Virus que no se pueden eliminar

Hace algún tiempo que mi pc viene con mal funcionamiento de software, lo siento más lento de lo normal, en juegos una bajada tremenda de fps y rendimiento general, y ya que sospechaba de malware decidí hacerle un escaneo profundo y completo con malwarebytes y hasta con busca de rootkits, un escaneo que tardó unas 12 horas. Me hizo 20 detecciones, todas eliminadas correctamente, luego hice una limpieza con ccleaner, desfragmenté el disco, limpié los archivos %temp% hice varias cosas, la cuestión es que el sistema seguía lento a los proximos días, así que decidí hacerle otro escaneo completo usando otro antivirus como Nod Eset 32 y me detectó 17 cosas que malwarebytes no me detectaba pero cuando terminó el escaneo me saltó un mensaje que decía que no se pudieron eliminar todos los virus, quedando 9, osea decía 8 eliminadas de 17 detecciones no me dejaba hacer más, por ejemplo buscar o averiguar por qué, nada.

916×634 87.4 KB

Ya que esto me deja inquieto, que esos archivos infectados o virus estén ahí saliendose con la suya. También abrí cmd /scannow y me detectó archivos dañados pero que Windows no consiguió repararlos. Que podría hacer?

Hola @Exannger

Pon los reportes de Malwarebytes para revisarlo.

Un saludo

1137×661 53.2 KB

Analisis de virus Malwarebytes.txt (3,6 KB)

Ahí está.

Hola

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1 Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

2) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
• Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

3.- Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Pega los reportes.

¿Cómo pegar reportes en el foro?

Un saludo

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 27-05-2020 01

Ejecutado por Emanuel (administrador) sobre EMANUEL-PC (MSI MS-7788) (27-05-2020 20:40:54)

Ejecutado desde C:\Users\Emanuel\AppData\Local\Temp\scoped_dir4920_1155379533

Perfiles cargados: Emanuel

Platform: Windows 8.1 Pro (Update) (X64) Idioma: Español (España, internacional)

Navegador predeterminado: Opera

Modo de Inicio: Normal

Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe

(Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicStartMenu.exe

(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe

(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe

(Malwarebytes Inc -> Malwarebytes) C:\Users\Emanuel\AppData\Local\Temp\scoped_dir7696_1449007773\adwcleaner_8.0.5.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Mixbyte Inc -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe

(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>

(Opera Software AS -> Opera Software) C:\Users\Emanuel\AppData\Local\Programs\Opera\68.0.3618.125\opera.exe <17>

(Opera Software AS -> Opera Software) C:\Users\Emanuel\AppData\Local\Programs\Opera\68.0.3618.125\opera_crashreporter.exe

(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe

(Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-04-04] (ESET, spol. s r.o. -> ESET)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2019-11-01] (Razer USA Ltd. -> Razer Inc.)

HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)

HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\MountPoints2: E - "E:\Autorun.exe"

HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\MountPoints2: F - "F:\setup.exe"

GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02DF6BE2-C95C-4569-B62F-4DF79283C040} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1724928 2020-01-21] () [Archivo no firmado]

Task: {0853CB63-6D6E-47B9-9520-FB7C2EBF4D08} - System32\Tasks\Opera scheduled assistant Autoupdate 1582839430 => C:\Users\Emanuel\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-19] (Opera Software AS -> Opera Software)

Task: {1870E137-3F42-4A7A-B110-73532E1DB9CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)

Task: {26BBB00A-6931-4297-862D-9D702F64CA0D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {272ECC41-FB12-46A5-B629-E5BF2E66E3FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {32F805B1-3B88-4960-ABFE-E39FEF509819} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27393304 2019-09-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {33A2A5F9-B440-4077-B9F3-1A835490E4D0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {6C9FB434-66CA-4A33-8F06-550379150F55} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {75672706-B284-4A2F-928C-3E0CF66B38FE} - System32\Tasks\Opera scheduled Autoupdate 1581666733 => C:\Users\Emanuel\AppData\Local\Programs\Opera\launcher.exe [1517592 2020-05-19] (Opera Software AS -> Opera Software)

Task: {9FABC445-0957-4F75-BE0A-3FBB880DAC25} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {9FF48ED2-DE6A-4A2B-B44D-00F46353EBD7} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {A1AA5C3D-FDDA-4313-B89A-11C9CE656373} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {BADA9A34-5431-4157-9258-8FA6E2AF2A50} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27393304 2019-09-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {BE8099A8-C5DE-49F9-AFAB-E9D67C491C12} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {D8CB40EA-C019-43F6-A3C3-2CBCF554A4D7} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [Archivo no firmado]

Task: {DBD523C2-3195-4C3E-B972-8BA073A59845} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)

Task: {F3CF4238-53C1-435D-8A8B-E7AF224A04D1} - System32\Tasks\Opera GX scheduled Autoupdate 1581755836 => C:\Users\Emanuel\AppData\Local\Programs\Opera GX\launcher.exe [1459224 2020-05-20] (Opera Software AS -> Opera Software)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt

Tcpip\Parameters: [DhcpNameServer] 190.54.120.23 190.54.110.23

Tcpip\..\Interfaces\{3820F757-753C-482A-A74F-776C40C3A078}: [DhcpNameServer] 190.54.120.23 190.54.110.23

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

HKU\S-1-5-21-859929428-3570126794-4262803692-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-cl/?ocid=iehp

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation)

BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-23] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-20] (Microsoft Corporation -> Microsoft Corporation)

Opera:

=======

OPR Notifications: hxxps://web.skype.com

OPR Extension: (Unblock any site - Hola Free VPN) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2020-05-19]

OPR Extension: (MyJDownloader Browser Extension) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\fbclnkmbcmdfamfeaagadifibbongnmf [2020-04-19]

OPR Extension: (uBlock Origin) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2020-04-16]

OPR Extension: (Google Translate) - C:\Users\Emanuel\AppData\Roaming\Opera Software\Opera Stable\Extensions\mchdgimobfnilobnllpdnompfjkkfdmi [2020-05-22]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8413472 2020-02-19] (BattlEye Innovations e.K. -> )

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11588968 2019-09-29] (Microsoft Corporation -> Microsoft Corporation)

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-12-08] (Digital Wave Ltd -> Digital Wave Ltd.)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-02-15] (EasyAntiCheat Oy -> Epic Games, Inc)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)

R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-04-04] (ESET, spol. s r.o. -> ESET)

R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-06-18] (Mixbyte Inc -> Freemake)

R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [17792 2019-06-18] (Mixbyte Inc -> Ellora Assets Corp.)

R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)

S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-02-25] (Malwarebytes Inc -> Malwarebytes)

R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [874472 2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)

R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447080 2019-07-24] (Razer USA Ltd. -> Razer Inc.)

R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943240 2019-07-24] (Razer USA Ltd. -> Razer Inc.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13255184 2020-05-19] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

S3 WsDrvInst; C:\Program Files (x86)\Wondershare\UniConverter\Transfer\DriverInstall.exe [111344 2020-02-10] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc -> Bluestack System Inc.)

R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154336 2020-04-04] (ESET, spol. s r.o. -> ESET)

S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)

R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188872 2020-04-04] (ESET, spol. s r.o. -> ESET)

S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-11-29] (ESET, spol. s r.o. -> ESET)

S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-11-29] (ESET, spol. s r.o. -> ESET)

R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115960 2020-04-04] (ESET, spol. s r.o. -> ESET)

S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)

R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-08-16] (Intel(R) Smart Connect software -> )

R3 MEIx64; C:\WINDOWS\System32\drivers\HECIx64.sys [62784 2012-07-12] (Intel Corporation -> Intel Corporation)

R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)

R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [61016 2020-03-05] (Insecure.Com LLC -> Insecure.Com LLC.)

R3 NVVADARM; C:\WINDOWS\system32\drivers\nvvadarm.sys [47528 2020-04-12] (NVIDIA Corporation -> NVIDIA Corporation)

R3 RTL8168; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [890112 2015-05-19] (Realtek Semiconductor Corp -> Realtek)

R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-22] (Razer USA Ltd. -> Razer Inc)

R1 TTDrv; C:\KOPLAYER\vbox\TTDrv.sys [298280 2017-04-05] (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]

S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]

S0 edevmon; system32\DRIVERS\edevmon.sys [X]

U4 npcap_wifi; no ImagePath

S3 NPF; system32\drivers\NPF.sys [X]

S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-27 20:39 - 2020-05-27 20:39 - 002288128 _____ (Farbar) C:\Users\Emanuel\Downloads\FRST64.exe

2020-05-27 20:37 - 2020-05-27 20:37 - 000058488 _____ C:\Users\Emanuel\Documents\cc_20200527_203738.reg

2020-05-27 20:30 - 2020-05-27 20:30 - 000002769 _____ C:\Users\Emanuel\Desktop\AdwCleaner[S14].txt

2020-05-27 20:22 - 2020-05-27 20:22 - 008402608 _____ (Malwarebytes) C:\Users\Emanuel\Desktop\adwcleaner_8.0.5.exe

2020-05-27 20:20 - 2020-05-27 20:20 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Skype

2020-05-27 19:03 - 2020-05-27 19:03 - 000003639 _____ C:\Users\Emanuel\Downloads\Analisis de virus Malwarebytes.txt

2020-05-27 19:00 - 2020-05-27 19:00 - 000003639 _____ C:\Users\Emanuel\Desktop\Analisis de virus Malwarebytes.txt

2020-05-27 18:58 - 2020-05-27 18:58 - 000003639 _____ C:\Users\Emanuel\Desktop\virus.txt

2020-05-27 07:37 - 2020-05-27 07:37 - 001524651 _____ C:\Users\Emanuel\Downloads\17560564-a176-496f-8e3e-fdbff2acb456.mp4

2020-05-27 04:38 - 2020-05-27 04:41 - 223885824 _____ C:\Users\Emanuel\Downloads\DgmnTmrs39.mp4

2020-05-27 04:34 - 2020-05-27 04:37 - 223866281 _____ C:\Users\Emanuel\Downloads\DgmnTmrs41.mp4

2020-05-27 04:25 - 2020-05-27 04:28 - 223944853 _____ C:\Users\Emanuel\Downloads\DgmnTmrs40.mp4

2020-05-27 03:59 - 2020-05-27 04:03 - 000001083 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk

2020-05-27 03:59 - 2020-05-27 03:59 - 000000936 _____ C:\Users\Emanuel\Desktop\4K Video Downloader.lnk

