16:00 - 2020-08-16 16:00 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-08-16 15:58 - 2020-08-28 15:28 - 000000000 ____D C:\Windows\Panther
2020-08-16 15:57 - 2020-08-16 16:44 - 000000000 ____D C:\Windows\AutoKMS
2020-08-16 15:57 - 2020-08-16 15:57 - 000008192 __RSH C:\BOOTSECT.BAK
2020-08-16 15:56 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\Local\Adobe
2020-08-16 15:56 - 2020-08-16 15:56 - 000000000 ____D C:\ProgramData\Microsoft Toolkit
2020-08-16 15:54 - 2020-08-16 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Windows\PCHEALTH
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-08-16 15:53 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2020-08-16 15:52 - 2020-08-16 15:53 - 000000000 ____D C:\Windows\SHELLNEW
2020-08-16 15:52 - 2020-08-16 15:52 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2020-08-16 15:52 - 2020-08-16 15:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-08-16 15:51 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files\Microsoft Office
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 __RHD C:\MSOCache
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 ____D C:\Users\Gianni\AppData\Local\Microsoft Help
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 ____D C:\ProgramData\USOShared
2020-08-16 15:51 - 2020-08-16 15:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-16 15:43 - 2020-08-16 15:43 - 000000000 ____D C:\Users\Gianni\AppData\Local\cloud
2020-08-16 15:41 - 1987-12-19 16:00 - 003404288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libcrypto-1_1-x64.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libcrypto-1_1.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001070232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\system32\libssl-1_1-x64.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000660120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\Windows\SysWOW64\libssl-1_1.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000466520 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000444328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000259736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000222360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000163480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000131728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000130712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx
2020-08-16 15:41 - 1987-12-19 16:00 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2020-08-16 15:41 - 1987-12-19 16:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL
2020-08-16 15:41 - 1987-12-19 16:00 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2020-08-16 15:34 - 2020-08-16 15:34 - 000000000 ____D C:\Program Files (x86)\Intel
2020-08-16 15:34 - 2020-08-16 15:34 - 000000000 ____D C:\Intel
2020-08-16 15:24 - 2020-08-24 22:04 - 000003618 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1597609474
2020-08-16 15:24 - 2020-08-16 17:11 - 000000000 ____D C:\Users\Gianni\AppData\Local\Opera Software
2020-08-16 15:24 - 2020-08-16 16:50 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Opera Software
2020-08-16 15:22 - 2020-08-16 15:22 - 000000000 ____D C:\Users\Gianni\.cache
2020-08-16 15:19 - 2020-08-16 17:06 - 000000000 ____D C:\Users\Gianni\AppData\LocalLow\Mozilla
2020-08-16 15:19 - 2020-08-16 15:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-08-16 15:19 - 2020-08-16 15:19 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Users\Gianni\AppData\Local\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\ProgramData\Mozilla
2020-08-16 15:19 - 2020-08-16 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-08-16 15:18 - 2020-08-16 15:18 - 000001051 _____ C:\Users\Gianni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Características opcionales.lnk
2020-08-16 15:18 - 2020-08-16 15:18 - 000000000 ____D C:\Windows\OCR
2020-08-16 15:17 - 2020-08-29 12:47 - 000004222 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EC9F4B18-C80B-4CB1-B054-420CE06636C2}
2020-08-16 15:14 - 2020-08-16 15:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-08-16 15:14 - 2020-08-16 15:14 - 000000000 ____D C:\Users\Gianni\AppData\Local\TP-Link
2020-08-16 15:07 - 2020-08-28 11:56 - 000000000 ____D C:\Users\Gianni\AppData\Local\mpress
2020-08-16 15:07 - 2020-08-16 15:07 - 000026112 _____ C:\Windows\[email protected]
2020-08-16 15:07 - 2020-08-16 15:07 - 000004096 _____ C:\Windows\[email protected]
2020-08-16 15:07 - 2020-08-16 15:07 - 000000000 ____D C:\Users\Gianni\AppData\Local\PeerDistRepub
2020-08-16 15:06 - 2020-09-03 21:11 - 000000000 ____D C:\Users\Gianni\AppData\Local\ClassicShell
2020-08-16 15:06 - 2020-08-16 15:06 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\ClassicShell
2020-08-16 15:04 - 2020-08-29 18:14 - 000000000 ____D C:\Users\Gianni
