Windows scrip host error

Hola amigos de esta grandiosa comunidad tengo una curiosidad con un error que se me ejecuta cada vez que prendo la computadora que es el siguiente, quisiera saber a que se debe y como se podría solucionarme muchas gracias por todo

Buenas @Gaston_Ferrari Bienvenido al nuevo Foro.!!!

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

• CCleaner + Manual.

• Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.

• AdwCleaner + Manual.

• Junkware Removal Tool.

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

• Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

• Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

• Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

• Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

• Realiza un Análisis Personalizado.

• Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

• En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

• Ejecuta Adwcleaner.exe.

• Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

• El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

• Ejecuta JRT.exe.

• Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

• Si en algún momento te pide Reiniciar hazlo.

• Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

• Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

• En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

• Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Analisis Malwarebytes

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/4/20
Hora del análisis: 1:00
Archivo de registro: 4f4ce2f2-7884-11ea-b5c6-00ff19d94059.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.22054
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.752)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-8P86LC0\gasto

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 571226
Amenazas detectadas: 33
Amenazas en cuarentena: 33
Tiempo transcurrido: 2 hr, 26 min, 6 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 1
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV, Se eliminará al reiniciar, 1278, 805275, , , , 

Archivo: 32
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\devcon.exe, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\OemVista.inf, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\ptun0901.sys, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\devcon.exe, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.inf, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.sys, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\FakeClient.exe, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WdfCoInstaller01009.dll, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.dll, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.inf, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.sys, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\oas_sert.cer, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\tap0901.cer, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.exe, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror.exe, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror2.exe, Se eliminará al reiniciar, 1278, 805275, , , , 
HackTool.KMS, C:\ProgramData\KMSAutoS\kmsauto.ini, Se eliminará al reiniciar, 1278, 805275, , , , 
RiskWare.Agent.E, C:\USERS\DEFAULT\BYPASSELS.EXE, Se eliminará al reiniciar, 3743, 422179, 1.0.22054, 000000000000000000000003, dds, 00665478
Spyware.HawkEyeKeyLogger.E, C:\USERS\GASTO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\WIMSERV.URL, Se eliminará al reiniciar, 3831, 644365, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DLLSYS\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\GATHERCFG\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DEBUG\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\TEAM-OTIMUS V3.0\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DXCORE\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\GEN\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\VISIONSOFT\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\KEYWORDS & REGEX\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DICTS\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\EDP\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\GENDATA\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\PRODUCTION\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\X86\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end) 

Analisis de Adwcleaner no arrojo ninguno Analsis de JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by gasto (Administrator) on 07/04/2020 at 10:33:06,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/04/2020 at 10:36:10,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Analisis de FRST

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por gasto (administrador) sobre DESKTOP-8P86LC0 (LENOVO 81F5) (07-04-2020 10:37:12)
Ejecutado desde C:\Users\gasto\Downloads
Perfiles cargados: gasto (Perfiles disponibles: gasto)
Platform: Windows 10 Home Versión 1909 18363.752 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08c6076a1ac36ac6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08c6076a1ac36ac6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [Cloud Sync Application] => C:\Program Files (x86)\Renewed Vision\ProPresenter 6\CloudSyncApp.exe [185096 2016-09-01] (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [71464072 2020-04-04] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [Discord] => C:\Users\gasto\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1749848 2020-03-14] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31736720 2020-04-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1815584 2020-02-28] (TEFINCOM S.A. -> NordVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {12518378-7E1D-4578-A7E0-B5897FBF9ABD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {13FC42FF-E839-4F3D-BF22-97639D2EC514} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6154584 2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {49194E77-0050-4C72-BF8D-1139E479225B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6154584 2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {95FF556F-C615-4011-9738-BFC73A19D358} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A64C337F-92D7-4EC0-950C-2493193D21BF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74680F4-C707-45DE-8F3D-8C2BD85C7857} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-06] (Google LLC -> Google LLC)
Task: {AE86C6D5-B567-4C35-8B29-1604336395CB} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
Task: {B783BE6F-A8AD-4970-820D-C1471D3E742A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3595769944-1073380373-716707422-1001 => C:\Users\gasto\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {C1C8E591-10B4-4562-90FC-FF3155BF9BE9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEFF6BE7-BEDE-4E59-9D8B-26164243DC19} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF13FD45-9171-44C6-9EBA-6285E74A4868} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-06] (Google LLC -> Google LLC)
Task: {FE8C744A-91B6-4080-80A4-A60A7D5A82C4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-03-24] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-03-24] (Apple Inc. -> Apple Inc.)
Hosts: Archivo Hosts no detectado en el directorio predeterminado
Tcpip\Parameters: [DhcpNameServer] 200.49.130.40 200.42.4.203
Tcpip\..\Interfaces\{19d94059-d3c1-4aae-b93f-3b7c15714849}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a9994b72-b8a5-49c9-a1fc-39433a4ee6de}: [DhcpNameServer] 200.49.130.40 200.42.4.203