2020-05-27 03:57 - 2020-05-27 03:57 - 082283538 _____ C:\Users\Emanuel\Downloads\4K Video Downloader 4.12.1.3580 + Patch Full Version.rar

2020-05-27 03:57 - 2020-05-27 03:57 - 000000000 ____D C:\Users\Emanuel\Downloads\4K Video Downloader 4.12.1.3580 + Patch Full Version

2020-05-27 03:54 - 2020-05-27 03:54 - 000000000 ____D C:\Users\Emanuel\AppData\Local\4kdownload.com

2020-05-27 03:52 - 2020-05-27 03:59 - 000000000 ____D C:\Program Files\4KDownload

2020-05-27 03:49 - 2020-05-27 03:50 - 000000000 ____D C:\Users\Emanuel\Downloads\4K Video Downloader 4 12 [x64] [www pclifetutoriales com]

2020-05-27 03:45 - 2020-05-27 03:45 - 009044744 _____ C:\Users\Emanuel\Downloads\Caravan Palace - Lone Digger.mp4

2020-05-27 03:40 - 2020-05-27 03:40 - 009044744 _____ C:\Users\Emanuel\Downloads\b66f3fa1-3a0b-44b8-b00d-c5c951a3b942.mp4

2020-05-27 03:33 - 2020-05-27 03:38 - 000000000 ____D C:\Users\Emanuel\Downloads\Caravan Palace - Lone Digger

2020-05-27 01:04 - 2020-05-27 01:04 - 000449731 _____ C:\Users\Emanuel\Downloads\Analisis de virus Eset nod32.txt

2020-05-26 23:32 - 2020-05-26 23:49 - 000000000 ____D C:\Users\Emanuel\Downloads\The 100 (GDryfiHD) 7x1 Sub

2020-05-26 23:12 - 2020-05-26 23:12 - 000000000 _____ C:\Users\Emanuel\Desktop\Nuevo documento de texto.txt

2020-05-26 23:09 - 2020-05-26 23:09 - 000449731 _____ C:\Users\Emanuel\Desktop\Analisis de virus Eset nod32.txt

2020-05-24 05:12 - 2020-05-26 23:09 - 000000000 ____D C:\Users\Emanuel\Desktop\Axkon

2020-05-22 01:42 - 2020-05-22 01:44 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Black Dragon

2020-05-22 01:42 - 2020-05-22 01:43 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\BlackDragon

2020-05-22 00:20 - 2020-05-22 00:20 - 000155110 _____ C:\Users\Emanuel\Downloads\PayPal_ Transaction Details.pdf

2020-05-21 18:35 - 2020-05-26 21:08 - 000001832 _____ C:\Users\Emanuel\Desktop\Alchemy Beta x64.lnk

2020-05-21 18:35 - 2020-05-25 23:08 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Alchemy64

2020-05-21 18:35 - 2020-05-21 18:36 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Alchemy

2020-05-21 18:28 - 2020-05-21 18:28 - 000000000 ____D C:\Program Files\Black Dragon

2020-05-21 18:26 - 2020-05-21 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alchemy Beta

2020-05-21 18:23 - 2020-05-21 18:26 - 000000000 ____D C:\Program Files\AlchemyBeta

2020-05-18 18:26 - 2020-05-18 18:26 - 000039443 _____ C:\Users\Emanuel\Downloads\cartola_19418532_2020-05-18-182549.pdf

2020-05-18 17:27 - 2020-05-18 17:27 - 005469142 _____ C:\Users\Emanuel\Downloads\RE4.psd

2020-05-18 03:16 - 2020-05-18 03:16 - 000061928 _____ C:\Users\Emanuel\Downloads\biohazard___resident_evil_game_font_version_8_00_by_snakeyboy_d8mxy8d (1).otf

2020-05-18 03:15 - 2020-05-18 03:15 - 000061928 _____ C:\Users\Emanuel\Downloads\biohazard___resident_evil_game_font_version_8_00_by_snakeyboy_d8mxy8d.otf

2020-05-18 01:33 - 2020-05-18 01:33 - 000000000 _____ C:\WINDOWS\system32\command

2020-05-18 00:59 - 2020-05-18 00:59 - 079297521 _____ C:\Users\Emanuel\Downloads\Microsoft.MinecraftUWP_1.14.6005.0_arm__8wekyb3d8bbwe.Appx

2020-05-18 00:59 - 2020-05-18 00:59 - 000000000 ____D C:\Users\Emanuel\Documents\Minecraft bedrock

2020-05-18 00:58 - 2020-05-18 00:58 - 000234049 _____ C:\Users\Emanuel\Downloads\Microsoft.MinecraftUWP_1.14.6005.0_x64__8wekyb3d8bbwe.BlockMap

2020-05-18 00:51 - 2020-05-18 00:51 - 022775631 _____ C:\Users\Emanuel\Downloads\bedrock-server-1.14.60.5.zip

2020-05-18 00:49 - 2020-05-18 00:50 - 179290553 _____ C:\Users\Emanuel\Downloads\MinecraftWin10 1.6.0.14 APPX By CryperXxx.Appx

2020-05-18 00:43 - 2020-05-18 00:44 - 000000000 ____D C:\Users\Emanuel\Documents\Fiddler2

2020-05-18 00:43 - 2020-05-18 00:43 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Progress_Software_Corpora

2020-05-18 00:42 - 2020-05-18 00:42 - 000002281 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler ScriptEditor.lnk

2020-05-18 00:42 - 2020-05-18 00:42 - 000002141 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiddler 4.lnk

2020-05-18 00:39 - 2020-05-18 00:39 - 000142719 _____ C:\Users\Emanuel\Downloads\More-Arbitration-Terms-for-Microsoft-Store.pdf

2020-05-18 00:39 - 2020-05-18 00:39 - 000142719 _____ C:\Users\Emanuel\Downloads\More-Arbitration-Terms-for-Microsoft-Store (1).pdf

2020-05-18 00:23 - 2020-05-18 00:23 - 000000000 ____D C:\Users\Emanuel\Documents\Minecraft-1.14.60.5

2020-05-18 00:19 - 2020-05-18 00:22 - 185561523 _____ C:\Users\Emanuel\Desktop\Minecraft-1.14.60.5.rar

2020-05-18 00:15 - 2020-05-18 00:16 - 000000000 ____D C:\Users\Emanuel\Documents\MCLauncher

2020-05-18 00:12 - 2020-05-18 00:12 - 000291808 _____ C:\Users\Emanuel\Documents\MCLauncher.zip

2020-05-16 18:49 - 2020-05-16 18:49 - 029266435 _____ C:\Users\Emanuel\Downloads\MineDungeons.zip

2020-05-16 18:44 - 2020-05-16 18:47 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\.minecraft_dungeons

2020-05-16 18:44 - 2020-05-16 18:45 - 000000000 ____D C:\Program Files (x86)\Minecraft Dungeons Launcher

2020-05-16 18:44 - 2020-05-16 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Dungeons Launcher

2020-05-15 21:59 - 2020-05-16 20:00 - 000032768 _____ C:\Users\Public\Documents\crash_dump.bin

2020-05-15 21:59 - 2020-05-16 20:00 - 000032768 _____ C:\ProgramData\Documents\crash_dump.bin

2020-05-15 02:14 - 2020-05-15 02:14 - 000297529 _____ C:\Users\Emanuel\Downloads\B0RD3RL4NDS3.torrent

2020-05-14 23:19 - 2020-05-14 23:19 - 008348946 _____ C:\Users\Emanuel\Downloads\Drael (1).zip

2020-05-14 18:59 - 2020-05-14 18:59 - 000002703 _____ C:\Users\Emanuel\Downloads\btdadventuretime.CT

2020-05-14 01:07 - 2020-05-14 01:07 - 000304763 _____ C:\Users\Emanuel\Downloads\MonkeyCity-Win.CT

2020-05-14 00:15 - 2020-05-14 00:15 - 000000000 ____D C:\Users\Emanuel\Documents\My Cheat Tables

2020-05-14 00:15 - 2020-05-14 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.1

2020-05-14 00:14 - 2020-05-17 05:20 - 000000000 ____D C:\Program Files\Cheat Engine 7.1

2020-05-13 16:20 - 2020-05-15 23:35 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\WeMod

2020-05-13 16:20 - 2020-05-13 16:20 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod

2020-05-13 16:20 - 2020-05-13 16:20 - 000000000 ____D C:\Users\Emanuel\AppData\Local\WeMod

2020-05-13 16:19 - 2020-05-13 16:19 - 000096888 _____ (WeMod LLC) C:\Users\Emanuel\Downloads\Borderlands The Pre-Sequel Trainer.exe

2020-05-13 01:04 - 2020-05-13 03:34 - 000000000 ____D C:\Users\Emanuel\AppData\LocalLow\IGDump

2020-05-12 16:55 - 2020-05-12 16:55 - 000000000 ____D C:\Users\Emanuel\AppData\LocalLow\Unity

2020-05-12 16:55 - 2020-05-12 16:55 - 000000000 ____D C:\Users\Emanuel\AppData\LocalLow\Ninja Kiwi

2020-05-12 15:06 - 2020-04-29 23:49 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll

2020-05-12 15:06 - 2020-04-29 23:22 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe

2020-05-12 15:06 - 2020-04-29 23:19 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll

2020-05-12 15:06 - 2020-04-29 22:55 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2020-05-12 15:06 - 2020-04-29 22:43 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2020-05-12 15:06 - 2020-04-29 22:40 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll

2020-05-12 15:06 - 2020-04-29 22:37 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll

2020-05-12 15:06 - 2020-04-29 22:33 - 001096704 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2020-05-12 15:06 - 2020-04-16 02:04 - 022365896 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2020-05-12 15:06 - 2020-04-16 02:04 - 003118032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2020-05-12 15:06 - 2020-04-16 02:04 - 001368592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll

2020-05-12 15:06 - 2020-04-16 02:04 - 000722496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2020-05-12 15:06 - 2020-04-16 02:04 - 000642488 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2020-05-12 15:06 - 2020-04-16 02:00 - 000374024 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2020-05-12 15:06 - 2020-04-16 01:15 - 025755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2020-05-12 15:06 - 2020-04-16 00:30 - 019795840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2020-05-12 15:06 - 2020-04-16 00:29 - 000561400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2020-05-12 15:06 - 2020-04-16 00:29 - 000493736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2020-05-12 15:06 - 2020-04-16 00:25 - 000316368 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2020-05-12 15:06 - 2020-04-15 23:40 - 002911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2020-05-12 15:06 - 2020-04-15 23:38 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2020-05-12 15:06 - 2020-04-15 23:31 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2020-05-12 15:06 - 2020-04-15 23:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll

2020-05-12 15:06 - 2020-04-15 23:28 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll

2020-05-12 15:06 - 2020-04-15 23:27 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2020-05-12 15:06 - 2020-04-15 23:27 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2020-05-12 15:06 - 2020-04-15 23:25 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll

2020-05-12 15:06 - 2020-04-15 23:14 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2020-05-12 15:06 - 2020-04-15 23:11 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2020-05-12 15:06 - 2020-04-15 23:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll

2020-05-12 15:06 - 2020-04-15 23:06 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2020-05-12 15:06 - 2020-04-15 23:05 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll

2020-05-12 15:06 - 2020-04-15 23:04 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2020-05-12 15:06 - 2020-04-15 23:03 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll

2020-05-12 15:06 - 2020-04-15 22:59 - 001994240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2020-05-12 15:06 - 2020-04-15 22:59 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2020-05-12 15:06 - 2020-04-15 22:54 - 015478272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2020-05-12 15:06 - 2020-04-15 22:53 - 003258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2020-05-12 15:06 - 2020-04-15 22:53 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2020-05-12 15:06 - 2020-04-15 22:51 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2020-05-12 15:06 - 2020-04-15 22:50 - 001384960 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2020-05-12 15:06 - 2020-04-15 22:49 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll

2020-05-12 15:06 - 2020-04-15 22:49 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2020-05-12 15:06 - 2020-04-15 22:48 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2020-05-12 15:06 - 2020-04-15 22:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2020-05-12 15:06 - 2020-04-15 22:41 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2020-05-12 15:06 - 2020-04-15 22:41 - 002471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2020-05-12 15:06 - 2020-04-15 22:40 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

2020-05-12 15:06 - 2020-04-15 22:39 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2020-05-12 15:06 - 2020-04-15 22:39 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2020-05-12 15:06 - 2020-04-15 22:38 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2020-05-12 15:06 - 2020-04-15 22:38 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2020-05-12 15:06 - 2020-04-15 22:37 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2020-05-12 15:06 - 2020-04-15 22:35 - 013861376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2020-05-12 15:06 - 2020-04-15 22:35 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll

2020-05-12 15:06 - 2020-04-15 22:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2020-05-12 15:06 - 2020-04-15 22:30 - 014533632 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2020-05-12 15:06 - 2020-04-15 22:28 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll

2020-05-12 15:06 - 2020-04-15 22:27 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2020-05-12 15:06 - 2020-04-15 22:26 - 012880384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2020-05-12 15:06 - 2020-04-15 22:26 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2020-05-12 15:06 - 2020-04-15 22:26 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2020-05-12 15:06 - 2020-04-15 22:24 - 007799296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2020-05-12 15:06 - 2020-04-15 22:23 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll

2020-05-12 15:06 - 2020-04-15 22:22 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll

2020-05-12 15:06 - 2020-04-15 22:20 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2020-05-12 15:06 - 2020-04-15 22:20 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll

2020-05-12 15:06 - 2020-04-15 22:19 - 001265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2020-05-12 15:06 - 2020-04-15 22:18 - 005271552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2020-05-12 15:06 - 2020-04-15 22:16 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2020-05-12 15:06 - 2020-04-15 22:15 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2020-05-12 15:06 - 2020-04-15 22:15 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2020-05-12 15:06 - 2020-04-15 22:14 - 001727488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll

2020-05-12 15:06 - 2020-04-15 22:11 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll

2020-05-12 15:06 - 2020-04-15 22:11 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2020-05-12 15:06 - 2020-04-15 22:11 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2020-05-12 15:06 - 2020-04-15 22:07 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2020-05-12 15:06 - 2020-04-15 22:05 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2020-05-12 15:06 - 2020-04-14 03:33 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll

2020-05-12 15:06 - 2020-04-14 03:03 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll

2020-05-12 15:06 - 2020-04-11 14:42 - 007362296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2020-05-12 15:06 - 2020-04-11 14:41 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys

2020-05-12 15:06 - 2020-04-11 14:39 - 001542696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2020-05-12 15:06 - 2020-04-11 14:29 - 001737720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2020-05-12 15:06 - 2020-04-11 13:31 - 001501096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2020-05-12 15:06 - 2020-04-11 13:04 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2020-05-12 15:06 - 2020-04-11 12:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll

2020-05-12 15:06 - 2020-04-11 12:22 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll

2020-05-12 15:06 - 2020-04-11 11:55 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2020-05-12 15:06 - 2020-04-11 11:53 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2020-05-12 15:06 - 2020-04-11 11:48 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2020-05-12 15:06 - 2020-04-11 11:47 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2020-05-12 15:06 - 2020-04-11 11:23 - 001317888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2020-05-12 15:06 - 2020-04-11 11:22 - 001103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2020-05-12 15:06 - 2020-04-10 20:12 - 002446576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2020-05-12 15:06 - 2020-04-10 20:12 - 000428784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2020-05-12 15:06 - 2020-04-09 09:36 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2020-05-12 15:06 - 2020-04-07 15:30 - 000988472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2020-05-12 15:06 - 2020-04-07 15:28 - 000857320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2020-05-12 15:06 - 2020-04-07 09:55 - 003330048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2020-05-12 15:06 - 2020-04-07 09:51 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2020-05-12 15:06 - 2020-04-04 12:06 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll

2020-05-12 15:06 - 2020-04-04 12:01 - 001572864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe

2020-05-12 15:06 - 2020-04-04 11:50 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll

2020-05-10 20:26 - 2020-05-10 20:26 - 000094024 _____ C:\Users\Emanuel\Downloads\1-vivaldi-bold_[allfont.es] (1).ttf

2020-05-10 20:25 - 2020-05-10 20:25 - 000040392 _____ C:\Users\Emanuel\Downloads\oleo-script.zip

2020-05-10 20:14 - 2020-05-10 20:14 - 000210764 _____ C:\Users\Emanuel\Downloads\BalladeContour.zip

2020-05-10 19:49 - 2020-05-10 19:49 - 000094024 _____ C:\Users\Emanuel\Downloads\1-vivaldi-bold_[allfont.es].ttf

2020-05-10 19:47 - 2020-05-10 19:47 - 000065112 _____ C:\Users\Emanuel\Downloads\Pristina LET Plain.zip

2020-05-10 19:47 - 2020-05-10 19:47 - 000050990 _____ C:\Users\Emanuel\Downloads\Pristina Plain.zip

2020-05-10 19:35 - 2020-05-10 19:35 - 000032608 _____ C:\Users\Emanuel\Downloads\OnlineWebFonts_COM_0b8812c1c0ba55f784e0e30d1cdecc2b.zip

2020-05-10 19:19 - 2020-05-10 19:19 - 000014752 _____ C:\Users\Emanuel\Downloads\John Snow-FontZillion.zip

2020-05-10 17:49 - 2020-05-10 17:49 - 000001402 _____ C:\Users\Emanuel\Downloads\untrusted.cer

2020-05-10 02:42 - 2020-05-10 02:42 - 001774041 _____ C:\Users\Emanuel\Downloads\Eiga Doraemon 2017.mp4

2020-05-10 00:00 - 2020-05-10 00:04 - 026478269 _____ C:\Users\Emanuel\Documents\madoka1.wmv

2020-05-09 23:53 - 2020-05-09 23:57 - 026273579 _____ C:\Users\Emanuel\Documents\madoka.wmv

2020-05-09 22:10 - 2020-05-09 22:10 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\MAGIX Computer Products Intl. Co

2020-05-09 20:03 - 2020-05-09 20:04 - 085386118 _____ C:\Users\Emanuel\Downloads\Archive-2b1b.zip

2020-05-09 19:46 - 2020-05-09 19:46 - 000076218 _____ C:\Users\Emanuel\Documents\cc_20200509_194600.reg

2020-05-09 19:39 - 2020-05-09 19:39 - 000000000 ____D C:\Users\Emanuel\AppData\Local\VS Revo Group

2020-05-09 19:39 - 2020-05-09 19:39 - 000000000 ____D C:\ProgramData\VS Revo Group

2020-05-09 19:39 - 2020-05-09 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro

2020-05-09 19:39 - 2020-05-09 19:39 - 000000000 ____D C:\Program Files\VS Revo Group

2020-05-09 19:39 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys

2020-05-09 07:22 - 2020-05-12 15:12 - 000003160 _____ C:\WINDOWS\ZAM.krnl.trace

2020-05-09 07:22 - 2020-05-12 15:12 - 000000000 ____D C:\Users\Emanuel\AppData\Local\AMSDK

2020-05-09 07:20 - 2020-05-09 19:31 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

2020-05-09 07:20 - 2020-05-09 07:20 - 000000000 ____D C:\Users\Emanuel\AppData\Local\PrivacyGuardian

2020-05-09 07:16 - 2020-05-09 07:17 - 028887125 _____ C:\Users\Emanuel\Downloads\SMUD20004+C{_Tonic}.rar

2020-05-09 05:36 - 2020-05-09 05:37 - 077889838 _____ C:\Users\Emanuel\Downloads\facebook-album-3702461296386.zip

2020-05-09 04:29 - 2020-05-09 04:29 - 000225866 _____ C:\Users\Emanuel\Downloads\SF-Cartoonist-Hand.zip

2020-05-09 03:46 - 2020-05-09 03:47 - 239023681 _____ C:\Users\Emanuel\Downloads\Win_OSC_4.87.zip

2020-05-09 03:46 - 2020-05-09 03:46 - 001847888 _____ C:\Users\Emanuel\Downloads\LG HD.zip

2020-05-09 02:29 - 2020-05-09 02:29 - 000000000 ____D C:\Program Files (x86)\Windows Kits

2020-05-09 02:28 - 2020-05-09 02:28 - 000000000 ____D C:\Program Files (x86)\Microsoft SDKs

2020-05-08 17:24 - 2020-05-08 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigiFlix LLC

2020-05-08 17:22 - 2020-05-08 17:25 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\DigiFlix LLC

