Hola amigos de esta grandiosa comunidad tengo una curiosidad con un error que se me ejecuta cada vez que prendo la computadora que es el siguiente, quisiera saber a que se debe y como se podría solucionarme muchas gracias por todo
Buenas @Gaston_Ferrari Bienvenido al nuevo Foro.!!!
Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.
Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.
Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :
-
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
-
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.
Ejecutas las herramientas de una en una y en el orden indicado :
CCleaner.-
-
Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
-
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
-
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).
Malwarebytes.-
-
Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
-
Realiza un Análisis Personalizado.
-
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
-
En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.
AdwCleaner.-
-
Ejecuta Adwcleaner.exe.
-
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
-
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
-
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
-
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt
Junkware Removal Tool.-
-
Ejecuta JRT.exe.
-
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
-
Si en algún momento te pide Reiniciar hazlo.
-
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
-
Copia y pega el contenido de JRT.txt en tu próxima respuesta.
Farbar Recovery Scan Tool.-
-
Ejecuta FRST.exe.
-
En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes
-
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
-
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.
Poner los informes en tu próxima respuesta de :
- Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.
Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).
Y nos cuentas como funciona tu equipo en relación al problema planteado.
Saludos Javier.
Analisis Malwarebytes
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 7/4/20
Hora del análisis: 1:00
Archivo de registro: 4f4ce2f2-7884-11ea-b5c6-00ff19d94059.json
-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.22054
Licencia: Prueba
-Información del sistema-
SO: Windows 10 (Build 18362.752)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-8P86LC0\gasto
-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 571226
Amenazas detectadas: 33
Amenazas en cuarentena: 33
Tiempo transcurrido: 2 hr, 26 min, 6 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 1
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV, Se eliminará al reiniciar, 1278, 805275, , , ,
Archivo: 32
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\devcon.exe, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\OemVista.inf, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP1\ptun0901.sys, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\devcon.exe, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.inf, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64TAP2\tapoas.sys, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\FakeClient.exe, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WdfCoInstaller01009.dll, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.dll, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.inf, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\x64WDV\WinDivert.sys, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\oas_sert.cer, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\driver\tap0901.cer, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\KMSSS.exe, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror.exe, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\bin\TunMirror2.exe, Se eliminará al reiniciar, 1278, 805275, , , ,
HackTool.KMS, C:\ProgramData\KMSAutoS\kmsauto.ini, Se eliminará al reiniciar, 1278, 805275, , , ,
RiskWare.Agent.E, C:\USERS\DEFAULT\BYPASSELS.EXE, Se eliminará al reiniciar, 3743, 422179, 1.0.22054, 000000000000000000000003, dds, 00665478
Spyware.HawkEyeKeyLogger.E, C:\USERS\GASTO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\WIMSERV.URL, Se eliminará al reiniciar, 3831, 644365, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DLLSYS\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\GATHERCFG\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DEBUG\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\TEAM-OTIMUS V3.0\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DXCORE\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\GEN\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\VISIONSOFT\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\KEYWORDS & REGEX\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\DICTS\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\EDP\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\GENDATA\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\PRODUCTION\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Trojan.ClipBanker, C:\WINDOWS\PROGRAM FILES (X86)\MICROSOFT HOST INTERFACE\X86\MICROSOFT WINDOWS PROTOCOL SERVICES HOST.EXE, Se eliminará al reiniciar, 4348, 805517, 1.0.22054, , ame,
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Analisis de Adwcleaner no arrojo ninguno Analsis de JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by gasto (Administrator) on 07/04/2020 at 10:33:06,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07/04/2020 at 10:36:10,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Analisis de FRST
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por gasto (administrador) sobre DESKTOP-8P86LC0 (LENOVO 81F5) (07-04-2020 10:37:12)
Ejecutado desde C:\Users\gasto\Downloads
Perfiles cargados: gasto (Perfiles disponibles: gasto)
Platform: Windows 10 Home Versión 1909 18363.752 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
() [Archivo no firmado] C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08c6076a1ac36ac6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08c6076a1ac36ac6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-12-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [Archivo no firmado]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [Cloud Sync Application] => C:\Program Files (x86)\Renewed Vision\ProPresenter 6\CloudSyncApp.exe [185096 2016-09-01] (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [71464072 2020-04-04] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [Discord] => C:\Users\gasto\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1749848 2020-03-14] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31736720 2020-04-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1815584 2020-02-28] (TEFINCOM S.A. -> NordVPN)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC)
==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {12518378-7E1D-4578-A7E0-B5897FBF9ABD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {13FC42FF-E839-4F3D-BF22-97639D2EC514} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6154584 2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {49194E77-0050-4C72-BF8D-1139E479225B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6154584 2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {95FF556F-C615-4011-9738-BFC73A19D358} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {A64C337F-92D7-4EC0-950C-2493193D21BF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74680F4-C707-45DE-8F3D-8C2BD85C7857} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-06] (Google LLC -> Google LLC)
Task: {AE86C6D5-B567-4C35-8B29-1604336395CB} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
Task: {B783BE6F-A8AD-4970-820D-C1471D3E742A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3595769944-1073380373-716707422-1001 => C:\Users\gasto\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {C1C8E591-10B4-4562-90FC-FF3155BF9BE9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEFF6BE7-BEDE-4E59-9D8B-26164243DC19} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF13FD45-9171-44C6-9EBA-6285E74A4868} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-06] (Google LLC -> Google LLC)
Task: {FE8C744A-91B6-4080-80A4-A60A7D5A82C4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-03-24] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-03-24] (Apple Inc. -> Apple Inc.)