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3595769944-1073380373-716707422-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\gasto\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default [2020-04-07]
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR StartupUrls: Default -> "hxxps://www.youtube.com/watch?v=t6lsIVfYHlA"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Presentaciones) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-06]
CHR Extension: (Documentos) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-06]
CHR Extension: (Google Drive) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-06]
CHR Extension: (YouTube) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-06]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Steam Inventory Helper) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2020-03-20]
CHR Extension: (Tampermonkey) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-03-06]
CHR Extension: (Adobe Acrobat) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-03-06]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2020-03-20]
CHR Extension: (Hojas de cálculo) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-06]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2020-03-06]
CHR Extension: (Tampermonkey BETA) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcalenpjmijncebpfijmoaglllgpjagf [2020-03-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-03-06]
CHR Extension: (uVPN - Gratis e ilimitada VPN para todos) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafpkngncfpfggjefnekilbkcpjdgp [2020-04-03]
CHR Extension: (Steam Database) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2020-03-20]
CHR Extension: (Flow) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhijeanigbkjfnbjhpehnchddbeaodgh [2020-03-06]
CHR Extension: (Proxy List Scraper) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmamacnhccoaeblcleolehebffimpcf [2020-04-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-06]
CHR Extension: (SAG) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\piljlfgibadchadlhlcfoecfbpdeiemd [2020-03-20]
CHR Extension: (Gmail) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-02]
CHR Profile: C:\Users\gasto\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [420472 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Archivo no firmado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [644976 2019-03-13] (Dolby Laboratories, Inc. -> )
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [360016 2019-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\HfcDisableService.exe [1917440 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2900480 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [10131080 2020-04-04] (Logitech Inc -> Logitech, Inc.)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\my.ini [8919 2020-04-02] () [Archivo no firmado]
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. -> )
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe [2241536 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [Archivo no firmado]
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1339360 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [74208 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\47127\driver_cpu_temperature\logi_core_temp.sys [25448 2020-04-04] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-03-13] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [20624 2020-03-13] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-03-13] (Logitech Inc -> Logitech)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2020-02-24] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2740480 2020-03-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-07 10:37 - 2020-04-07 10:38 - 000023954 _____ C:\Users\gasto\Downloads\FRST.txt
2020-04-07 10:37 - 2020-04-07 10:38 - 000000000 ____D C:\FRST
2020-04-07 00:57 - 2020-04-07 00:57 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-07 00:50 - 2020-04-07 00:50 - 002281472 _____ (Farbar) C:\Users\gasto\Downloads\FRST64.exe
2020-04-07 00:50 - 2020-04-07 00:50 - 001790024 _____ (Malwarebytes) C:\Users\gasto\Downloads\JRT.exe
2020-04-07 00:44 - 2020-04-07 00:45 - 000000000 ____D C:\AdwCleaner
2020-04-06 19:14 - 2020-04-06 19:15 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\NetBeansProjects
2020-04-06 19:11 - 2020-04-06 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache NetBeans
2020-04-06 19:10 - 2020-04-06 19:11 - 000000000 ____D C:\Program Files\NetBeans-11.3
2020-04-06 18:43 - 2020-04-06 18:43 - 000000000 ____D C:\Users\gasto\.m2
2020-04-06 18:39 - 2020-04-06 18:39 - 000000000 ____D C:\Users\gasto\AppData\Roaming\NetBeans
2020-04-06 18:39 - 2020-04-06 18:39 - 000000000 ____D C:\Users\gasto\AppData\Local\NetBeans
2020-04-06 18:17 - 2020-04-06 19:14 - 000000000 ____D C:\Users\gasto\.nbi
2020-04-06 18:13 - 2020-04-06 18:13 - 000129088 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-04-06 18:13 - 2020-04-06 18:13 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Sun
2020-04-06 18:13 - 2020-04-06 18:13 - 000000000 ____D C:\ProgramData\Oracle
2020-04-06 18:13 - 2020-04-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-04-06 18:12 - 2020-04-06 18:12 - 000000000 ____D C:\Users\gasto\AppData\LocalLow\Oracle
2020-04-05 23:10 - 2020-04-05 23:10 - 000000000 ____D C:\Users\gasto\AppData\Local\Archie
2020-04-05 21:32 - 2020-04-05 21:34 - 000000000 ____D C:\Users\gasto\wimserv
2020-04-05 17:39 - 2020-04-05 17:39 - 000000000 ____D C:\Users\gasto\AppData\Local\mbamtray
2020-04-05 17:39 - 2020-04-05 17:39 - 000000000 ____D C:\Users\gasto\AppData\Local\mbam
2020-04-05 17:39 - 2020-04-05 17:39 - 000000000 ____D C:\Users\gasto\AppData\Local\cache
2020-04-05 12:11 - 2020-04-05 12:11 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Logishrd
2020-04-05 12:11 - 2020-04-05 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-04-05 12:11 - 2020-04-05 12:11 - 000000000 ____D C:\Program Files\LGHUB
2020-04-05 04:06 - 2020-04-05 04:06 - 000000000 ____D C:\Users\gasto\AppData\Local\Iheb_Briki
2020-04-05 03:49 - 2020-04-05 03:50 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2020-04-05 03:49 - 2020-04-05 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2020-04-05 03:08 - 2020-04-05 03:08 - 000000000 ____D C:\Windows\Program Files (x86)
2020-04-04 22:42 - 2020-04-04 22:42 - 000000000 ____D C:\Users\gasto\Downloads\Combo To UserPass
2020-04-03 22:17 - 2019-03-18 15:20 - 005739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2020-04-03 22:17 - 2019-03-18 15:19 - 002629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2020-04-03 22:17 - 2019-03-18 15:07 - 006359552 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2020-04-03 22:17 - 2019-03-18 15:01 - 005496832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2020-04-03 21:51 - 2020-04-05 19:24 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Code
2020-04-03 21:51 - 2020-04-03 21:51 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-04-03 21:51 - 2020-04-03 21:51 - 000000000 ____D C:\Users\gasto\.vscode