2020-08-16 15:04 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\Roaming\Adobe
2020-08-16 15:04 - 2020-08-16 16:42 - 000000000 ____D C:\Users\Gianni\AppData\Local\Packages
2020-08-16 15:04 - 2020-08-16 16:27 - 000000000 ____D C:\Users\Gianni\AppData\Local\ConnectedDevicesPlatform
2020-08-16 15:04 - 2020-08-16 15:04 - 000000020 ___SH C:\Users\Gianni\ntuser.ini
2020-08-16 15:04 - 2020-08-16 15:04 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-16 15:04 - 2020-08-16 15:04 - 000000000 ____D C:\Users\Gianni\AppData\Local\VirtualStore
2020-08-16 15:04 - 2020-08-16 15:04 - 000000000 ____D C:\Users\Gianni\AppData\Local\TileDataLayer
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\VirtualStore
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\TileDataLayer
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2020-08-16 15:03 - 2020-08-16 15:03 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\ConnectedDevicesPlatform
2020-08-16 15:02 - 2016-07-16 06:41 - 002716672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2020-08-16 15:00 - 2020-08-28 16:04 - 000000000 ____D C:\Users\defaultuser0
2020-08-16 15:00 - 2020-08-16 15:00 - 000000020 ___SH C:\Users\defaultuser0\ntuser.ini
2020-08-16 15:00 - 2017-08-10 12:06 - 000004187 _____ C:\Users\defaultuser0\Desktop\Leeme.htm
2020-08-16 14:59 - 2020-09-03 21:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-08-16 14:59 - 2020-08-26 21:43 - 002401988 _____ C:\Windows\system32\PerfStringBackup.INI
2020-08-16 14:59 - 2020-08-16 14:59 - 001532788 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-08-16 14:58 - 2020-08-30 11:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-08-16 14:58 - 2020-08-16 16:25 - 000341504 _____ C:\Windows\system32\FNTCACHE.DAT
2020-08-16 14:58 - 2020-08-16 14:58 - 000000000 ____D C:\Windows\ServiceProfiles
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-09-03 21:12 - 2016-07-16 01:04 - 000008192 _____ C:\Windows\system32\config\BBI
2020-08-30 11:54 - 2016-07-16 06:36 - 000000000 ____D C:\Windows\CbsTemp
2020-08-28 16:10 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\rescache
2020-08-28 14:19 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\NDF
2020-08-28 13:36 - 2016-07-16 06:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-08-28 13:36 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\es-MX
2020-08-28 13:36 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-08-28 11:43 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\AppReadiness
2020-08-26 21:43 - 2016-07-16 17:38 - 000947854 _____ C:\Windows\system32\perfh00A.dat
2020-08-26 21:43 - 2016-07-16 17:38 - 000231076 _____ C:\Windows\system32\perfc00A.dat
2020-08-17 15:06 - 2016-07-16 06:45 - 000000000 ____D C:\Windows\INF
2020-08-16 15:57 - 2016-07-16 06:47 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-08-16 15:53 - 2016-07-16 06:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-16 15:53 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-08-16 15:51 - 2016-07-16 06:47 - 000000167 _____ C:\Windows\win.ini
2020-08-16 15:51 - 2016-07-16 06:47 - 000000000 ____D C:\ProgramData\USOPrivate
2020-08-16 15:51 - 2016-07-16 06:47 - 000000000 ____D C:\Program Files\Common Files\System
2020-08-16 15:03 - 2016-07-16 06:49 - 000000000 ____D C:\Windows\Setup
2020-08-16 15:03 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-08-16 15:02 - 2016-07-16 06:47 - 000000000 ____D C:\Windows\system32\spool
2020-08-16 14:59 - 2016-07-16 01:04 - 000000000 ____D C:\Windows\system32\Sysprep
==================== Archivos en la raíz de algunos directorios ========
2020-08-23 11:49 - 2016-07-16 06:44 - 000446976 _____ (Microsoft Corporation) C:\Users\Gianni\powershell.exe
2020-08-26 21:24 - 2020-08-26 21:24 - 000001031 _____ () C:\Users\Gianni\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
LastRegBack: 2020-08-26 15:18
==================== Final de FRST.txt ========================Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 03-09-2020
Ejecutado por Gianni (03-09-2020 21:26:08)
Ejecutado desde C:\Users\Gianni\Desktop
Windows 10 Enterprise 2016 LTSB Versión 1607 (X64) (2020-08-16 20:03:08)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-1859344977-3461123348-1976736232-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1859344977-3461123348-1976736232-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1859344977-3461123348-1976736232-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gianni (S-1-5-21-1859344977-3461123348-1976736232-1001 - Administrator - Enabled) => C:\Users\Gianni
Invitado (S-1-5-21-1859344977-3461123348-1976736232-501 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.012.20043 - Adobe Systems Incorporated)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.6.2420 - Avast Software)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Discord (HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\Discord) (Version: 0.0.307 - Discord Inc.)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Mozilla Firefox 79.0 (x86 es-MX) (HKLM-x32\...\Mozilla Firefox 79.0 (x86 es-MX)) (Version: 79.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