Hosts: Archivo Hosts no detectado en el directorio predeterminado
Tcpip\Parameters: [DhcpNameServer] 200.49.130.40 200.42.4.203
Tcpip\..\Interfaces\{19d94059-d3c1-4aae-b93f-3b7c15714849}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{a9994b72-b8a5-49c9-a1fc-39433a4ee6de}: [DhcpNameServer] 200.49.130.40 200.42.4.203
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3595769944-1073380373-716707422-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\gasto\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-03] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default [2020-04-07]
CHR HomePage: Default -> hxxp://www.google.com.ar/
CHR StartupUrls: Default -> "hxxps://www.youtube.com/watch?v=t6lsIVfYHlA"
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/chromoting/chromoting_logo_512.png
CHR Extension: (Presentaciones) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-06]
CHR Extension: (Documentos) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-06]
CHR Extension: (Google Drive) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-06]
CHR Extension: (YouTube) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-06]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (Steam Inventory Helper) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2020-03-20]
CHR Extension: (Tampermonkey) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-03-06]
CHR Extension: (Adobe Acrobat) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-03-06]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2020-03-20]
CHR Extension: (Hojas de cálculo) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-06]
CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2020-03-06]
CHR Extension: (Tampermonkey BETA) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcalenpjmijncebpfijmoaglllgpjagf [2020-03-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-03-06]
CHR Extension: (uVPN - Gratis e ilimitada VPN para todos) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaoafpkngncfpfggjefnekilbkcpjdgp [2020-04-03]
CHR Extension: (Steam Database) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbmhfkmnlmbkgbabkdealhhbfhlmmon [2020-03-20]
CHR Extension: (Flow) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhijeanigbkjfnbjhpehnchddbeaodgh [2020-03-06]
CHR Extension: (Proxy List Scraper) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkmamacnhccoaeblcleolehebffimpcf [2020-04-03]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-06]
CHR Extension: (SAG) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\piljlfgibadchadlhlcfoecfbpdeiemd [2020-03-20]
CHR Extension: (Gmail) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\gasto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-02]
CHR Profile: C:\Users\gasto\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [420472 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Archivo no firmado]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [644976 2019-03-13] (Dolby Laboratories, Inc. -> )
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1892512 2018-12-14] (Intel Corporation -> Intel Corporation)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [360016 2019-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S4 HfcDisableService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\HfcDisableService.exe [1917440 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\System32\iaStorAfsService.exe [2900480 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB/lghub_updater.exe [10131080 2020-04-04] (Logitech Inc -> Logitech, Inc.)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\my.ini [8919 2020-04-02] () [Archivo no firmado]
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [234528 2020-02-28] (TEFINCOM S.A. -> )
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)
R2 RstMwService; C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_99239023b47c777a\RstMwService.exe [2241536 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [Archivo no firmado]
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [78832 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [75248 2018-12-14] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [403440 2018-12-14] (Intel Corporation -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1339360 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [74208 2019-12-11] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\47127\driver_cpu_temperature\logi_core_temp.sys [25448 2020-04-04] (Logitech Inc. -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-03-13] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [20624 2020-03-13] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-03-13] (Logitech Inc -> Logitech)
S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2020-02-24] (TunnelBear, Inc. -> The OpenVPN Project)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [2740480 2020-03-26] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-04-07 10:37 - 2020-04-07 10:38 - 000023954 _____ C:\Users\gasto\Downloads\FRST.txt
2020-04-07 10:37 - 2020-04-07 10:38 - 000000000 ____D C:\FRST
2020-04-07 00:57 - 2020-04-07 00:57 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-07 00:50 - 2020-04-07 00:50 - 002281472 _____ (Farbar) C:\Users\gasto\Downloads\FRST64.exe
2020-04-07 00:50 - 2020-04-07 00:50 - 001790024 _____ (Malwarebytes) C:\Users\gasto\Downloads\JRT.exe
2020-04-07 00:44 - 2020-04-07 00:45 - 000000000 ____D C:\AdwCleaner
2020-04-06 19:14 - 2020-04-06 19:15 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\NetBeansProjects
2020-04-06 19:11 - 2020-04-06 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache NetBeans
2020-04-06 19:10 - 2020-04-06 19:11 - 000000000 ____D C:\Program Files\NetBeans-11.3
2020-04-06 18:43 - 2020-04-06 18:43 - 000000000 ____D C:\Users\gasto\.m2