2020-04-03 19:12 - 2020-04-03 19:13 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\Users\gasto\AppData\Local\NordVPN
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\ProgramData\NordVPN
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-04-03 18:11 - 2020-04-03 18:11 - 000000000 ____D C:\Users\gasto\AppData\Roaming\TunnelBear
2020-04-03 18:11 - 2020-04-03 18:11 - 000000000 ____D C:\Users\gasto\AppData\Local\TunnelBear
2020-04-03 12:39 - 2020-04-03 12:39 - 000000000 ____D C:\Users\gasto\AppData\Local\SkinSoft
2020-04-03 12:03 - 2020-04-03 12:03 - 000000000 ____D C:\Users\gasto\AppData\Local\IsolatedStorage
2020-04-03 11:59 - 2020-04-03 11:59 - 000000000 ____D C:\ProgramData\Caphyon
2020-04-03 01:36 - 2020-04-05 21:26 - 000000000 ____D C:\Users\gasto\AppData\Roaming\.minecraft
2020-04-02 23:11 - 2020-04-06 23:51 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Telegram Desktop
2020-04-02 23:11 - 2020-04-02 23:11 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2020-04-02 17:51 - 2020-04-02 17:53 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Notepad++
2020-04-02 17:51 - 2020-04-02 17:51 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-04-02 17:51 - 2020-04-02 17:51 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-04-02 17:16 - 2020-04-06 18:15 - 000000000 ____D C:\Program Files\Java
2020-04-02 17:16 - 2020-04-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\HeidiSQL
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\Users\gasto\AppData\Roaming\HeidiSQL
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\Program Files\HeidiSQL
2020-04-02 11:24 - 2020-04-02 11:24 - 000000000 ____D C:\ProgramData\MySQL
2020-04-02 11:24 - 2020-04-02 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2020-04-02 11:24 - 2020-04-02 11:24 - 000000000 ____D C:\Program Files\MySQL
2020-04-01 22:19 - 2020-04-01 22:19 - 000000000 ____D C:\Users\gasto\AppData\Local\Eric_Zhang
2020-04-01 21:25 - 2020-04-01 21:30 - 000000000 ____D C:\ProgramData\Epic
2020-04-01 21:25 - 2020-04-01 21:25 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-04-01 21:25 - 2020-04-01 21:25 - 000000000 ____D C:\Users\gasto\AppData\Local\UnrealEngineLauncher
2020-04-01 21:25 - 2020-04-01 21:25 - 000000000 ____D C:\Users\gasto\AppData\Local\UnrealEngine
2020-04-01 21:25 - 2020-04-01 21:25 - 000000000 ____D C:\Users\gasto\AppData\Local\EpicGamesLauncher
2020-04-01 21:24 - 2020-04-01 21:24 - 000000000 ____D C:\Program Files (x86)\Epic Games
2020-04-01 01:59 - 2020-04-01 01:59 - 000004382 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2020-04-01 01:59 - 2020-04-01 01:59 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-04-01 01:59 - 2020-04-01 01:59 - 000000000 ____D C:\ProgramData\Overwolf
2020-04-01 01:59 - 2020-04-01 01:59 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-04-01 01:58 - 2020-04-03 16:35 - 000000000 ____D C:\Users\gasto\AppData\Local\Overwolf
2020-03-30 17:42 - 2020-03-30 17:43 - 000000000 ____D C:\Program Files\Counter-Strike 1.6
2020-03-30 12:33 - 2020-03-30 12:33 - 000000000 ____D C:\Riot Games
2020-03-30 12:22 - 2020-03-30 12:22 - 000000000 ____D C:\Users\gasto\AppData\Local\EnsoulSharp
2020-03-30 12:17 - 2020-03-30 12:17 - 000000000 ____D C:\Users\gasto\AppData\Roaming\LSA3BE467D
2020-03-30 12:16 - 2020-03-30 12:16 - 000000000 ____D C:\ProgramData\VsTelemetry
2020-03-30 12:10 - 2020-04-07 00:02 - 000000000 ____D C:\Users\gasto\AppData\Local\Spotify
2020-03-30 12:10 - 2020-03-30 12:10 - 000001836 _____ C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2020-03-30 12:04 - 2020-04-06 23:59 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Spotify
2020-03-30 11:50 - 2020-03-30 11:52 - 000000000 ____D C:\Users\gasto\AppData\Roaming\TunesKit Spotify Converter
2020-03-30 11:50 - 2020-03-30 11:50 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\TunesKit Spotify Converter
2020-03-28 12:44 - 2020-04-07 07:01 - 000000000 ____D C:\ProgramData\KMSAutoS
2020-03-28 12:42 - 2020-03-28 13:33 - 000000000 ____D C:\Users\gasto\AppData\Local\MSfree Inc
2020-03-28 03:00 - 2020-03-28 03:00 - 000000000 ____D C:\Program Files (x86)\QUALCOMM Incorporated
2020-03-27 22:52 - 2020-04-07 00:42 - 000000000 ____D C:\Users\gasto\AppData\Roaming\discord
2020-03-27 22:52 - 2020-03-27 22:52 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-03-27 22:52 - 2020-03-27 22:52 - 000000000 ____D C:\Users\gasto\AppData\Local\SquirrelTemp
2020-03-27 22:52 - 2020-03-27 22:52 - 000000000 ____D C:\Users\gasto\AppData\Local\Discord
2020-03-27 21:12 - 2020-03-27 21:12 - 000000000 ____D C:\Users\gasto\AppData\LocalLow\Temp
2020-03-27 16:43 - 2020-03-27 16:43 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2020-03-27 15:48 - 2020-03-27 15:48 - 001203753 _____ C:\Windows\unins002.exe
2020-03-27 13:05 - 2020-03-27 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-03-25 22:15 - 2020-03-25 22:15 - 000001865 _____ C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-03-25 22:15 - 2020-03-25 22:15 - 000000000 ____D C:\Users\gasto\AppData\Local\BitTorrentHelper
2020-03-25 19:53 - 2020-03-25 19:53 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\League of Legends
2020-03-25 19:47 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2020-03-25 19:47 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2020-03-25 19:47 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2020-03-25 19:46 - 2020-03-30 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-03-25 19:46 - 2020-03-30 12:29 - 000000000 ____D C:\Users\gasto\AppData\Local\Riot Games
2020-03-25 19:46 - 2020-03-25 19:47 - 000000000 ____D C:\ProgramData\Riot Games
2020-03-25 19:46 - 2020-03-25 19:46 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-03-25 11:41 - 2020-03-25 11:41 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-03-25 11:41 - 2020-03-25 11:41 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-03-25 11:41 - 2020-03-25 11:41 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 019813376 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 006525424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-03-25 11:40 - 2020-03-25 11:40 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001077264 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-03-25 11:40 - 2020-03-25 11:40 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-03-25 11:40 - 2020-03-25 11:40 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-03-25 11:40 - 2020-03-25 11:40 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-03-25 11:40 - 2020-03-25 11:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 003586872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002143232 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-25 11:39 - 2020-03-25 11:39 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000874512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-25 11:39 - 2020-03-25 11:39 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000047208 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000012800 _____ (Microsoft Corporation) 