MuseScore 3 (HKLM\...\{1D5EDD9A-B856-4088-B06B-BB7488ED0C5D}) (Version: 3.5.0.13199 - Werner Schweer and Others)
Opera Stable 70.0.3728.133 (HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\Opera 70.0.3728.133) (Version: 70.0.3728.133 - Opera Software)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Roblox Player for Gianni (HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\roblox-player) (Version: - Roblox Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellServiceObjects: Sin Nombre -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} =>
ShellServiceObjects: Sin Nombre -> {900c0763-5cad-4a34-bc1f-40cd513679d5} =>
ShellServiceObjects-x32: Sin Nombre -> {900c0763-5cad-4a34-bc1f-40cd513679d5} =>
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-08-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-08-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
==================== Módulos cargados (Lista blanca) =============
2018-07-15 13:15 - 2018-07-15 13:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2018-07-15 13:15 - 2018-07-15 13:15 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Windows\system32\StartMenuHelper64.dll
2016-07-16 06:42 - 2016-07-16 06:42 - 000327680 _____ (Microsoft Corporation) [Archivo no firmado] C:\Windows\System32\container.dll
==================== Alternate Data Streams (Lista blanca) ========
==================== Modo Seguro (Lista blanca) ==================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Hosts contenido: =========================
(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)
2016-07-16 06:47 - 2016-07-16 06:45 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\minios10.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{013EEE6A-B683-48B4-8C5B-21833E3610DB}] => (Allow) C:\Windows\[email protected] () [Archivo no firmado]
FirewallRules: [{ED158CAE-3EB1-427B-9D33-CB0109927CCE}] => (Allow) C:\Windows\[email protected] () [Archivo no firmado]
FirewallRules: [{813288C2-E04E-44A4-BD72-78B26F0D12A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DF308CD-6C07-4774-9723-CBF2A8A2FC26}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{596B0742-DC9A-49EC-8154-60D403CBDF84}] => (Allow) C:\Users\Gianni\AppData\Local\Programs\Opera\64.0.3417.73\opera.exe => Ningún archivo
FirewallRules: [{B4522917-311B-4F40-83DC-B4C8A0F967FB}] => (Allow) C:\Users\Gianni\AppData\Local\Programs\Opera\69.0.3686.77\opera.exe => Ningún archivo
FirewallRules: [{A3E8B2CE-8B45-4E7E-9C8D-29789283E8F8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4D84B00-9F5D-431C-9255-08F7A6302E4D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F7DB73B1-CB11-4AFD-A81C-85F03A0C4CDD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DF77536-247D-401D-88B0-ABB16410EEAA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{5324B1FB-A8EB-408D-89CB-6D9516E08475}C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{CA2F6EF6-9B06-4EE0-A63A-5A0D0FD2DC08}C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{224CE85C-C106-4541-ABE5-F4705DC807CA}C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{6D9E31DE-DB3C-4059-98D2-3CE3EDEE3D2C}C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe] => (Block) C:\users\gianni\appdata\local\programs\opera\70.0.3728.133\opera.exe (Opera Software AS -> Opera Software)
==================== Puntos de Restauración =========================
ATENCIÓN: Restaurar Sistema está deshabilitado (Total:62.98 GB) (Free:33.31 GB) (53%)
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (09/03/2020 09:14:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-GB6GUJO)
Description: No se pudo activar la aplicación windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel debido al error: -2147023170. Consulte el registro Microsoft-Windows-TWinUI/Operational para obtener más información.
Error: (09/03/2020 09:14:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-GB6GUJO)
Description: Se detuvo el paquete windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel porque se tardó demasiado en suspender.
Error: (09/03/2020 09:13:33 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (09/03/2020 09:13:30 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 12:04:57 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 12:04:38 PM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 11:32:00 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Error: (08/30/2020 11:22:08 AM) (Source: Software Protection Platform Service) (EventID: 8229) (User: )
Description: El motor de reglas no pudo realizar una o más acciones programadas.