2020-04-06 18:39 - 2020-04-06 18:39 - 000000000 ____D C:\Users\gasto\AppData\Roaming\NetBeans
2020-04-06 18:39 - 2020-04-06 18:39 - 000000000 ____D C:\Users\gasto\AppData\Local\NetBeans
2020-04-06 18:17 - 2020-04-06 19:14 - 000000000 ____D C:\Users\gasto\.nbi
2020-04-06 18:13 - 2020-04-06 18:13 - 000129088 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-04-06 18:13 - 2020-04-06 18:13 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Sun
2020-04-06 18:13 - 2020-04-06 18:13 - 000000000 ____D C:\ProgramData\Oracle
2020-04-06 18:13 - 2020-04-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-04-06 18:12 - 2020-04-06 18:12 - 000000000 ____D C:\Users\gasto\AppData\LocalLow\Oracle
2020-04-05 23:10 - 2020-04-05 23:10 - 000000000 ____D C:\Users\gasto\AppData\Local\Archie
2020-04-05 21:32 - 2020-04-05 21:34 - 000000000 ____D C:\Users\gasto\wimserv
2020-04-05 17:39 - 2020-04-05 17:39 - 000000000 ____D C:\Users\gasto\AppData\Local\mbamtray
2020-04-05 17:39 - 2020-04-05 17:39 - 000000000 ____D C:\Users\gasto\AppData\Local\mbam
2020-04-05 17:39 - 2020-04-05 17:39 - 000000000 ____D C:\Users\gasto\AppData\Local\cache
2020-04-05 12:11 - 2020-04-05 12:11 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Logishrd
2020-04-05 12:11 - 2020-04-05 12:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2020-04-05 12:11 - 2020-04-05 12:11 - 000000000 ____D C:\Program Files\LGHUB
2020-04-05 04:06 - 2020-04-05 04:06 - 000000000 ____D C:\Users\gasto\AppData\Local\Iheb_Briki
2020-04-05 03:49 - 2020-04-05 03:50 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2020-04-05 03:49 - 2020-04-05 03:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2020-04-05 03:08 - 2020-04-05 03:08 - 000000000 ____D C:\Windows\Program Files (x86)
2020-04-04 22:42 - 2020-04-04 22:42 - 000000000 ____D C:\Users\gasto\Downloads\Combo To UserPass
2020-04-03 22:17 - 2019-03-18 15:20 - 005739008 _____ (Microsoft Corporation) C:\Windows\system32\prm0009.dll
2020-04-03 22:17 - 2019-03-18 15:19 - 002629120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2020-04-03 22:17 - 2019-03-18 15:07 - 006359552 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2020-04-03 22:17 - 2019-03-18 15:01 - 005496832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0009.dll
2020-04-03 21:51 - 2020-04-05 19:24 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Code
2020-04-03 21:51 - 2020-04-03 21:51 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2020-04-03 21:51 - 2020-04-03 21:51 - 000000000 ____D C:\Users\gasto\.vscode
2020-04-03 19:12 - 2020-04-03 19:13 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\Users\gasto\AppData\Local\NordVPN
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\ProgramData\NordVPN
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-04-03 18:42 - 2020-04-03 18:42 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-04-03 18:11 - 2020-04-03 18:11 - 000000000 ____D C:\Users\gasto\AppData\Roaming\TunnelBear
2020-04-03 18:11 - 2020-04-03 18:11 - 000000000 ____D C:\Users\gasto\AppData\Local\TunnelBear
2020-04-03 12:39 - 2020-04-03 12:39 - 000000000 ____D C:\Users\gasto\AppData\Local\SkinSoft
2020-04-03 12:03 - 2020-04-03 12:03 - 000000000 ____D C:\Users\gasto\AppData\Local\IsolatedStorage
2020-04-03 11:59 - 2020-04-03 11:59 - 000000000 ____D C:\ProgramData\Caphyon
2020-04-03 01:36 - 2020-04-05 21:26 - 000000000 ____D C:\Users\gasto\AppData\Roaming\.minecraft
2020-04-02 23:11 - 2020-04-06 23:51 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Telegram Desktop
2020-04-02 23:11 - 2020-04-02 23:11 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2020-04-02 17:51 - 2020-04-02 17:53 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Notepad++
2020-04-02 17:51 - 2020-04-02 17:51 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2020-04-02 17:51 - 2020-04-02 17:51 - 000000000 ____D C:\Program Files (x86)\Notepad++
2020-04-02 17:16 - 2020-04-06 18:15 - 000000000 ____D C:\Program Files\Java
2020-04-02 17:16 - 2020-04-06 18:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\HeidiSQL
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\Users\gasto\AppData\Roaming\HeidiSQL
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeidiSQL
2020-04-02 11:26 - 2020-04-02 11:26 - 000000000 ____D C:\Program Files\HeidiSQL
2020-04-02 11:24 - 2020-04-02 11:24 - 000000000 ____D C:\ProgramData\MySQL
2020-04-02 11:24 - 2020-04-02 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2020-04-02 11:24 - 2020-04-02 11:24 - 000000000 ____D C:\Program Files\MySQL
2020-04-01 22:19 - 2020-04-01 22:19 - 000000000 ____D C:\Users\gasto\AppData\Local\Eric_Zhang
2020-04-01 21:25 - 2020-04-01 21:30 - 000000000 ____D C:\ProgramData\Epic
2020-04-01 21:25 - 2020-04-01 21:25 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2020-04-01 21:25 - 2020-04-01 21:25 - 000000000 ____D C:\Users\gasto\AppData\Local\UnrealEngineLauncher
2020-04-01 21:25 - 2020-04-01 21:25 - 000000000 ____D C:\Users\gasto\AppData\Local\UnrealEngine
2020-04-01 21:25 - 2020-04-01 21:25 - 000000000 ____D C:\Users\gasto\AppData\Local\EpicGamesLauncher
2020-04-01 21:24 - 2020-04-01 21:24 - 000000000 ____D C:\Program Files (x86)\Epic Games
2020-04-01 01:59 - 2020-04-01 01:59 - 000004382 _____ C:\Windows\system32\Tasks\Overwolf Updater Task
2020-04-01 01:59 - 2020-04-01 01:59 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2020-04-01 01:59 - 2020-04-01 01:59 - 000000000 ____D C:\ProgramData\Overwolf
2020-04-01 01:59 - 2020-04-01 01:59 - 000000000 ____D C:\Program Files (x86)\Overwolf
2020-04-01 01:58 - 2020-04-03 16:35 - 000000000 ____D C:\Users\gasto\AppData\Local\Overwolf
2020-03-30 17:42 - 2020-03-30 17:43 - 000000000 ____D C:\Program Files\Counter-Strike 1.6
2020-03-30 12:33 - 2020-03-30 12:33 - 000000000 ____D C:\Riot Games