C:\Windows\system32\pcaevts.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-03-25 11:38 - 2020-03-25 11:39 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-03-25 11:38 - 2020-03-25 11:38 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-03-25 11:38 - 2020-03-25 11:38 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-03-24 21:43 - 2020-03-24 21:44 - 000000000 ____D C:\Users\gasto\cs
2020-03-24 19:24 - 2004-05-13 14:15 - 001077336 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX
2020-03-24 19:23 - 2020-03-24 19:23 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Macromedia
2020-03-24 16:52 - 2020-03-24 16:52 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Earth's Special Forces
2020-03-23 20:42 - 2020-03-23 20:42 - 000000000 ____D C:\Users\gasto\AppData\Local\ElevatedDiagnostics
2020-03-23 20:16 - 2020-04-01 21:56 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\Zoom
2020-03-22 16:49 - 2020-03-27 15:48 - 000015812 _____ C:\Windows\unins002.dat
2020-03-22 16:28 - 2020-03-28 11:07 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-22 15:22 - 2020-03-27 12:50 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-03-22 15:22 - 2020-03-27 12:50 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-03-22 13:04 - 2020-03-25 15:32 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\GTA San Andreas User Files
2020-03-22 13:01 - 2020-03-22 13:01 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager
2020-03-20 15:07 - 2019-02-21 02:48 - 002725864 _____ (Sunplus Innovation Technology Inc.) C:\Windows\system32\SPITDevMft64.dll
2020-03-20 14:44 - 2020-04-03 19:13 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Zoom
2020-03-19 20:34 - 2020-03-19 20:34 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\My Games
2020-03-19 20:33 - 2020-03-19 20:33 - 000000000 ____D C:\Users\gasto\AppData\Local\Steam
2020-03-19 20:33 - 2020-03-19 20:33 - 000000000 ____D C:\Users\gasto\AppData\Local\CEF
2020-03-17 07:07 - 2020-03-26 21:09 - 000000048 ____H C:\Xiuhcoatl.69
2020-03-14 21:09 - 2020-03-14 21:09 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000183808 _____ (Microsoft Corporation) 
C:\Windows\system32\ResetEngOnline.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000035328 _____ (Microsoft Corporation) 
C:\Windows\SysWOW64\upnpcont.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-03-14 21:02 - 2020-02-11 01:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-14 21:02 - 2020-02-11 01:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ C:\Users\Default\Уdpa34n1jy8ysro.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ C:\Users\Default User\Уdpa34n1jy8ysro.exe
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ C:\Users\Default\vBm09Тx40Сui来40.exe
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ C:\Users\Default User\vBm09Тx40Сui来40.exe
2020-03-13 17:59 - 2020-03-13 17:59 - 000001226 _____ C:\AiOLog.txt
2020-03-13 17:59 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-03-13 17:59 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2020-03-13 17:59 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-03-13 17:59 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2020-03-13 17:59 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2020-03-13 17:59 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2020-03-13 17:59 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2020-03-13 17:59 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2020-03-13 17:59 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2020-03-13 17:59 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_41.dll
2020-03-13 17:59 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2020-03-13 17:59 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2020-03-13 17:59 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_40.dll
2020-03-13 17:59 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2020-03-13 17:59 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2020-03-13 17:59 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2020-03-13 17:59 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2020-03-13 17:59 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2020-03-13 17:59 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2020-03-13 17:59 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2020-03-13 17:59 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2020-03-13 17:59 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2020-03-13 17:59 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_38.dll
2020-03-13 17:59 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2020-03-13 17:59 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2020-03-13 17:59 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2020-03-13 17:59 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2020-03-13 17:59 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2020-03-13 17:59 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_37.dll
2020-03-13 17:59 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2020-03-13 17:59 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2020-03-13 17:59 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2020-03-13 17:59 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_2.dll
2020-03-13 17:59 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2020-03-13 17:59 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_36.dll
2020-03-13 17:59 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2020-03-13 17:59 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2020-03-13 17:59 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2020-03-13 17:59 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_35.dll
2020-03-13 17:59 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2020-03-13 17:59 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2020-03-13 17:59 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2020-03-13 17:59 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_34.dll
2020-03-13 17:59 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2020-03-13 17:59 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2020-03-13 17:59 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-03-13 17:59 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2020-03-13 17:59 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2020-03-13 17:59 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_33.dll
2020-03-13 17:59 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2020-03-13 17:59 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2020-03-13 17:59 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2020-03-13 17:59 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2020-03-13 17:59 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2020-03-13 17:59 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-03-13 17:59 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2020-03-13 17:59 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2020-03-13 17:59 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2020-03-13 17:59 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2020-03-13 17:59 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2020-03-13 17:59 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2020-03-13 17:59 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2020-03-13 17:59 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2020-03-13 17:59 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2020-03-13 17:59 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2020-03-13 17:59 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2020-03-13 17:59 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2020-03-13 17:59 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2020-03-13 17:59 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2020-03-13 17:58 - 2020-03-13 17:59 - 000021739 _____ C:\Windows\unins001.dat
2020-03-13 17:58 - 2020-03-13 17:58 - 001207319 _____ C:\Windows\unins000.exe
2020-03-13 17:58 - 2020-03-13 17:58 - 001199175 _____ C:\Windows\unins001.exe
2020-03-13 17:58 - 2020-03-13 17:58 - 000010832 _____ C:\Windows\unins000.dat
2020-03-13 17:58 - 2020-03-13 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-03-13 17:58 - 2017-04-01 20:44 - 003450616 _____ (Red Hat) C:\Windows\system32\cygwin1.dll
2020-03-13 17:58 - 2017-01-26 07:25 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2020-03-13 17:58 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2020-03-13 17:58 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2020-03-13 17:58 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2020-03-13 17:58 - 2014-01-31 03:14 - 001055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll
2020-03-13 17:58 - 2014-01-25 14:30 - 000131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll
2020-03-13 17:58 - 2013-12-23 15:44 - 000163480 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000660120 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000617896 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000444328 _____ (Microsoft Corporation) C:\Windows\system32\mshflxgd.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000416408 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000279192 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000259736 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000253080 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000222360 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000219288 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000218776 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000212112 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000179352 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000170920 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000131728 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000130712 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
2020-03-13 17:58 - 2013-12-20 01:48 - 000127640 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000119960 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000108696 _____ (Microsoft Corporation) C:\Windows\system32\msstkprp.dll
2020-03-13 17:58 - 2013-12-20 01:48 - 000104088 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000084624 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx
2020-03-13 17:58 - 2012-06-14 15:36 - 000107520 _____ C:\Windows\system32\zlib1.dll
2020-03-13 17:58 - 2012-04-03 17:11 - 000138752 _____ C:\Windows\system32\libpng15.dll
2020-03-13 17:58 - 2011-10-12 04:09 - 004033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll
2020-03-13 17:58 - 2011-10-01 09:16 - 000445016 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2020-03-13 17:58 - 2011-10-01 09:16 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\openal32.dll
2020-03-13 17:58 - 2011-01-12 14:36 - 001054208 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\mfc71DEU.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ITA.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71FRA.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ESP.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ENU.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71KOR.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71JPN.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHT.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHS.dll
2020-03-13 17:58 - 2011-01-12 14:19 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2020-03-13 17:58 - 2011-01-12 13:53 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2020-03-13 17:58 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-03-13 17:58 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2020-03-13 17:58 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2020-03-13 17:58 - 2010-03-18 21:21 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\msdia100.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-03-13 17:58 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2020-03-13 17:58 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2020-03-13 17:58 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2020-03-13 17:58 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-03-13 17:58 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-03-13 17:58 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-03-13 17:58 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_41.dll
2020-03-13 17:58 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-03-13 17:58 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2020-03-13 17:58 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_40.dll
2020-03-13 17:58 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-03-13 17:58 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-03-13 17:58 - 2008-08-26 07:40 - 000162304 _____ C:\Windows\system32\libpng13.dll
2020-03-13 17:58 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2020-03-13 17:58 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2020-03-13 17:58 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2020-03-13 17:58 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_39.dll
2020-03-13 17:58 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-03-13 17:58 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-03-13 17:58 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-03-13 17:58 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-03-13 17:58 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-03-13 17:58 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-03-13 17:58 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_38.dll
2020-03-13 17:58 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-03-13 17:58 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-03-13 17:58 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-03-13 17:58 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-03-13 17:58 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-03-13 17:58 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_37.dll
2020-03-13 17:58 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-03-13 17:58 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-03-13 17:58 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-03-13 17:58 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_2.dll
2020-03-13 17:58 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-03-13 17:58 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_36.dll
2020-03-13 17:58 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-03-13 17:58 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-03-13 17:58 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-03-13 17:58 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_35.dll
2020-03-13 17:58 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-03-13 17:58 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-03-13 17:58 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-03-13 17:58 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_34.dll
2020-03-13 17:58 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-03-13 17:58 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-03-13 17:58 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-03-13 17:58 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-03-13 17:58 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-03-13 17:58 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_33.dll
2020-03-13 17:58 - 2007-02-01 23:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2020-03-13 17:58 - 2007-02-01 20:11 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2020-03-13 17:58 - 2007-01-30 23:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2020-03-13 17:58 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-03-13 17:58 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-03-13 17:58 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-03-13 17:58 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-03-13 17:58 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-03-13 17:58 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-03-13 17:58 - 2006-09-28 16:03 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-03-13 17:58 - 2006-08-26 01:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ITA.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70FRA.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ESP.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70DEU.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ENU.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70KOR.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70JPN.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHT.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHS.dll
2020-03-13 17:58 - 2006-08-26 01:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2020-03-13 17:58 - 2006-08-26 00:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll
2020-03-13 17:58 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-03-13 17:58 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-03-13 17:58 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2020-03-13 17:58 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2020-03-13 17:58 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2020-03-13 17:58 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2020-03-13 17:58 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2020-03-13 17:58 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2020-03-13 17:58 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2020-03-13 17:58 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2020-03-13 17:58 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2020-03-13 17:58 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2020-03-13 17:58 - 2005-05-06 14:52 - 000103424 _____ (GNU <www.gnu.org>) C:\Windows\system32\libintl3.dll
2020-03-13 17:58 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2020-03-13 17:58 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2020-03-13 17:58 - 2005-01-20 20:25 - 000054784 _____ (Microsoft Corporation) 