2020-05-08 17:01 - 2020-05-18 16:31 - 000533824 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2020-05-08 03:42 - 2020-05-08 03:42 - 008352267 _____ C:\Users\Emanuel\Downloads\EBONIX_SincerelyasimmerMohawk.rar

2020-05-08 03:41 - 2020-05-08 03:41 - 009385261 _____ C:\Users\Emanuel\Downloads\JoshHair_Mathcope.package

2020-05-07 17:55 - 2020-05-07 17:55 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Ashampoo

2020-05-07 17:51 - 2020-05-07 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo

2020-05-07 17:51 - 2020-05-07 18:01 - 000000000 ____D C:\ProgramData\Ashampoo

2020-05-07 17:51 - 2020-05-07 18:01 - 000000000 ____D C:\Program Files (x86)\Ashampoo

2020-05-07 17:50 - 2020-05-26 21:42 - 000000000 ____D C:\Users\Emanuel\Downloads\Ashampoo win optimizer 17 2019

2020-05-07 03:17 - 2020-05-07 03:17 - 000005964 _____ C:\Users\Emanuel\Downloads\nick-downloader-master.zip

2020-05-06 22:14 - 2020-03-06 23:18 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2020-05-06 22:09 - 2020-04-12 18:09 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe

2020-05-06 22:09 - 2020-04-12 18:09 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2020-05-06 22:09 - 2020-04-12 18:08 - 132262800 _____ (NVIDIA Corp.) C:\WINDOWS\system32\nvoptix.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 030669552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtum64.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 011945880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 010286488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe

2020-05-06 22:09 - 2020-04-12 18:08 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe

2020-05-06 22:09 - 2020-04-12 18:08 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 000446352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 000420248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 000342760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll

2020-05-06 22:09 - 2020-04-12 18:08 - 000047528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys

2020-05-06 22:09 - 2020-04-12 18:07 - 040450448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 031024032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 029695720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 026343656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl32.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 023052688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2020-05-06 22:09 - 2020-04-12 18:07 - 002071784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 001565072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 001483176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444587.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 001482128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 001350560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 001141480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 001048296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000949152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000625384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000544160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000516832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000471272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000427424 _____ C:\WINDOWS\system32\nvofapi64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000378768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000181152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000168856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdlistx.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000165264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000158096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000145832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvdlist.dll

2020-05-06 22:09 - 2020-04-12 18:07 - 000143080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 040556456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler64.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 035418352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler32.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 017600240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 015159208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 005448616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 004863896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 001722280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444587.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 000633752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcbl64.dll

2020-05-06 22:09 - 2020-04-12 18:06 - 000126872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll

2020-05-06 22:09 - 2020-04-12 15:06 - 035464872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2020-05-06 22:09 - 2020-04-12 15:06 - 022226656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2020-05-06 22:09 - 2020-04-12 15:05 - 018526608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2020-05-06 21:15 - 2020-05-06 21:28 - 000000000 ____D C:\Users\Emanuel\Downloads\Pack WickedWhimsAnimacion v1 2020

2020-05-06 21:09 - 2020-05-06 21:10 - 055249125 _____ C:\Users\Emanuel\Downloads\JS - WickedWhimsMod v155 ESP.rar

2020-05-04 17:48 - 2020-05-22 17:44 - 000000000 ____D C:\Users\Emanuel\Downloads\MEmu Download

2020-05-03 22:02 - 2020-05-03 22:02 - 000382630 _____ C:\Users\Emanuel\Downloads\3dgifmaker11.webm

2020-05-03 21:59 - 2020-05-03 21:59 - 000179722 _____ C:\Users\Emanuel\Downloads\3dgifmaker28.webm

2020-05-03 06:54 - 2020-05-03 06:56 - 005512191 _____ C:\Users\Emanuel\Documents\81036875_843336739434610_7967561743108931584_n.psd

2020-05-03 02:55 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll

2020-05-03 02:55 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll

2020-05-03 02:55 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll

2020-05-03 02:55 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll

2020-05-03 02:55 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll

2020-05-03 01:03 - 2020-05-03 01:03 - 000114653 _____ C:\Users\Emanuel\Downloads\Call of Duty Advanced Warfare - Destron (1).rar

2020-05-03 00:58 - 2020-05-03 00:58 - 000069186 _____ C:\Users\Emanuel\Downloads\Call.of.Duty.Advanced.Warfare.elamigos-games.com.torrent

2020-05-03 00:55 - 2020-05-03 00:55 - 000127506 _____ C:\Users\Emanuel\Downloads\Call-Of-Duty-Advanced-Warfare-[MULTI6][PROPHET]-(Torrent).torrent

2020-05-03 00:54 - 2020-05-03 00:54 - 000127506 _____ C:\Users\Emanuel\Downloads\ADVANCEWARFARE (1).torrent

2020-05-03 00:48 - 2020-05-03 00:48 - 000409904 _____ (MiPony ) C:\Users\Emanuel\Downloads\Mipony-Installer.exe

2020-05-03 00:31 - 2020-05-03 00:31 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Steam

2020-05-02 05:16 - 2020-05-02 05:16 - 000127506 _____ C:\Users\Emanuel\Downloads\ADVANCEWARFARE.torrent

2020-05-02 03:55 - 2020-05-02 03:55 - 000017065 _____ C:\Users\Emanuel\Downloads\Crash Team Racing Nitro-Fueled [NSP].torrent

2020-05-02 03:51 - 2020-05-04 17:45 - 000000000 ____D C:\Users\Emanuel\Documents\Juegos Yuzu

2020-05-02 03:47 - 2020-05-02 05:03 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\yuzu

2020-05-02 03:33 - 2020-05-02 04:57 - 000002177 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yuzu.lnk

2020-05-02 03:33 - 2020-05-02 03:47 - 000000000 ____D C:\Users\Emanuel\AppData\Local\yuzu

2020-05-02 03:33 - 2020-05-02 03:33 - 000001506 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\yuzu Maintenance Tool.lnk

2020-05-01 21:52 - 2020-05-01 21:52 - 004059201 _____ C:\Users\Emanuel\Downloads\Avve player pro by Mr Editx.zip

2020-05-01 21:48 - 2020-05-01 21:48 - 008629431 _____ C:\Users\Emanuel\Downloads\Installer2.apk

2020-05-01 06:06 - 2020-05-01 06:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KOPLAYER

2020-05-01 06:03 - 2020-05-01 06:07 - 000000000 ____D C:\KOPLAYER

2020-05-01 06:03 - 2020-05-01 06:03 - 000000000 ____D C:\Users\Emanuel\AppData\Local\KOPLAYERData

2020-05-01 05:58 - 2020-05-04 02:38 - 000000954 _____ C:\Users\Emanuel\Desktop\MEmu.lnk

2020-05-01 05:58 - 2020-05-01 05:58 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu

2020-05-01 05:57 - 2020-05-22 16:54 - 000000000 ____D C:\Users\Emanuel\.MemuHyperv

2020-05-01 05:57 - 2019-09-21 04:10 - 000319192 _____ (Maiwei Corporation) C:\WINDOWS\system32\Drivers\MEmuDrv.sys

2020-05-01 05:55 - 2020-05-01 05:57 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Microvirt

2020-05-01 05:55 - 2020-05-01 05:57 - 000000000 ____D C:\Program Files\Microvirt

2020-05-01 05:49 - 2020-05-01 05:49 - 024864401 _____ C:\Users\Emanuel\Downloads\aptoide-latest.apk

2020-05-01 05:29 - 2020-05-01 05:29 - 000000000 ____D C:\Users\Emanuel\AppData\Local\BSTweaker

2020-05-01 05:27 - 2020-05-01 05:57 - 000000000 ____D C:\Users\Emanuel\.android

2020-05-01 04:56 - 2020-05-01 04:56 - 000003872 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper

2020-04-30 19:34 - 2020-04-30 19:34 - 000103397 _____ C:\Users\Emanuel\Downloads\https_lh4.googleusercontent.com_OjqPuLYVyF8a-RPpQI8wZu_fbdXRAxR-C-QviwkTLPDS32bSZIxZCL-6HpMw1200-h630-p

2020-04-30 19:23 - 2020-04-30 19:23 - 050610734 _____ C:\Users\Emanuel\Downloads\GSNAXT (1).rar

2020-04-29 04:47 - 2020-04-29 04:47 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Plugin.VegasOfxStitch

2020-04-28 19:34 - 2020-04-28 21:08 - 000000000 ____D C:\Users\Emanuel\Documents\Stickers telegram

2020-04-28 19:28 - 2020-04-28 19:28 - 000001599 _____ C:\Users\Emanuel\Downloads\dd31722dbb30d2ca2b7a55d21e69cfed-462ff0b72fedbd95fcb9b864cf6c3f7e88503aaa.zip

2020-04-28 17:17 - 2020-05-27 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-27 20:41 - 2019-12-23 17:11 - 000000000 ____D C:\FRST

2020-05-27 20:36 - 2020-03-18 13:58 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\TeamViewer

2020-05-27 20:36 - 2020-02-23 01:32 - 000000000 ____D C:\Users\Emanuel\AppData\Local\LogMeIn Hamachi

2020-05-27 20:36 - 2020-02-14 21:22 - 000000000 ____D C:\Users\Emanuel\AppData\Local\CrashDumps

2020-05-27 20:36 - 2020-02-14 17:48 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\MPC-HC

2020-05-27 20:36 - 2020-02-14 16:12 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\BitTorrent

2020-05-27 20:36 - 2020-02-14 05:30 - 000000000 ____D C:\Program Files (x86)\Steam

2020-05-27 20:36 - 2013-08-22 09:36 - 000000000 ____D C:\WINDOWS\Inf

2020-05-27 20:33 - 2020-02-14 05:18 - 000000000 ____D C:\Users\Emanuel\AppData\Local\ClassicShell

2020-05-27 20:32 - 2020-03-21 17:41 - 000000000 ____D C:\Users\Emanuel\Downloads\opera autoupdate

2020-05-27 20:32 - 2020-02-14 03:41 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-859929428-3570126794-4262803692-1001

2020-05-27 20:27 - 2020-03-18 13:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2020-05-27 20:27 - 2020-02-13 21:22 - 000000000 ____D C:\ProgramData\NVIDIA

2020-05-27 20:27 - 2013-08-22 10:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2020-05-27 19:48 - 2020-02-15 22:17 - 005353984 ___SH C:\Users\Emanuel\Desktop\Thumbs.db