2020-03-30 12:22 - 2020-03-30 12:22 - 000000000 ____D C:\Users\gasto\AppData\Local\EnsoulSharp
2020-03-30 12:17 - 2020-03-30 12:17 - 000000000 ____D C:\Users\gasto\AppData\Roaming\LSA3BE467D
2020-03-30 12:16 - 2020-03-30 12:16 - 000000000 ____D C:\ProgramData\VsTelemetry
2020-03-30 12:10 - 2020-04-07 00:02 - 000000000 ____D C:\Users\gasto\AppData\Local\Spotify
2020-03-30 12:10 - 2020-03-30 12:10 - 000001836 _____ C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2020-03-30 12:04 - 2020-04-06 23:59 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Spotify
2020-03-30 11:50 - 2020-03-30 11:52 - 000000000 ____D C:\Users\gasto\AppData\Roaming\TunesKit Spotify Converter
2020-03-30 11:50 - 2020-03-30 11:50 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\TunesKit Spotify Converter
2020-03-28 12:44 - 2020-04-07 07:01 - 000000000 ____D C:\ProgramData\KMSAutoS
2020-03-28 12:42 - 2020-03-28 13:33 - 000000000 ____D C:\Users\gasto\AppData\Local\MSfree Inc
2020-03-28 03:00 - 2020-03-28 03:00 - 000000000 ____D C:\Program Files (x86)\QUALCOMM Incorporated
2020-03-27 22:52 - 2020-04-07 00:42 - 000000000 ____D C:\Users\gasto\AppData\Roaming\discord
2020-03-27 22:52 - 2020-03-27 22:52 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-03-27 22:52 - 2020-03-27 22:52 - 000000000 ____D C:\Users\gasto\AppData\Local\SquirrelTemp
2020-03-27 22:52 - 2020-03-27 22:52 - 000000000 ____D C:\Users\gasto\AppData\Local\Discord
2020-03-27 21:12 - 2020-03-27 21:12 - 000000000 ____D C:\Users\gasto\AppData\LocalLow\Temp
2020-03-27 16:43 - 2020-03-27 16:43 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2020-03-27 15:48 - 2020-03-27 15:48 - 001203753 _____ C:\Windows\unins002.exe
2020-03-27 13:05 - 2020-03-27 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2020-03-25 22:15 - 2020-03-25 22:15 - 000001865 _____ C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2020-03-25 22:15 - 2020-03-25 22:15 - 000000000 ____D C:\Users\gasto\AppData\Local\BitTorrentHelper
2020-03-25 19:53 - 2020-03-25 19:53 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\League of Legends
2020-03-25 19:47 - 2008-07-12 08:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2020-03-25 19:47 - 2008-07-12 08:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2020-03-25 19:47 - 2008-07-12 08:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2020-03-25 19:46 - 2020-03-30 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-03-25 19:46 - 2020-03-30 12:29 - 000000000 ____D C:\Users\gasto\AppData\Local\Riot Games
2020-03-25 19:46 - 2020-03-25 19:47 - 000000000 ____D C:\ProgramData\Riot Games
2020-03-25 19:46 - 2020-03-25 19:46 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games
2020-03-25 11:41 - 2020-03-25 11:41 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-03-25 11:41 - 2020-03-25 11:41 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-03-25 11:41 - 2020-03-25 11:41 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 019813376 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 006525424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 004129416 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-03-25 11:40 - 2020-03-25 11:40 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001397560 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 001077264 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000628408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-03-25 11:40 - 2020-03-25 11:40 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-03-25 11:40 - 2020-03-25 11:40 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-03-25 11:40 - 2020-03-25 11:40 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000089536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-03-25 11:40 - 2020-03-25 11:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-03-25 11:40 - 2020-03-25 11:40 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-03-25 11:40 - 2020-03-25 11:40 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 003728384 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 003586872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002143232 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-25 11:39 - 2020-03-25 11:39 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000874512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-25 11:39 - 2020-03-25 11:39 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000047208 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-03-25 11:39 - 2020-03-25 11:39 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-03-25 11:39 - 2020-03-25 11:39 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000012800 _____ (Microsoft Corporation)
C:\Windows\system32\pcaevts.dll
2020-03-25 11:39 - 2020-03-25 11:39 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-03-25 11:38 - 2020-03-25 11:39 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-03-25 11:38 - 2020-03-25 11:38 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-03-25 11:38 - 2020-03-25 11:38 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-03-25 11:38 - 2020-03-25 11:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-03-25 11:38 - 2020-03-25 11:38 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-03-24 21:43 - 2020-03-24 21:44 - 000000000 ____D C:\Users\gasto\cs
2020-03-24 19:24 - 2004-05-13 14:15 - 001077336 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCTL.OCX
2020-03-24 19:23 - 2020-03-24 19:23 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Macromedia
2020-03-24 16:52 - 2020-03-24 16:52 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Earth's Special Forces
2020-03-23 20:42 - 2020-03-23 20:42 - 000000000 ____D C:\Users\gasto\AppData\Local\ElevatedDiagnostics