C:\Windows\system32\msvci70.dll
2020-03-13 17:58 - 2002-01-05 06:40 - 000487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll
2020-03-13 17:58 - 1996-01-12 04:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\system32\vb40032.dll
2020-03-13 17:57 - 2020-03-13 17:57 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-03-13 17:57 - 2020-03-13 17:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-03-13 17:53 - 2020-03-13 17:53 - 000000000 ____D C:\Users\gasto\AppData\LocalLow\Sun
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default\DotNetAobScanMemory.dll
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default User\DotNetAobScanMemory.dll
2020-03-13 16:04 - 2020-03-17 00:07 - 000000001 _____ C:\Windows\xspirit.sys
2020-03-13 16:03 - 2020-03-15 18:38 - 000000019 _____ C:\data.ini
2020-03-13 13:50 - 2020-04-07 00:54 - 000000000 ____D C:\Users\gasto\AppData\Local\CrashDumps
2020-03-13 13:15 - 2020-03-13 13:15 - 000000000 ____D C:\Users\Public\Logi
2020-03-13 13:14 - 2020-04-07 10:33 - 000000000 ____D C:\Users\gasto\AppData\Roaming\LGHUB
2020-03-13 13:14 - 2020-04-07 10:32 - 000000000 ____D C:\Users\gasto\AppData\Local\LGHUB
2020-03-13 13:12 - 2020-03-13 13:14 - 000000000 ____D C:\ProgramData\LGHUB
2020-03-13 13:12 - 2020-03-13 13:12 - 000066808 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_xlcore.sys
2020-03-13 13:12 - 2020-03-13 13:12 - 000038136 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_bus_enum.sys
2020-03-13 13:12 - 2020-03-13 13:12 - 000020624 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\logi_joy_vir_hid.sys
2020-03-13 11:06 - 2020-03-26 21:09 - 002740480 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2020-03-13 11:01 - 2020-03-13 11:30 - 000001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Operation7.lnk
2020-03-13 11:01 - 2020-03-13 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Operation7
2020-03-12 21:31 - 2020-03-12 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2020-03-12 21:30 - 2020-03-27 13:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\ProgramData\Brother
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Program Files (x86)\BrownyInd
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Program Files (x86)\Browny02
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Program Files (x86)\Brother
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Brother
2020-03-12 21:30 - 2012-12-13 22:31 - 000180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000113744 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE
2020-03-12 21:30 - 2012-12-13 22:31 - 000077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
2020-03-12 21:30 - 2012-12-13 22:29 - 000000050 _____ C:\Windows\system32\BRADM12A.DAT
2020-03-12 21:30 - 2012-12-13 13:00 - 000226816 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOM12A.DLL