2020-05-27 18:36 - 2020-02-15 10:50 - 000000000 ____D C:\Users\Emanuel\opera autoupdate

2020-05-27 18:35 - 2020-02-14 03:50 - 000003994 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A4434FFC-A781-45F2-824E-EB3087C4EC63}

2020-05-27 07:44 - 2020-03-09 19:58 - 000891904 ___SH C:\Users\Emanuel\Documents\Thumbs.db

2020-05-27 07:37 - 2020-02-18 15:49 - 002718208 ___SH C:\Users\Emanuel\Downloads\Thumbs.db

2020-05-27 04:03 - 2020-02-18 02:06 - 000000000 ____D C:\Users\Emanuel\AppData\Local\JDownloader 2.0

2020-05-26 23:41 - 2020-02-20 02:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData

2020-05-26 23:41 - 2020-02-20 02:42 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData

2020-05-26 19:06 - 2020-03-24 05:13 - 000000000 ____D C:\Users\Emanuel\Documents\ZClient

2020-05-26 07:06 - 2013-08-22 09:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI

2020-05-26 03:11 - 2020-03-09 19:37 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Firestorm_x64

2020-05-25 00:35 - 2020-02-14 05:16 - 000000000 ____D C:\Users\Emanuel\Desktop\txt

2020-05-22 16:19 - 2020-02-14 03:52 - 000004090 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1581666733

2020-05-22 16:19 - 2020-02-14 03:52 - 000001380 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk

2020-05-21 18:25 - 2020-02-14 06:29 - 000000000 ____D C:\ProgramData\Package Cache

2020-05-21 18:05 - 2020-02-15 04:37 - 000004096 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1581755836

2020-05-21 18:05 - 2020-02-15 04:37 - 000001409 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera GX.lnk

2020-05-20 22:13 - 2020-02-16 04:27 - 000000000 ____D C:\ProgramData\temp

2020-05-20 21:43 - 2020-02-14 00:26 - 000000000 ____D C:\Users\Emanuel\Documents\My Games

2020-05-20 21:43 - 2018-07-07 21:14 - 000000000 ____D C:\Games

2020-05-19 14:44 - 2020-02-27 17:37 - 000004320 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582839430

2020-05-19 06:11 - 2020-02-14 03:35 - 000000000 ____D C:\Users\Emanuel

2020-05-18 01:44 - 2020-04-14 20:25 - 000000000 ____D C:\WINDOWS\Zeng22

2020-05-18 00:02 - 2019-09-29 18:14 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\.minecraft

2020-05-16 19:01 - 2020-02-14 17:58 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Discord

2020-05-15 21:23 - 2020-02-15 05:29 - 000000000 ____D C:\Users\Emanuel\AppData\Local\UnrealEngine

2020-05-13 16:20 - 2020-02-14 17:58 - 000000000 ____D C:\Users\Emanuel\AppData\Local\SquirrelTemp

2020-05-13 06:33 - 2013-08-22 11:36 - 000000000 ____D C:\WINDOWS\rescache

2020-05-13 06:30 - 2013-08-22 11:20 - 000000000 ____D C:\WINDOWS\CbsTemp

2020-05-13 01:01 - 2020-02-14 22:10 - 000000000 ____D C:\Users\Emanuel\Desktop\Software

2020-05-12 22:26 - 2020-02-15 05:51 - 000000000 ____D C:\WINDOWS\system32\MRT

2020-05-12 22:26 - 2013-08-22 11:36 - 000000000 ___RD C:\WINDOWS\ToastData

2020-05-12 22:23 - 2020-02-15 05:51 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2020-05-12 16:53 - 2020-02-14 05:41 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2020-05-11 05:58 - 2020-02-25 17:57 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2020-05-10 07:07 - 2020-02-20 03:09 - 000000000 ____D C:\Users\Emanuel\Documents\Camtasia Studio

2020-05-10 00:11 - 2020-02-20 02:52 - 000003182 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-859929428-3570126794-4262803692-1001

2020-05-10 00:11 - 2020-02-20 02:52 - 000002378 _____ C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk

2020-05-10 00:05 - 2020-04-19 01:59 - 000000000 ____D C:\Users\Emanuel\Documents\Vegas Pro documentos

2020-05-09 20:18 - 2020-02-14 04:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2020-05-09 07:22 - 2020-02-14 03:35 - 000000000 ____D C:\Users\Emanuel\AppData\Local\Packages

2020-05-09 07:01 - 2019-09-15 17:44 - 000000000 ____D C:\Users\Emanuel\Documents\Microsoft Word

2020-05-08 17:39 - 2020-03-22 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeGrabApp

2020-05-08 17:39 - 2020-03-22 16:57 - 000000000 ____D C:\Program Files (x86)\FreeGrabApp

2020-05-08 17:27 - 2020-03-22 15:11 - 000000000 ____D C:\Program Files (x86)\DigiFlix LLC

2020-05-08 17:11 - 2020-02-16 03:37 - 000000000 ____D C:\Users\Emanuel\AppData\Local\NVIDIA

2020-05-07 18:20 - 2020-02-14 21:47 - 000000000 ____D C:\Users\Emanuel\AppData\LocalLow\Temp

2020-05-07 18:20 - 2020-02-13 21:20 - 000000000 ___DC C:\WINDOWS\Panther

2020-05-06 22:14 - 2018-07-30 14:46 - 000000000 ____D C:\temp

2020-05-06 22:13 - 2020-03-24 04:58 - 000000000 ____D C:\ProgramData\Origin

2020-05-06 22:11 - 2020-02-14 19:48 - 000000000 ____D C:\Users\Emanuel\AppData\Local\NVIDIA Corporation

2020-05-06 22:11 - 2020-02-13 21:22 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2020-05-06 22:11 - 2020-02-13 21:22 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2020-05-06 22:11 - 2020-02-13 21:22 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2020-05-03 07:00 - 2020-03-11 19:36 - 000000000 ____D C:\Users\Emanuel\Documents\JoyToKey

2020-05-01 05:30 - 2020-04-18 03:51 - 000006267 _____ C:\Users\Emanuel\-1.14-windows.xml

2020-04-30 16:52 - 2020-02-20 14:21 - 000000000 ____D C:\Users\Emanuel\.Loquendo

2020-04-30 00:24 - 2014-11-20 22:06 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2020-04-29 04:47 - 2020-04-19 01:04 - 000000000 ____D C:\ProgramData\VEGAS Pro

2020-04-29 04:46 - 2020-04-19 01:07 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\VEGAS Pro

2020-04-29 04:39 - 2020-04-19 01:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2020-04-29 04:38 - 2020-04-19 00:38 - 000000000 ____D C:\ProgramData\VEGAS
2020-04-29 04:38 - 2020-04-19 00:38 - 000000000 ____D C:\Program Files\VEGAS
2020-04-29 04:38 - 2020-04-19 00:36 - 000000000 ____D C:\Users\Emanuel\AppData\Roaming\Sony
2020-04-27 00:31 - 2019-09-15 17:44 - 000000000 ____D C:\Users\Emanuel\Documents\Eidrae Corregida

==================== Archivos en la raíz de algunos directorios ========

2020-05-01 06:02 - 2020-05-01 06:02 - 632751817 _____ (                                                            ) C:\Program Files (x86)\Common Files\KoPlayer.exe
2007-10-04 11:00 - 2007-10-04 11:00 - 000003134 __RSH () C:\Program Files (x86)\Common Files\Logo.ico
2020-02-23 02:05 - 2020-02-23 02:05 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-10084.log
2020-03-02 13:51 - 2020-03-02 13:51 - 000080239 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-10659.log
2020-03-08 20:23 - 2020-03-08 20:23 - 000076215 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-10974.log
2020-02-22 21:40 - 2020-02-22 21:40 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-10991.log
2020-03-08 20:25 - 2020-03-08 20:25 - 000076215 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-11265.log
2020-03-03 14:51 - 2020-03-03 14:51 - 000078859 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12610.log
2020-03-03 14:52 - 2020-03-03 14:52 - 000078859 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-12724.log
2020-03-01 01:53 - 2020-03-01 01:53 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-13901.log
2020-03-20 19:45 - 2020-03-20 19:45 - 000077015 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-14102.log
2020-03-02 21:28 - 2020-03-02 21:28 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-14681.log
2020-02-22 19:17 - 2020-02-22 19:17 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-15682.log
2020-02-23 11:11 - 2020-02-23 11:11 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-16005.log
2020-03-01 19:43 - 2020-03-01 19:43 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-16998.log
2020-03-01 21:40 - 2020-03-01 21:40 - 000133000 _____ () C:\Users\Emanuel\AppData\Roaming\TNod-17181.log
2020-04-18 19:19 - 2020-04-22 19:21 - 000001456 _____ () C:\Users\Emanuel\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2020-02-20 23:51 - 2020-02-20 23:51 - 000000000 _____ () C:\Users\Emanuel\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2020-05-21 18:10
==================== Final de FRST.txt ========================

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 27-05-2020 01
Ejecutado por Emanuel (27-05-2020 20:43:43)
Ejecutado desde C:\Users\Emanuel\AppData\Local\Temp\scoped_dir4920_1155379533
Windows 8.1 Pro (Update) (X64) (2020-02-14 07:35:23)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-859929428-3570126794-4262803692-500 - Administrator - Disabled)
Emanuel (S-1-5-21-859929428-3570126794-4262803692-1001 - Administrator - Enabled) => C:\Users\Emanuel
HomeGroupUser$ (S-1-5-21-859929428-3570126794-4262803692-1003 - Limited - Enabled)
Invitado (S-1-5-21-859929428-3570126794-4262803692-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