2020-03-23 20:16 - 2020-04-01 21:56 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\Zoom
2020-03-22 16:49 - 2020-03-27 15:48 - 000015812 _____ C:\Windows\unins002.dat
2020-03-22 16:28 - 2020-03-28 11:07 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-22 15:22 - 2020-03-27 12:50 - 000000000 ___HD C:\Windows\msdownld.tmp
2020-03-22 15:22 - 2020-03-27 12:50 - 000000000 ____D C:\Windows\SysWOW64\directx
2020-03-22 13:04 - 2020-03-25 15:32 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\GTA San Andreas User Files
2020-03-22 13:01 - 2020-03-22 13:01 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ModManager
2020-03-20 15:07 - 2019-02-21 02:48 - 002725864 _____ (Sunplus Innovation Technology Inc.) C:\Windows\system32\SPITDevMft64.dll
2020-03-20 14:44 - 2020-04-03 19:13 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Zoom
2020-03-19 20:34 - 2020-03-19 20:34 - 000000000 ____D C:\Users\gasto\OneDrive\Documentos\My Games
2020-03-19 20:33 - 2020-03-19 20:33 - 000000000 ____D C:\Users\gasto\AppData\Local\Steam
2020-03-19 20:33 - 2020-03-19 20:33 - 000000000 ____D C:\Users\gasto\AppData\Local\CEF
2020-03-17 07:07 - 2020-03-26 21:09 - 000000048 ____H C:\Xiuhcoatl.69
2020-03-14 21:09 - 2020-03-14 21:09 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000183808 _____ (Microsoft Corporation)
C:\Windows\system32\ResetEngOnline.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-14 21:09 - 2020-03-14 21:09 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000035328 _____ (Microsoft Corporation)
C:\Windows\SysWOW64\upnpcont.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-03-14 21:09 - 2020-03-14 21:09 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-03-14 21:09 - 2020-03-14 21:09 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-03-14 21:02 - 2020-02-11 01:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-14 21:02 - 2020-02-11 01:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ C:\Users\Default\Уdpa34n1jy8ysro.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ C:\Users\Default User\Уdpa34n1jy8ysro.exe
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ C:\Users\Default\vBm09Тx40Сui来40.exe
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ C:\Users\Default User\vBm09Тx40Сui来40.exe
2020-03-13 17:59 - 2020-03-13 17:59 - 000001226 _____ C:\AiOLog.txt
2020-03-13 17:59 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2020-03-13 17:59 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2020-03-13 17:59 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2020-03-13 17:59 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2020-03-13 17:59 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2020-03-13 17:59 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2020-03-13 17:59 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2020-03-13 17:59 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2020-03-13 17:59 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2020-03-13 17:59 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2020-03-13 17:59 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2020-03-13 17:59 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2020-03-13 17:59 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_41.dll
2020-03-13 17:59 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2020-03-13 17:59 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2020-03-13 17:59 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2020-03-13 17:59 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_40.dll
2020-03-13 17:59 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2020-03-13 17:59 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2020-03-13 17:59 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2020-03-13 17:59 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2020-03-13 17:59 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2020-03-13 17:59 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2020-03-13 17:59 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2020-03-13 17:59 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2020-03-13 17:59 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2020-03-13 17:59 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_38.dll
2020-03-13 17:59 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2020-03-13 17:59 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2020-03-13 17:59 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2020-03-13 17:59 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2020-03-13 17:59 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2020-03-13 17:59 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_37.dll
2020-03-13 17:59 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2020-03-13 17:59 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2020-03-13 17:59 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2020-03-13 17:59 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_2.dll
2020-03-13 17:59 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2020-03-13 17:59 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_36.dll
2020-03-13 17:59 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2020-03-13 17:59 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2020-03-13 17:59 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2020-03-13 17:59 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_35.dll
2020-03-13 17:59 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2020-03-13 17:59 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2020-03-13 17:59 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2020-03-13 17:59 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_34.dll