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-07 10:32 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-07 10:31 - 2020-03-06 11:06 - 000000134 _____ C:\Windows\system32\regtest.txt
2020-04-07 10:31 - 2020-03-06 10:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-07 10:31 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-04-07 10:30 - 2020-03-06 11:04 - 001777788 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-07 10:30 - 2019-03-19 08:59 - 000792562 _____ C:\Windows\system32\perfh00A.dat
2020-04-07 10:30 - 2019-03-19 08:59 - 000157298 _____ C:\Windows\system32\perfc00A.dat
2020-04-07 10:30 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2020-04-07 10:28 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-07 06:59 - 2020-03-06 10:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-07 00:44 - 2020-03-06 16:23 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2020-04-07 00:33 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-07 00:33 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-06 20:26 - 2020-03-06 11:17 - 000000000 ____D C:\Users\gasto\AppData\Local\Packages
2020-04-06 18:43 - 2020-03-06 11:15 - 000000000 ____D C:\Users\gasto
2020-04-04 07:43 - 2020-03-06 11:20 - 000000000 ____D C:\Users\gasto\AppData\Local\PlaceholderTileLogoFolder
2020-04-03 22:23 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\winrm
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\WCN
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\winrm
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\WCN
2020-04-03 22:22 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-04-03 22:22 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2020-04-03 22:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-04-03 22:21 - 2019-03-19 09:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-04-03 22:21 - 2019-03-19 09:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-04-03 22:21 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\slmgr
2020-04-03 22:21 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\F12
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\dsc
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-04-03 22:21 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\servicing
2020-04-03 22:17 - 2019-03-19 09:01 - 000000000 ____D C:\Windows\OCR
2020-04-03 20:06 - 2020-03-06 16:28 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-02 11:26 - 2020-03-06 16:19 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-04-01 21:30 - 2020-03-07 10:26 - 000000000 ____D C:\Users\gasto\AppData\Local\D3DSCache
2020-03-30 12:32 - 2020-03-06 06:47 - 000000000 ____D C:\Windows\Panther
2020-03-30 12:32 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-03-30 12:24 - 2020-03-07 00:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-03-28 00:17 - 2020-03-06 11:17 - 000000000 ____D C:\Users\gasto\AppData\Local\VirtualStore
2020-03-27 13:01 - 2020-03-07 11:00 - 000000000 ____D C:\Users\gasto\AppData\Roaming\RenewedVision
2020-03-25 11:53 - 2020-03-06 10:48 - 000295088 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\Provisioning
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2020-03-25 10:06 - 2020-03-06 10:49 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-03-24 19:26 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\System
2020-03-22 20:19 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ServiceState
2020-03-22 13:04 - 2019-03-19 02:00 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2020-03-22 13:04 - 2019-03-19 02:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2020-03-22 13:04 - 2019-03-19 02:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2020-03-22 13:04 - 2019-03-19 01:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2020-03-20 20:42 - 2020-03-06 16:21 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 20:42 - 2020-03-06 16:21 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 15:30 - 2020-03-06 16:33 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-20 15:30 - 2020-03-06 16:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 21:51 - 2020-03-06 16:22 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 10:17 - 2020-03-06 11:29 - 000000000 ____D C:\ProgramData\Packages
2020-03-17 11:48 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-17 11:47 - 2020-03-06 16:39 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-17 11:44 - 2020-03-07 10:00 - 000000000 ____D C:\Windows\files
2020-03-15 10:35 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\appcompat
2020-03-14 22:55 - 2020-03-06 11:17 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-14 22:55 - 2020-03-06 11:17 - 000000000 ___RD C:\Users\gasto\3D Objects
2020-03-14 22:54 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-03-14 22:54 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Dism
2020-03-14 21:30 - 2020-03-06 17:38 - 000000000 ____D C:\Windows\system32\MRT
2020-03-14 21:12 - 2020-03-06 17:38 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-08 02:56 - 2020-03-07 00:16 - 000000000 ____D C:\Users\gasto\.android