4K Video Downloader 4.12 (HKLM\...\{DBF237B5-BF8F-4B74-A74E-659578B819DE}) (Version: 4.12.1.3580 - Open Media LLC)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Aegisub 3.1.0 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.1.0 - Aegisub Team)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Alchemy Beta x64 (HKLM\...\AlchemyBeta) (Version: 6.3.6.46699 - Alchemy Development Group)
Ashampoo WinOptimizer 18 (HKLM-x32\...\{4209F371-3AF1-5998-2DFB-FC430324C91A}_is1) (Version: 18.00.10 - Ashampoo GmbH & Co. KG)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\BitTorrent) (Version: 7.10.5.45416 - BitTorrent Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.190.0.5002 - BlueStack Systems, Inc.)
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Cheat Engine 7.1 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Discord (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
En Masse Launcher (HKLM-x32\...\{5d5e6f2b-6c03-4f96-8cd7-c16318764bc8}_is1) (Version: 1.3.1 - En Masse Entertainment)
Epic Games Launcher (HKLM-x32\...\{9E53E30C-33FB-4784-BB0F-186178764ED8}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.1.21.0 - ESET, spol. s r.o.)
Firestorm-Releasex64 (HKLM\...\Firestorm-Releasex64) (Version: 6.3.2.58052 - The Phoenix Firestorm Project, Inc.)
FlixGrab+ (HKLM-x32\...\FlixGrab%2B_is1) (Version: 1.6.6.702 - DigiFlix LLC)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Netflix Download (HKLM-x32\...\Free Netflix Download_is1) (Version: 5.0.10.418 - FreeGrabApp Ltd)
Free Netflix Downloader (HKLM-x32\...\Free Netflix Downloader_is1) (Version: 1.0.6.1206 - Digital Wave Ltd)
Freemake Video Converter versión 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Graphics Rules Maker (HKLM-x32\...\Graphics Rules Maker) (Version: 1.1.0 - SimsNetwork.com)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JoyToKey version 6.3 (HKLM-x32\...\{EBF21C82-423E-49FD-BCBD-88C08397CB44}_is1) (Version: 6.3 - JTK software)
K-Lite Codec Pack 15.3.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.3.5 - KLCP)
KOPLAYER Pro version: 2.0.0 (HKLM\...\KOPLAYER_is1) (Version:  - KOPLAYER Team)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Loquendo TTS 7 Carlos Multimedia High Quality (HKLM-x32\...\{CCB512D7-4500-4E5F-A2EA-26D512E4B2BF}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Carmen Multimedia High Quality (HKLM-x32\...\{08E73A78-70C4-4168-BB68-98B6D7A9001F}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 Engine Full Distribution (HKLM-x32\...\{16096EE7-3343-4835-B9AF-C63492BD89B3}) (Version: 7.5.0 - Loquendo)
Loquendo TTS 7 Jorge Multimedia High Quality (HKLM-x32\...\{22BF5757-B409-4936-B711-959FE897BD4A}) (Version: 7.3.0 - Loquendo)
Loquendo TTS 7 SDK Distribution (HKLM-x32\...\{30139AC2-AB19-4AEA-865F-2154240D851F}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Soledad Multimedia High Quality (HKLM-x32\...\{5A073D9F-DC37-4581-BD40-A88EEAB5048D}) (Version: 7.3.1 - Loquendo)
Loquendo TTS 7 Spanish (HKLM-x32\...\{02B7FE27-CF87-4380-B57B-9D7A543B1674}) (Version: 7.4.0 - Loquendo)
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Los Sims™ 3 ¡Menuda familia! (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Los Sims™ 3 Criaturas Sobrenaturales (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Los Sims™ 3 Salto a la fama (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Los Sims™ 3 Triunfadores (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Los Sims™ 3 versión 1.0 (HKLM-x32\...\{807C3E62-986A-4228-969E-03DA77DA7C07}_is1) (Version: 1.0 - )
Los Sims™ 3 Y Las Cuatro Estaciones (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.62.67.1020 - Electronic Arts Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 7.1.6.0 - Microvirt Software Technology Co. Ltd.)
Microsoft .NET Framework 4.7.2 SDK (HKLM-x32\...\{F42C96C1-746B-442A-B58C-9F0FD5F3AB8A}) (Version: 4.7.03081 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 Targeting Pack (ENU) (HKLM-x32\...\{B517DBD3-B542-4FC8-9957-FFB2C3E65D1D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Volume - es-es) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.50727.4053 (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.50727.42 (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) 8.0.50727.762 (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.8 (HKLM\...\{D04659D1-EB2D-3DE5-A833-837A623CCCF7}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30411.0 (HKLM\...\{D93AC9C8-B6CF-391E-BD2F-48AF4727476C}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.1 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.8 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411.0 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{5c75eda4-d029-43bf-a70b-a73d380f52ee}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft Dungeons Launcher (HKLM-x32\...\{17B8EBFC-13C9-4929-9883-C5C20C680524}) (Version: 1.0.0.0 - Mojang)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
MKVToolNix 5.3.0 (HKLM-x32\...\MKVToolNix) (Version: 5.3.0 - Moritz Bunkus)
Node.js (HKLM\...\{05ACA7F2-F29C-48B3-BBD7-A8F361EBC697}) (Version: 13.8.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.4 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9988 - Nmap Project)
NVIDIA Audio virtual de Miracast 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 445.87 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.87 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Opera GX Stable 68.0.3618.129 (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\Opera GX 68.0.3618.129) (Version: 68.0.3618.129 - Opera Software)
Opera Stable 68.0.3618.125 (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\Opera 68.0.3618.125) (Version: 68.0.3618.125 - Opera Software)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Panel de control de NVIDIA 445.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 445.87 - NVIDIA Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.6 - Power Software Ltd)
Progress Telerik Fiddler (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\Fiddler2) (Version: 5.0.20202.18177 - Progress Software Corporation)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.10 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.3.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.1 - VS Revo Group, Ltd.)
Sims 4 Studio (HKLM-x32\...\{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 3.1.3.2 - Sims 4 Studio)
Sims 4 Tray Importer (S4TI) 1.10.04.3 (HKLM-x32\...\{8665A9CC-9652-4F31-907A-DE2E7A8E8E97}_is1) (Version: 1.10.04.3 - TeameeVo)
Skype versión 8.60 (HKLM-x32\...\Skype_is1) (Version: 8.60 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.5.6 - TeamViewer)
TERA Online (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\EME_GAME_tera) (Version:  - Krafton)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.1 - Electronic Arts)
VEGAS Pro 16.0 (HKLM\...\{0ABBD080-A716-11E8-974B-00155D6302F2}) (Version: 16.0.261 - VEGAS)
VEGAS Pro 17.0 (HKLM\...\{136DF38F-4A0B-11EA-B2A2-00155D6302F2}) (Version: 17.0.421 - VEGAS)
WeMod (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\WeMod) (Version: 6.3.10 - WeMod)
WinDirStat 1.1.2 (HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\WinDirStat) (Version:  - )
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.1.3) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.1.3 - Wondershare Software)
ZLOrigin (HKLM-x32\...\ZLOrigin_is1) (Version: ZLOrigin - ZLOFENIX)