2020-03-13 17:59 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2020-03-13 17:59 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2020-03-13 17:59 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2020-03-13 17:59 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2020-03-13 17:59 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2020-03-13 17:59 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcompiler_33.dll
2020-03-13 17:59 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2020-03-13 17:59 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2020-03-13 17:59 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2020-03-13 17:59 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2020-03-13 17:59 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2020-03-13 17:59 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2020-03-13 17:59 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2020-03-13 17:59 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2020-03-13 17:59 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2020-03-13 17:59 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2020-03-13 17:59 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2020-03-13 17:59 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2020-03-13 17:59 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2020-03-13 17:59 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2020-03-13 17:59 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2020-03-13 17:59 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2020-03-13 17:59 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2020-03-13 17:59 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2020-03-13 17:59 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2020-03-13 17:59 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2020-03-13 17:58 - 2020-03-13 17:59 - 000021739 _____ C:\Windows\unins001.dat
2020-03-13 17:58 - 2020-03-13 17:58 - 001207319 _____ C:\Windows\unins000.exe
2020-03-13 17:58 - 2020-03-13 17:58 - 001199175 _____ C:\Windows\unins001.exe
2020-03-13 17:58 - 2020-03-13 17:58 - 000010832 _____ C:\Windows\unins000.dat
2020-03-13 17:58 - 2020-03-13 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-03-13 17:58 - 2017-04-01 20:44 - 003450616 _____ (Red Hat) C:\Windows\system32\cygwin1.dll
2020-03-13 17:58 - 2017-01-26 07:25 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2020-03-13 17:58 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2020-03-13 17:58 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2020-03-13 17:58 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2020-03-13 17:58 - 2014-01-31 03:14 - 001055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll
2020-03-13 17:58 - 2014-01-25 14:30 - 000131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll
2020-03-13 17:58 - 2013-12-23 15:44 - 000163480 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000660120 _____ (Microsoft Corporation) C:\Windows\system32\mscomct2.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000617896 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000444328 _____ (Microsoft Corporation) C:\Windows\system32\mshflxgd.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000416408 _____ (Microsoft Corporation ) C:\Windows\system32\comct332.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000279192 _____ (Microsoft Corporation) C:\Windows\system32\msdatgrd.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000259736 _____ (Microsoft Corporation) C:\Windows\system32\msflxgrd.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000253080 _____ (Microsoft Corporation) C:\Windows\system32\msdatlst.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000222360 _____ (Microsoft Corporation) C:\Windows\system32\tabctl32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000219288 _____ (Microsoft Corporation) C:\Windows\system32\richtx32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000218776 _____ (Microsoft Corporation) C:\Windows\system32\dblist32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000212112 _____ (Microsoft Corporation) C:\Windows\system32\mci32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000179352 _____ (Microsoft Corporation) C:\Windows\system32\msmask32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000170920 _____ (Microsoft Corporation) C:\Windows\system32\comct232.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000131728 _____ (Microsoft Corporation) C:\Windows\system32\msinet.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000130712 _____ (Microsoft Corporation) C:\Windows\system32\msstdfmt.dll
2020-03-13 17:58 - 2013-12-20 01:48 - 000127640 _____ (Microsoft Corporation) C:\Windows\system32\mswinsck.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000119960 _____ (Microsoft Corporation) C:\Windows\system32\mscomm32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000108696 _____ (Microsoft Corporation) C:\Windows\system32\msstkprp.dll
2020-03-13 17:58 - 2013-12-20 01:48 - 000104088 _____ (Microsoft Corporation) C:\Windows\system32\picclp32.ocx
2020-03-13 17:58 - 2013-12-20 01:48 - 000084624 _____ (Microsoft Corporation) C:\Windows\system32\sysinfo.ocx
2020-03-13 17:58 - 2012-06-14 15:36 - 000107520 _____ C:\Windows\system32\zlib1.dll
2020-03-13 17:58 - 2012-04-03 17:11 - 000138752 _____ C:\Windows\system32\libpng15.dll
2020-03-13 17:58 - 2011-10-12 04:09 - 004033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll
2020-03-13 17:58 - 2011-10-01 09:16 - 000445016 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2020-03-13 17:58 - 2011-10-01 09:16 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\openal32.dll