==================== Archivos en la raíz de algunos directorios ========

2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default\DotNetAobScanMemory.dll
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ () C:\Users\Default\vBm09Тx40Сui来40.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ () C:\Users\Default\Уdpa34n1jy8ysro.exe
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default User\DotNetAobScanMemory.dll
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ () C:\Users\Default User\vBm09Тx40Сui来40.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ () C:\Users\Default User\Уdpa34n1jy8ysro.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Análisis adicional

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por gasto (07-04-2020 10:39:37)
Ejecutado desde C:\Users\gasto\Downloads
Windows 10 Home Versión 1909 18363.752 (X64) (2020-03-06 13:56:33)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-3595769944-1073380373-716707422-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3595769944-1073380373-716707422-503 - Limited - Disabled)
gasto (S-1-5-21-3595769944-1073380373-716707422-1001 - Administrator - Enabled) => C:\Users\gasto
Invitado (S-1-5-21-3595769944-1073380373-716707422-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3595769944-1073380373-716707422-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
Apache NetBeans IDE 11.3 (HKLM\...\nbi-nb-all-11.3.0.0.2002) (Version: 11.3 - Apache NetBeans)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Bonjour (HKLM\...\{A74AB300-5777-41B7-91A2-C21875D4A483}) (Version: 2.0.0.36 - Apple Inc.)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Discord (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{3A595C95-121D-4EB0-8D57-C7A309BA6C09}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HeidiSQL 11.0.0.5934 (HKLM\...\HeidiSQL_is1) (Version: 11.0 - Ansgar Becker)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4487026C-A32C-4FF5-858E-8DB890814949}) (Version: 17.8.0.1065 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Java SE Development Kit 8 Update 241 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180241}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version:  - Logitech)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Project Professional 2019 - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Project Professional 2019 - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Visio Professional 2019 - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.43.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
MySQL Server 5.1 (HKLM\...\{BF2D5DC8-CBD0-46DD-8A2D-BAD190AC2F17}) (Version: 5.1.45 - MySQL AB)
NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.5 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20242 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.143.0.24 - Overwolf Ltd.)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Porofessor.gg (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.4.1 - Overwolf app)
ProPresenter 6 (HKLM-x32\...\ProPresenter 6) (Version: 6.0.4.1 - Renewed Vision)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
Servicios de impresión de Bonjour (HKLM\...\{4CE925AF-6519-4FEB-BEBD-DE2BFE2944EB}) (Version: 2.0.0.36 - Apple Inc.)
Spotify (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop versión 2.0.1 (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.0.1 - Telegram FZ-LLC)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version:  - Lenovo Group Limited)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-03-04] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

ShortcutWithArgument: C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Módulos cargados (Lista blanca) =============

2020-03-12 21:30 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-03-12 21:30 - 2008-08-18 18:27 - 000122880 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\brlmw03a.dll
2020-03-12 21:30 - 2012-07-13 13:09 - 000385024 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\gasto\Datos de programa:7dd1e1189f9fcf05a559dccee48d89c6 [394]
AlternateDataStreams: C:\Users\gasto\AppData\Roaming:7dd1e1189f9fcf05a559dccee48d89c6 [394]

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\gasto\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\Java\jre1.8.0_241\bin;C:\Program Files\Java\jdk1.8.0_241\bin;
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 200.49.130.40 - 200.42.4.203
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "NordVPN"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{98BB5C6C-4706-4ACE-B24E-E299E42B727E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5625A5F4-AAD8-424C-82D5-754D487B9F0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{1A722ABC-941F-4866-973D-2E30A5092F1A}C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [UDP Query User{76AFC76E-D0EF-49CC-B7D9-798D6082B8CC}C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [TCP Query User{45C789D2-4E0D-44C5-8230-8406404334AC}C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [UDP Query User{F78E3C86-B0A9-43BA-8F98-240BB36BE0A9}C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [TCP Query User{9C7B0B16-B4C2-4E56-AC02-AD34A7AB71E7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{1AD731C3-7AA9-4D24-9A6E-B6588B54882F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{3EAF057C-938E-485A-B9B4-ABAA5419A76F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B8ED27B-3908-485F-9BFA-1A7161FF0714}] => (Allow) C:\Users\gasto\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{25A8FEC1-2320-48AC-878B-180FA6525DAE}C:\users\gasto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gasto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{84358E32-F3AF-413A-9899-46C58C3624B8}C:\users\gasto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gasto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{728635AD-CC87-474A-A01B-2F318DF18AA1}] => (Allow) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A304CB26-7F41-4EAE-A7DB-DF9AC8DEA7CB}] => (Allow) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{523B7C40-19F2-40F1-B327-14B5C7714F6E}] => (Block) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8440E2EE-6DA7-4A8B-80CD-5F7FBCAFB14D}] => (Block) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{38D9CF85-2A67-4092-BB56-C7116AC00117}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{8F24A840-0EFF-4994-85BA-757E173A98F6}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe

==================== Puntos de Restauración =========================

25-03-2020 19:47:20 Se ha instalado DirectX
27-03-2020 12:58:12 Eliminado Hitman Blood Money
30-03-2020 12:16:15 Microsoft Build Tools 2015
01-04-2020 21:25:12 Se ha instalado DirectX
03-04-2020 01:36:19 Installed Minecraft Launcher
05-04-2020 03:49:01 Installed Minecraft Launcher
06-04-2020 17:53:18 Removed Java(TM) SE Development Kit 14 (64-bit)
07-04-2020 00:45:35 AdwCleaner_BeforeCleaning_07/04/2020_00:45:33
07-04-2020 10:33:11 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/07/2020 10:28:49 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/07/2020 12:46:13 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (04/07/2020 12:45:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Microsoft Windows Protocol Services Host.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.ComponentModel.Win32Exception
   en System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean)
   en System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
   en System.Diagnostics.Process.OpenProcessHandle(Int32)
   en System.Diagnostics.Process.set_EnableRaisingEvents(Boolean)
   en ..()
   en ..()
   en ..()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()

Error: (04/07/2020 12:45:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Microsoft Windows Protocol Services Host.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.ComponentModel.Win32Exception
   en System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean)
   en System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
   en System.Diagnostics.Process.OpenProcessHandle(Int32)
   en System.Diagnostics.Process.set_EnableRaisingEvents(Boolean)
   en ..()
   en ..()
   en ..()
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()


Errores del sistema:
=============
Error: (04/07/2020 10:33:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (04/07/2020 10:33:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Dolby DAX API Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/07/2020 10:31:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.