Packages:
=========
Juegos -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2020-02-28] (Microsoft Corporation) [MS Ad]
MSN Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]
Música -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2020-02-15] (Skype) [MS Ad]
Vídeo -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2020-02-15] (Microsoft Corporation) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-01-29] (Notepad++ -> )
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-04-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-02-09] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2011-10-22] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2011-10-22] (Beepa P/L) [Archivo no firmado]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2020-02-14 17:48 - 2019-08-25 08:01 - 000358912 _____ () [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\libunarr-ics.dll
2020-02-14 17:48 - 2019-08-25 08:01 - 009847808 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\avcodec-ics-58.dll
2020-02-14 17:48 - 2019-08-25 08:01 - 001259520 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\avformat-ics-58.dll
2020-02-14 17:48 - 2019-08-25 08:01 - 000643584 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\avutil-ics-56.dll
2020-02-14 17:48 - 2019-08-25 08:01 - 000548864 _____ (FFmpeg Project) [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\swscale-ics-5.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2018-07-15 12:15 - 2018-07-15 12:15 - 003664696 _____ (Ivaylo Beltchev -> IvoSoft) [Archivo no firmado] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2020-02-14 17:48 - 2019-08-25 09:54 - 000353792 _____ (Tabibito Technology) [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosCache.dll
2020-02-14 17:48 - 2019-08-25 09:55 - 000374272 _____ (Tabibito Technology) [Archivo no firmado] C:\Program Files (x86)\K-Lite Codec Pack\Icaros\64-bit\IcarosThumbnailProvider.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Emanuel\ntuser.ini:NTV [8974]
AlternateDataStreams: C:\Users\Emanuel\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [223]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2013-08-22 09:25 - 2020-05-08 17:40 - 000001086 ____R C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 activation.easeus.com 
0.0.0.0 track.easeus.com 
0.0.0.0 easeus.com 
0.0.0.0 update.easeus.com 
0.0.0.0 activation.easeus.com 
0.0.0.0 track.easeus.com 
0.0.0.0 easeus.com 
0.0.0.0 update.easeus.com 
127.0.0.1       licensing.flixgrab.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\nodejs\;C:\Users\Emanuel\AppData\Roaming\npm;C:\Program Files (x86)\MKVToolNix
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Emanuel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 190.54.120.23 - 190.54.110.23
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled) 
Ethernet 2: Npcap Packet Driver (NPCAP) -> insecure_npcap (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{1FAE87AC-92F6-4B95-87C2-B827C8EE88CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AE899554-2B68-476A-AF8B-7465850F031C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{403EB683-9F9B-46FC-BCB3-F825209BE6E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F5DCE619-B3D0-4DD6-970A-2809CFD45574}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6E0E6132-4ACE-4424-8F95-0CC8C2EEE0B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\launcher.exe (En Masse Entertainment -> Solid State Networks)
FirewallRules: [{EB404B95-89B4-437A-A4A3-38A11F048B34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TERA\launcher.exe (En Masse Entertainment -> Solid State Networks)
FirewallRules: [{DF1C9D50-84BD-4252-BB2C-18E0085D97FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Archivo no firmado]
FirewallRules: [{448A646D-AC2B-4440-AF28-4773BBE50F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe () [Archivo no firmado]
FirewallRules: [{41AE4182-D1AA-4610-BF66-3DBB91462437}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Archivo no firmado]
FirewallRules: [{6DED6C30-EDE5-45DD-9E99-BC34E6E30D00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForestVR.exe () [Archivo no firmado]
FirewallRules: [{AB87F63C-F369-4253-B84E-ED5B21005420}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF62F385-F2F7-4D42-B4BE-7967ACAA3F97}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B1A47114-12D2-41F3-B87A-9957F8EF16E9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CE61721B-D495-43F7-9A8D-3C4F5BCFD7B3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{420BA61A-10F1-4396-B525-50BB9ED314A1}] => (Allow) LPort=8318
FirewallRules: [{0F627A88-19B7-49AF-AA11-FDF242AFA69D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F2101832-8E6C-4D09-96D8-2F70A1C57844}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Archivo no firmado]
FirewallRules: [{412484DE-6C1A-4C59-8899-D143AB2F4F12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Archivo no firmado]
FirewallRules: [TCP Query User{7E828B36-C434-4D6C-9215-66A95D9027AA}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{E24AF759-55F4-4A1A-85B4-50308B0FDB90}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [Archivo no firmado]
FirewallRules: [{730B6DB1-E513-4312-A32D-1413858301A2}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [Archivo no firmado]
FirewallRules: [{4953D44E-297C-4C3A-8515-57ABC2B2336F}] => (Block) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [Archivo no firmado]
FirewallRules: [{4E50601E-095E-450C-BE01-B5D148A95C13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Archivo no firmado]
FirewallRules: [{6B168A06-8790-4008-9391-AE9E1CC6EC3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software) [Archivo no firmado]
FirewallRules: [{8633BA30-0257-4FD0-A4E3-1F46F1616694}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [Archivo no firmado]
FirewallRules: [{59F79862-EAE2-4192-99FD-DFDB873780F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) [Archivo no firmado]
FirewallRules: [{DDA639DA-2D6E-40F8-A3DF-D1EBDCEE0B13}] => (Allow) C:\Users\Emanuel\Documents\ShinraMeterV2.70\ShinraMeter.exe () [Archivo no firmado]
FirewallRules: [{E54D2121-3EA8-4B21-9D92-A8FEE4995920}] => (Allow) C:\Users\Emanuel\Documents\ShinraMeterV2.70\ShinraMeter.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{C02564B3-503B-49CC-937E-1217AAEAB042}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe (Mercer Road Corp -> )
FirewallRules: [UDP Query User{7CB8A965-DE6B-4533-9264-1D5F6A4D4330}C:\program files\firestorm-releasex64\slvoice.exe] => (Allow) C:\program files\firestorm-releasex64\slvoice.exe (Mercer Road Corp -> )
FirewallRules: [{446B4301-2B12-4B4F-BBF2-813312093C6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Bandicoot - N Sane Trilogy\CrashBandicootNSaneTrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{5822ECD8-1408-4965-A461-E8BD44B8032F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crash Bandicoot - N Sane Trilogy\CrashBandicootNSaneTrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{E48343F8-A77A-4A15-B4EF-643E68FE2129}] => (Block) C:\Program Files (x86)\Overwatch\_retail_\Overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{E0442BBD-B16A-4851-ACD9-C8F78E228FC5}C:\users\emanuel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\emanuel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{FB3B6287-C9D4-46F6-B1E0-D5F4800918B3}C:\users\emanuel\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\emanuel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{19A133FB-0DDC-4F29-9716-BBDD74B9DD75}] => (Allow) C:\Program Files (x86)\ZLOrigin\Origin.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{CA8993BC-EBA6-429D-A0CF-B410AD8EA75D}] => (Allow) C:\Program Files (x86)\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe (Maxis, a division of Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{69E67D40-5E3F-4913-800C-5D561683D641}] => (Allow) C:\Program Files (x86)\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe (Maxis, a division of Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{AAC1A435-9206-4576-AACB-E80C86F74868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Archivo no firmado]
FirewallRules: [{06360874-5E85-4D52-8B94-342BE757D35C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider\TombRaider.exe (Square Enix) [Archivo no firmado]
FirewallRules: [{CF47203E-AD61-4EFD-85BE-4AE58092E60C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{E7AA4698-805C-48C2-9898-3418126871BF}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{54F1A257-C5F8-4480-9190-D9030ED333ED}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{3495C265-DBFC-41A1-BB7D-9F5E56DE136C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [TCP Query User{7EDEF46B-3C15-453D-8C33-601EB5FB4D99}C:\program files (x86)\origin games\the sims 4\game_cracked\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\origin games\the sims 4\game_cracked\bin\ts4_x64.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [UDP Query User{4530920F-3808-4DC1-A46E-5AD366291B0E}C:\program files (x86)\origin games\the sims 4\game_cracked\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\origin games\the sims 4\game_cracked\bin\ts4_x64.exe (Electronic Arts Inc.) [Archivo no firmado]
FirewallRules: [{A41E4787-12E8-4766-AD24-9258A6CDFB2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{75B9C0AF-310A-4C40-A20A-D5019923F20B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{083DF5EE-C0F0-4B23-8D33-13A372BF994F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{023E7D22-E630-4BD4-9B44-76BCED5DB5A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EE5E0A84-82C5-46EA-BC65-66D83A025542}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [{11BA6521-65AD-4639-9BCA-782608056F11}] => (Allow) C:\KOPLAYER\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{6F2FE8E3-CDFE-4E84-BA53-2CA266CA805F}] => (Allow) C:\KOPLAYER\KOPLAYER.exe (Fuzhou kaopu Network Co.,Ltd -> Kaopu Co., Ltd.)
FirewallRules: [{7CAD19D9-7DC8-48C4-982F-AF8F6B01E01F}] => (Allow) C:\KOPLAYER\vbox\VBoxManage.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{F0AD8E7F-AC6A-4409-A5C7-CE962FAC7D20}] => (Allow) C:\KOPLAYER\vbox\VBoxHeadless.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{9B62CF3E-4E5B-4858-945E-F597C0BA8A42}] => (Allow) C:\KOPLAYER\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{903829A1-568B-49D4-9A8A-7DF38F9A8D69}] => (Allow) C:\KOPLAYER\KOPLAYER.exe (Fuzhou kaopu Network Co.,Ltd -> Kaopu Co., Ltd.)
FirewallRules: [{3831B6FE-75AA-4C4A-B34A-0AF201048EB8}] => (Allow) C:\KOPLAYER\vbox\VBoxManage.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{2623DC90-E192-400C-BBA5-7ABA255DF1B3}] => (Allow) C:\KOPLAYER\vbox\VBoxHeadless.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{1A4A0E08-1966-49C3-8C0C-2E1861E5CC32}] => (Allow) C:\KOPLAYER\vbox\VBoxHeadless.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{373447E4-9E2E-4B69-9F26-425E8CA42557}] => (Allow) C:\KOPLAYER\KOPLAYER.exe (Fuzhou kaopu Network Co.,Ltd -> Kaopu Co., Ltd.)
FirewallRules: [{9B3D3321-F288-4E1A-B4AF-5461928767E5}] => (Allow) C:\KOPLAYER\vbox\VBoxManage.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{1BB22B0A-9039-499A-A81F-BCDD555E938E}] => (Allow) C:\KOPLAYER\vbox\VBoxHeadless.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{DAA3870F-ED26-49F8-A4E7-E99F73AEF253}] => (Allow) C:\KOPLAYER\KOPLAYER.exe (Fuzhou kaopu Network Co.,Ltd -> Kaopu Co., Ltd.)
FirewallRules: [{9ABCDFF9-77D5-4D69-85F8-E92985C72690}] => (Allow) C:\KOPLAYER\vbox\VBoxManage.exe (Fuzhou kaopu Network Co.,Ltd -> Oracle Corporation)
FirewallRules: [{4823D39F-60E9-491F-A301-4730AE06704E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons Monkey City\MonkeyCity-Win.exe (Ninja Kiwi Ltd.) [Archivo no firmado]
FirewallRules: [{BAD8591D-EC5B-4DC6-8565-E4EB1455ADAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons Monkey City\MonkeyCity-Win.exe (Ninja Kiwi Ltd.) [Archivo no firmado]
FirewallRules: [{9EEAEBFD-E880-4E42-922B-77E8396F0AE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons Adventure Time TD\btdadventuretime.exe () [Archivo no firmado]
FirewallRules: [{C7D04146-4AEE-4A9B-BD3F-6B26AFFA9093}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloons Adventure Time TD\btdadventuretime.exe () [Archivo no firmado]
FirewallRules: [{CB56AB98-872D-46BF-B270-709FC4959653}] => (Allow) C:\Users\Emanuel\AppData\Local\Programs\Fiddler\Fiddler.exe (Progress Software Corporation -> Progress Software Corporation)
FirewallRules: [TCP Query User{7962B14B-9E20-4A9D-9FCD-BE6FF43D609C}C:\users\emanuel\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\emanuel\appdata\local\programs\opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{EC2C0888-7BE2-423F-98DB-7DCFB95CA283}C:\users\emanuel\appdata\local\programs\opera\68.0.3618.104\opera.exe] => (Allow) C:\users\emanuel\appdata\local\programs\opera\68.0.3618.104\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{C29573E1-1922-4E9D-A8A9-3772677E0716}C:\program files\alchemybeta\slvoice.exe] => (Allow) C:\program files\alchemybeta\slvoice.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{04AFA7AF-F376-4385-8726-93DA2D251D17}C:\program files\alchemybeta\slvoice.exe] => (Allow) C:\program files\alchemybeta\slvoice.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{8137CF38-F3AE-49DD-B847-41CB736F42AE}C:\program files\black dragon\slvoice.exe] => (Allow) C:\program files\black dragon\slvoice.exe () [Archivo no firmado]
FirewallRules: [UDP Query User{E4F9DB5B-2B55-468E-8A5F-E1E92715869D}C:\program files\black dragon\slvoice.exe] => (Allow) C:\program files\black dragon\slvoice.exe () [Archivo no firmado]
FirewallRules: [{08A453E9-A2B3-496E-B0DA-35DD20453604}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FFCB62AB-6D25-4896-933E-E9EB368EB127}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3BA70CBC-6C77-479A-9BBD-6D6F1F59E925}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{26F7CD6E-0B9F-40F8-B620-5155F5616369}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{E1FC51E0-7192-480A-979B-B5154C13A951}C:\users\emanuel\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\emanuel\appdata\local\programs\opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{67FD478C-CA6C-4B4A-B524-388CD5991938}C:\users\emanuel\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Allow) C:\users\emanuel\appdata\local\programs\opera\68.0.3618.125\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{9547DA9C-F3CF-4219-A9F9-FD7CE5EEC5F6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92BDF6C1-D80F-4B45-B691-AE2C0CCEA92E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Puntos de Restauración =========================

16-05-2020 18:44:04 Installed Minecraft Dungeons Launcher
21-05-2020 18:25:09 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720
27-05-2020 03:50:37 Installed 4K Video Downloader 4.12
27-05-2020 03:52:04 Installed 4K Video Downloader 4.12
27-05-2020 03:57:48 Installed 4K Video Downloader 4.12

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/27/2020 08:37:14 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "iehistory://{S-1-5-21-859929428-3570126794-4262803692-1001}/">.