2020-03-13 17:58 - 2011-01-12 14:36 - 001054208 _____ (Microsoft Corporation) C:\Windows\system32\mfc71u.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\mfc71DEU.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ITA.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71FRA.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ESP.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc71ENU.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71KOR.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc71JPN.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHT.dll
2020-03-13 17:58 - 2011-01-12 14:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc71CHS.dll
2020-03-13 17:58 - 2011-01-12 14:19 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2020-03-13 17:58 - 2011-01-12 13:53 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\atl71.dll
2020-03-13 17:58 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2020-03-13 17:58 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2020-03-13 17:58 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2020-03-13 17:58 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2020-03-13 17:58 - 2010-03-18 21:21 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\msdia100.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2020-03-13 17:58 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2020-03-13 17:58 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2020-03-13 17:58 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2020-03-13 17:58 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2020-03-13 17:58 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2020-03-13 17:58 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2020-03-13 17:58 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2020-03-13 17:58 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2020-03-13 17:58 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_41.dll
2020-03-13 17:58 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2020-03-13 17:58 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2020-03-13 17:58 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2020-03-13 17:58 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_40.dll
2020-03-13 17:58 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2020-03-13 17:58 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2020-03-13 17:58 - 2008-08-26 07:40 - 000162304 _____ C:\Windows\system32\libpng13.dll
2020-03-13 17:58 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2020-03-13 17:58 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2020-03-13 17:58 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2020-03-13 17:58 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_39.dll
2020-03-13 17:58 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2020-03-13 17:58 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2020-03-13 17:58 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2020-03-13 17:58 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2020-03-13 17:58 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2020-03-13 17:58 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2020-03-13 17:58 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_38.dll
2020-03-13 17:58 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2020-03-13 17:58 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2020-03-13 17:58 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2020-03-13 17:58 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2020-03-13 17:58 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2020-03-13 17:58 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_37.dll
2020-03-13 17:58 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2020-03-13 17:58 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2020-03-13 17:58 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2020-03-13 17:58 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_2.dll
2020-03-13 17:58 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2020-03-13 17:58 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_36.dll
2020-03-13 17:58 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2020-03-13 17:58 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2020-03-13 17:58 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2020-03-13 17:58 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_35.dll
2020-03-13 17:58 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2020-03-13 17:58 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2020-03-13 17:58 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2020-03-13 17:58 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_34.dll
2020-03-13 17:58 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2020-03-13 17:58 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2020-03-13 17:58 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2020-03-13 17:58 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2020-03-13 17:58 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2020-03-13 17:58 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\d3dcompiler_33.dll
2020-03-13 17:58 - 2007-02-01 23:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2020-03-13 17:58 - 2007-02-01 20:11 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2020-03-13 17:58 - 2007-01-30 23:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2020-03-13 17:58 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2020-03-13 17:58 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2020-03-13 17:58 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2020-03-13 17:58 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2020-03-13 17:58 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2020-03-13 17:58 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2020-03-13 17:58 - 2006-09-28 16:03 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2020-03-13 17:58 - 2006-08-26 01:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70u.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ITA.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70FRA.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ESP.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\mfc70DEU.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\mfc70ENU.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70KOR.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\system32\mfc70JPN.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHT.dll