Error: (04/07/2020 10:31:23 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.

Error: (04/07/2020 10:31:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/07/2020 10:31:04 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.

Error: (04/07/2020 10:30:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (04/07/2020 10:30:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio MySQL se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-04-07 10:39:33.858
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Uwasson.A!ml&threatid=251745&enterprise=0
Nombre: Program:Win32/Uwasson.A!ml
Id.: 251745
Gravedad: Media
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\Default\vBm09?x40?ui?40.exe; file:_C:\Users\Default\?dpa34n1jy8ysro.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-8P86LC0\gasto
Nombre de proceso: C:\Users\gasto\Downloads\FRST64.exe
Versión de inteligencia de seguridad: AV: 1.313.937.0, AS: 1.313.937.0, NIS: 1.313.937.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-07 10:39:33.582
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Uwasson.A!ml&threatid=251745&enterprise=0
Nombre: Program:Win32/Uwasson.A!ml
Id.: 251745
Gravedad: Media
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\Default\vBm09?x40?ui?40.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-8P86LC0\gasto
Nombre de proceso: C:\Users\gasto\Downloads\FRST64.exe
Versión de inteligencia de seguridad: AV: 1.313.937.0, AS: 1.313.937.0, NIS: 1.313.937.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-07 00:48:01.227
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Windows\Program Files (x86)\Microsoft Host Interface\Data\Microsoft Windows Protocol Services Host.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.313.917.0, AS: 1.313.917.0, NIS: 1.313.917.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-07 00:48:00.801
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Startup.lnk; file:_C:\Windows\Program Files (x86)\Microsoft Host Interface\gScrape\Microsoft Windows Protocol Services Host.exe; startup:_C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Startup.lnk
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-8P86LC0\gasto
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.313.917.0, AS: 1.313.917.0, NIS: 1.313.917.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-04-07 00:48:00.799
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Windows\Program Files (x86)\Microsoft Host Interface\Data\Microsoft Windows Protocol Services Host.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.313.917.0, AS: 1.313.917.0, NIS: 1.313.917.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

CodeIntegrity:
===================================

Date: 2020-04-07 10:35:35.888
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-07 10:35:35.884
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-07 10:32:08.954
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-07 10:32:08.952
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-07 10:28:57.447
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-07 10:28:57.445
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-07 10:28:56.859
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-07 10:28:56.857
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Información de la memoria =========================== 

BIOS: LENOVO 7SCN34WW 06/10/2019
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Porcentaje de memoria en uso: 23%
RAM física total: 12193.22 MB
RAM física disponible: 9346.32 MB
Virtual total: 14049.22 MB
Virtual disponible: 11322.79 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:899.97 GB) (Free:813.06 GB) NTFS
Drive d: (Backups) (Fixed) (Total:30.91 GB) (Free:21.16 GB) NTFS

\\?\Volume{85aae850-82b3-4f37-875c-e8082f67cc7f}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{c3e906f8-e4d4-48f9-a301-8c827cfab93f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A16901E7)

Partition: GPT.

==================== Final de Addition.txt =======================

SINCERAMENTE LES AGRADEZCO MUCHISIMO

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe(en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
AlternateDataStreams: C:\Users\gasto\Datos de programa:7dd1e1189f9fcf05a559dccee48d89c6 [394]
AlternateDataStreams: C:\Users\gasto\AppData\Roaming:7dd1e1189f9fcf05a559dccee48d89c6 [394]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
2020-03-13 17:58 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

• Presionar el botón FIX/Corregir y aguardar a que termine.

• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola de nuevo, muchísimas gracias por su asesoramiento sinceramente ya no me arrojo ningun error mas y anda mucho mas rápida y ágil

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por gasto (07-04-2020 16:21:49) Run:1
Ejecutado desde C:\Users\gasto\OneDrive\Escritorio
Perfiles cargados: gasto (Perfiles disponibles: gasto)
Modo de Inicio: Normal
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
AlternateDataStreams: C:\Users\gasto\Datos de programa:7dd1e1189f9fcf05a559dccee48d89c6 [394]
AlternateDataStreams: C:\Users\gasto\AppData\Roaming:7dd1e1189f9fcf05a559dccee48d89c6 [394]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
2020-03-13 17:58 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => eliminado correctamente
C:\Users\gasto\Datos de programa => ":7dd1e1189f9fcf05a559dccee48d89c6" ADS eliminado correctamente
"C:\Users\gasto\AppData\Roaming" => ":7dd1e1189f9fcf05a559dccee48d89c6" ADS no encontrado.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\System\CurrentControlSet\Services\MBAMChameleon => eliminado correctamente
MBAMChameleon => servicio eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => no encontrado
MBAMChameleon => servicio no encontrado.
C:\Windows\system32\autoitx3.dll => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3595769944-1073380373-716707422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3595769944-1073380373-716707422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
   V¡nculo: direcci¢n IPv6 local. . . : fe80::a177:7e06:625b:1ef1%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.9
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {51CF1C4C-F4C1-4339-B66E-2ADF40F569A0}.
Unable to cancel {52AE1652-C362-425A-A618-D501A9752004}.
{C3925DA5-B057-4415-A158-045AC53EE31E} canceled.
1 out of 3 jobs canceled.

========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11815433 B
Java, Flash, Steam htmlcache => 49208719 B
Windows/system/drivers => 7760571 B
Edge => 9919198 B
Chrome => 113731352 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 23462 B
NetworkService => 34074 B
gasto => 221797323 B

RecycleBin => 0 B
EmptyTemp: => 403.9 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 16:22:40 ====

Perfecto @Gaston_Ferrari excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga DelFix.exe en tu escritorio.

• Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

• Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Saludos, Javier.