Error: (05/27/2020 08:36:31 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: El servicio Windows Search no pudo procesar la lista de ubicaciones incluidas y excluidas. Error: <30, 0x80040d07, "iehistory://{S-1-5-21-859929428-3570126794-4262803692-1001}/">.

Error: (05/27/2020 08:30:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/27/2020 08:29:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (05/27/2020 06:35:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (05/27/2020 06:35:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/27/2020 05:36:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: AGSService.exe, versión: 6.6.0.204, marca de tiempo: 0x5e5f9916
Nombre del módulo con errores: AGSService.exe, versión: 6.6.0.204, marca de tiempo: 0x5e5f9916
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00143e7f
Identificador del proceso con errores: 0x4c4
Hora de inicio de la aplicación con errores: 0x01d633a57c72970a
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Ruta de acceso del módulo con errores: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
Identificador del informe: 88a0b41c-9ffd-11ea-82d9-d8cb8a19b29e
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/27/2020 03:57:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.

Errores del sistema:
=============
Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (05/27/2020 08:28:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio WinPcap Packet Driver (NPF) no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
===================================
Date: 2020-02-21 19:14:56.898
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen: {CDBC0FA2-37F6-4F00-91F5-28E3CFE1EC1B}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-02-21 14:58:00.829
Description: 
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0
Nombre: HackTool:MSIL/AutoKMS.I!MTB
Id.: 2147743522
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_C:\Users\Emanuel\Downloads\Activador\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\Activador\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\Activador\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe->(UPX)
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\explorer.exe
Versión de firma: AV: 1.309.1333.0, AS: 1.309.1333.0, NIS: 119.0.0.0
Versión de motor: AM: 1.1.16700.3, NIS: 2.1.14600.4

Date: 2020-02-21 14:57:59.227
Description: 
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0
Nombre: HackTool:MSIL/AutoKMS.I!MTB
Id.: 2147743522
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_C:\Users\Emanuel\Downloads\Activador\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\Activador\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\Activador\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe->(UPX)
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.309.1333.0, AS: 1.309.1333.0, NIS: 119.0.0.0
Versión de motor: AM: 1.1.16700.3, NIS: 2.1.14600.4

Date: 2020-02-20 03:55:03.931
Description: 
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0
Nombre: HackTool:MSIL/AutoKMS.I!MTB
Id.: 2147743522
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_C:\Users\Emanuel\Downloads\KMS Tools V.01_06_2019[RacrivMix]\KMS Tools V.01_06_2019[RacrivMix]\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\KMS Tools V.01_06_2019[RacrivMix]\KMS Tools V.01_06_2019[RacrivMix]\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\KMS Tools V.01_06_2019[RacrivMix]\KMS Tools V.01_06_2019[RacrivMix]\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe->(UPX)
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Users\Emanuel\AppData\Local\Temp\fver.exe
Versión de firma: AV: 1.309.1306.0, AS: 1.309.1306.0, NIS: 119.0.0.0
Versión de motor: AM: 1.1.16700.3, NIS: 2.1.14600.4

Date: 2020-02-20 03:54:45.608
Description: 
Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
http://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS.I!MTB&threatid=2147743522&enterprise=0
Nombre: HackTool:MSIL/AutoKMS.I!MTB
Id.: 2147743522
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_C:\Users\Emanuel\Downloads\KMS Tools V.01_06_2019[RacrivMix]\KMS Tools V.01_06_2019[RacrivMix]\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\KMS Tools V.01_06_2019[RacrivMix]\KMS Tools V.01_06_2019[RacrivMix]\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe;file:_C:\Users\Emanuel\Downloads\KMS Tools V.01_06_2019[RacrivMix]\KMS Tools V.01_06_2019[RacrivMix]\Programs\KMSAuto Lite Portable v1.5.6\KMSAuto.exe->(UPX)
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Users\Emanuel\AppData\Local\Temp\fver.exe
Versión de firma: AV: 1.309.1306.0, AS: 1.309.1306.0, NIS: 119.0.0.0
Versión de motor: AM: 1.1.16700.3, NIS: 2.1.14600.4

Date: 2020-02-15 11:43:17.732
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80073aba
Descripción del error: El recurso es demasiado antiguo para ser compatible. 
Versión de firma: 1.155.266.0;1.155.266.0
Versión de motor: 1.1.9700.0

Date: 2020-02-15 06:25:25.540
Description: 
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Sistema de inspección de red
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2020-02-15 03:43:29.175
Description: 
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor: 1.1.16700.3
Versión de motor anterior: 1.1.9700.0
Usuario: NT AUTHORITY\SYSTEM
Código de error: 0x8050800c
Descripción del error: Problema inesperado. Instale todas las actualizaciones disponibles e intente iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulte Ayuda y soporte técnico. 

Date: 2020-02-14 20:45:41.212
Description: 
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Sistema de inspección de red
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Motivo: El sistema no tiene las actualizaciones necesarias para ejecutar el Sistema de inspección de red. Instale las actualizaciones requeridas y reinicie el equipo.

Date: 2020-02-14 14:58:26.775
Description: 
La característica Protección en tiempo real de Windows Defender encontró un error:
Característica: Sistema de inspección de red
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Motivo: El sistema no tiene las actualizaciones necesarias para ejecutar el Sistema de inspección de red. Instale las actualizaciones requeridas y reinicie el equipo.

CodeIntegrity:
===================================

Date: 2020-02-22 15:47:33.903
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. V3.6 09/29/2013
Placa base: MSI H61M-P31/W8 (MS-7788)
Procesador: Intel(R) Core(TM) i3-3250 CPU @ 3.50GHz
Porcentaje de memoria en uso: 60%
RAM física total: 4050.86 MB
RAM física disponible: 1595.07 MB
Virtual total: 8914.86 MB
Virtual disponible: 5752.44 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:930.85 GB) (Free:341.91 GB) NTFS

\\?\Volume{21825f06-a311-4ad7-8b0c-36ebf566acb3}\ () (Fixed) (Total:0.44 GB) (Free:0.17 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A6CF4811)

Partition: GPT.

==================== Final de Addition.txt =======================

Listo allí están. No sé por qué no me reconoce los CODE pero por si las moscas le dejo adjuntado los dos archivos logs. En este mensaje, enlazando tambien el de adwcleaner.

AdwCleaner[S14].txt (2,7 KB)

FRST.txt (66,0 KB)

Addition.txt (59,1 KB)

Hola

No descargaste y ejecutaste FRST desde el escritorio como te indiqué, muevelo allí si no fallará el siguiente paso y que no esté dentro de ninguna carpeta.

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\MountPoints2: E - "E:\Autorun.exe"
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\MountPoints2: F - "F:\setup.exe"
GroupPolicy: Restricción ? <==== ATENCIÓN
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
U4 npcap_wifi; no ImagePath
S3 NPF; system32\drivers\NPF.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
2020-02-20 23:51 - 2020-02-20 23:51 - 000000000 _____ () C:\Users\Emanuel\AppData\Local\oobelibMkey.log
AlternateDataStreams: C:\Users\Emanuel\ntuser.ini:NTV [8974]
AlternateDataStreams: C:\Users\Emanuel\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [223]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX/Corregir y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 29-05-2020
Ejecutado por Emanuel (29-05-2020 20:31:02) Run:1
Ejecutado desde C:\Users\Emanuel\Desktop
Perfiles cargados: Emanuel
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\MountPoints2: E - "E:\Autorun.exe"
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\...\MountPoints2: F - "F:\setup.exe"
GroupPolicy: Restricci�n ? <==== ATENCI�N
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
U4 npcap_wifi; no ImagePath
S3 NPF; system32\drivers\NPF.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S4 nvvhci; \SystemRoot\System32\drivers\nvvhci.sys [X]
2020-02-20 23:51 - 2020-02-20 23:51 - 000000000 _____ () C:\Users\Emanuel\AppData\Local\oobelibMkey.log
AlternateDataStreams: C:\Users\Emanuel\ntuser.ini:NTV [8974]
AlternateDataStreams: C:\Users\Emanuel\AppData\Local\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [223]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => eliminado correctamente
HKU\S-1-5-21-859929428-3570126794-4262803692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
HKLM\System\CurrentControlSet\Services\amsdk => eliminado correctamente
amsdk => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\BEDaisy => eliminado correctamente
BEDaisy => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\edevmon => eliminado correctamente
edevmon => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\npcap_wifi => eliminado correctamente
npcap_wifi => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\NPF => eliminado correctamente
NPF => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => eliminado correctamente
nvvad_WaveExtensible => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\nvvhci => eliminado correctamente
nvvhci => servicio eliminado correctamente
C:\Users\Emanuel\AppData\Local\oobelibMkey.log => movido correctamente
C:\Users\Emanuel\ntuser.ini => ":NTV" ADS eliminado correctamente
C:\Users\Emanuel\AppData\Local\Temp => ":$DATA" ADS no pudo ser eliminado.
C:\Users\Public\Shared Files => ":VersionCache" ADS eliminado correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-859929428-3570126794-4262803692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-859929428-3570126794-4262803692-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en NordLynx mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.

Adaptador desconocido NordLynx:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::fc64:1be4:cb1:893%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.9
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27538952 B
Java, Flash, Steam htmlcache => 362127039 B
Windows/system/drivers => 8247406 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 373827863 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 583597 B
systemprofile32 => 584157 B
LocalService => 584989 B
NetworkService => 584989 B
Emanuel => 52418968 B

RecycleBin => 2078042 B
EmptyTemp: => 802.2 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 20:31:56 ====

Esto de arriba es lo que me ponía el fixlog.txt. Lo del rendimiento no se puede observar aún, le pido el favor de espera de uno a dos días para comprobar.

Hola

De acuerdo, pruebalo durante un par de días y nos comentas

Un saludo

Confirmo para decir que el rendimiento si ha mejorado, es decir puedo notar una diferencia de rápidez al abrir programas, cerrar ventanas, esperar progresos o inclusive una subida de fps y estabilidad general en juegos que requieren “recursos” asi que testeando, he hecho este este video de un juego al azar como prueba de la mejora de rendimiento.

Fuera de eso no tengo ninguna inquietud por ahora, a no ser que se haya tenido que hacer más pasos a continuación del ultimo que me comentó. Pero yo en general, siento que me va bien ahora. Gracias.

Hola @Exannger

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Nos alegramos que se te haya resuelto Damos el tema por solucionado.

Un saludo