Código del error:0x80070002
Ruta de acceso:<none>
Argumentos:<none>
Errores del sistema:
=============
Error: (09/03/2020 09:13:33 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: No se puede iniciar un servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Error
"2"
al iniciar este comando:
C:\Windows\system32\SppExtComObj.exe -Embedding
Error: (09/03/2020 09:13:33 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: No se puede iniciar un servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Error
"2"
al iniciar este comando:
C:\Windows\system32\SppExtComObj.exe -Embedding
Error: (09/03/2020 09:13:30 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: No se puede iniciar un servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Error
"2"
al iniciar este comando:
C:\Windows\system32\SppExtComObj.exe -Embedding
Error: (09/03/2020 09:13:30 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: No se puede iniciar un servidor DCOM: {3C296D07-90AE-4FAC-86F9-65EAA8B82D22}. Error
"2"
al iniciar este comando:
C:\Windows\system32\SppExtComObj.exe -Embedding
Error: (09/03/2020 09:12:34 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/03/2020 09:12:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (09/03/2020 09:12:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio dps con argumentos "No disponible" para ejecutar el servidor:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (09/03/2020 09:11:47 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GB6GUJO)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}
CodeIntegrity:
===================================
Date: 2020-08-27 13:00:28.518
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\Gianni\AppData\Local\Programs\Opera\70.0.3728.106\opera.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-23 15:07:22.025
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\Gianni\AppData\Local\Programs\Opera\70.0.3728.106\opera.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:18:06.513
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:18:01.018
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:15:34.372
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-08-16 16:15:34.278
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume1\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Información de la memoria ===========================
BIOS: Intel Corp. TCIBX10H.86A.0037.2010.0614.1712 06/14/2010
Placa base: Intel Corporation DH55HC
Procesador: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
Porcentaje de memoria en uso: 70%
RAM física total: 1909.32 MB
RAM física disponible: 566.85 MB
Virtual total: 3957.32 MB
Virtual disponible: 2218.56 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:62.98 GB) (Free:33.31 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
Drive d: (Documentos) (Fixed) (Total:402.28 GB) (Free:156.01 GB) NTFS
\\?\Volume{33f59ee4-0000-0000-0000-20bf0f000000}\ () (Fixed) (Total:0.49 GB) (Free:0.18 GB) NTFS
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 33F59EE4)
Partition 1: (Active) - (Size=63 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=502 MB) - (Type=27)
Partition 3: (Not Active) - (Size=402.3 GB) - (Type=07 NTFS)
==================== Final de Addition.txt =======================Perdón pero, ¿sigues leyendo los mensajes?
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente las casillas Registry Backup, las demás NO
-
Pulsar en Run.
Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
IFEO\OSppSvc.exe: [Debugger] [email protected]
IFEO\SppExtComObj.exe: [Debugger] [email protected]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
2020-08-26 21:33 - 2020-08-26 21:33 - 000003252 _____ C:\Windows\system32\Tasks\{2DC40187-7C85-4F33-9779-611EA0F2987D}
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Ejecutas Frst.exe.
-
Presionas el botón Corregir y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema
no encontré mucha diferencia, además de que no se guardo el archivo Fixlog.txt
Repite el fix y mira si esta vez queda el fixlog en el escritorio
Podrias subirme unas capturas del administrador de tareas donde se vena todos los procesos?
Usas el simbolo flecha arriba de tu respuesta y me adjuntas las capturas
Realiza las necesarias para ver todos los procesos.
Pero en estos sistemas como te dije, es muuuyyy dificil este tipo de problemas al no ser sistemas completos y modificados
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => no encontrado
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OSppSvc.exe => no encontrado
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe => no encontrado
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
dcpsvc => servicio no encontrado.
DiagTrack => servicio no encontrado.
C:\Windows\system32\Tasks\{2DC40187-7C85-4F33-9779-611EA0F2987D} => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1859344977-3461123348-1976736232-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 9 mientras los medios
est‚n desconectados.
Error al renovar la interfaz Wi-Fi : El nombre especificado en el bloque de control de red (NCB) est en uso en un adaptador remoto.
El NCB son los datos.
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
0 out of 0 jobs canceled.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6497495 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 331726038 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
Gianni => 2166496 B
RecycleBin => 91657278 B
EmptyTemp: => 412.1 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 13:34:48 ====Ok, ya no va al 100% afortunadamente y me gustaría agradecerle mucho por su ayuda, pero en realidad no se si ya se soluciono
Pues aparentemente todo normal
Para eliminar las herramientas usadas en la desinfección, realizas:
-
Descargas y Ejecutas >> Delfix, en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)
-
Marca solamente la casilla Remove Desinfection Tools
-
Pulsar en Run.
Se abrirá el informe (Delfix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.
Me alegro de haberte podido ayudar! 
TEMA SOLUCIONADO
1 me gusta