2020-03-13 17:58 - 2006-08-26 01:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\mfc70CHS.dll
2020-03-13 17:58 - 2006-08-26 01:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\system32\mfc70.dll
2020-03-13 17:58 - 2006-08-26 00:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\atl70.dll
2020-03-13 17:58 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2020-03-13 17:58 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2020-03-13 17:58 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2020-03-13 17:58 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2020-03-13 17:58 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2020-03-13 17:58 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2020-03-13 17:58 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2020-03-13 17:58 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2020-03-13 17:58 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2020-03-13 17:58 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2020-03-13 17:58 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2020-03-13 17:58 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2020-03-13 17:58 - 2005-05-06 14:52 - 000103424 _____ (GNU <www.gnu.org>) C:\Windows\system32\libintl3.dll
2020-03-13 17:58 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2020-03-13 17:58 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2020-03-13 17:58 - 2005-01-20 20:25 - 000054784 _____ (Microsoft Corporation)
C:\Windows\system32\msvci70.dll
2020-03-13 17:58 - 2002-01-05 06:40 - 000487424 _____ (Microsoft Corporation) C:\Windows\system32\msvcp70.dll
2020-03-13 17:58 - 1996-01-12 04:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\system32\vb40032.dll
2020-03-13 17:57 - 2020-03-13 17:57 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-03-13 17:57 - 2020-03-13 17:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-03-13 17:53 - 2020-03-13 17:53 - 000000000 ____D C:\Users\gasto\AppData\LocalLow\Sun
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default\DotNetAobScanMemory.dll
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default User\DotNetAobScanMemory.dll
2020-03-13 16:04 - 2020-03-17 00:07 - 000000001 _____ C:\Windows\xspirit.sys
2020-03-13 16:03 - 2020-03-15 18:38 - 000000019 _____ C:\data.ini
2020-03-13 13:50 - 2020-04-07 00:54 - 000000000 ____D C:\Users\gasto\AppData\Local\CrashDumps
2020-03-13 13:15 - 2020-03-13 13:15 - 000000000 ____D C:\Users\Public\Logi
2020-03-13 13:14 - 2020-04-07 10:33 - 000000000 ____D C:\Users\gasto\AppData\Roaming\LGHUB
2020-03-13 13:14 - 2020-04-07 10:32 - 000000000 ____D C:\Users\gasto\AppData\Local\LGHUB
2020-03-13 13:12 - 2020-03-13 13:14 - 000000000 ____D C:\ProgramData\LGHUB
2020-03-13 13:12 - 2020-03-13 13:12 - 000066808 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_xlcore.sys
2020-03-13 13:12 - 2020-03-13 13:12 - 000038136 _____ (Logitech) C:\Windows\system32\Drivers\logi_joy_bus_enum.sys
2020-03-13 13:12 - 2020-03-13 13:12 - 000020624 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\logi_joy_vir_hid.sys
2020-03-13 11:06 - 2020-03-26 21:09 - 002740480 _____ (Wellbia.com Co., Ltd.) C:\Windows\xhunter1.sys
2020-03-13 11:01 - 2020-03-13 11:30 - 000001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Operation7.lnk
2020-03-13 11:01 - 2020-03-13 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Operation7
2020-03-12 21:31 - 2020-03-12 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2020-03-12 21:30 - 2020-03-27 13:05 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\ProgramData\Brother
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Program Files (x86)\BrownyInd
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Program Files (x86)\Browny02
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Program Files (x86)\Brother
2020-03-12 21:30 - 2020-03-12 21:30 - 000000000 ____D C:\Brother
2020-03-12 21:30 - 2012-12-13 22:31 - 000180224 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BROSNMP.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000113744 _____ (Brother Industries Ltd) C:\Windows\SysWOW64\BRRBTOOL.EXE
2020-03-12 21:30 - 2012-12-13 22:31 - 000077824 _____ (Brother Industries, Ltd.) C:\Windows\SysWOW64\BRLMW03A.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000045056 _____ C:\Windows\SysWOW64\BRTCPCON.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000025299 _____ (Brother Industries, Ltd) C:\Windows\SysWOW64\BRLM03A.DLL
2020-03-12 21:30 - 2012-12-13 22:31 - 000000114 _____ C:\Windows\SysWOW64\BRLMW03A.INI
2020-03-12 21:30 - 2012-12-13 22:29 - 000000050 _____ C:\Windows\system32\BRADM12A.DAT
2020-03-12 21:30 - 2012-12-13 13:00 - 000226816 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRCOM12A.DLL
==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-04-07 10:32 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-07 10:31 - 2020-03-06 11:06 - 000000134 _____ C:\Windows\system32\regtest.txt
2020-04-07 10:31 - 2020-03-06 10:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-07 10:31 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-04-07 10:30 - 2020-03-06 11:04 - 001777788 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-07 10:30 - 2019-03-19 08:59 - 000792562 _____ C:\Windows\system32\perfh00A.dat
2020-04-07 10:30 - 2019-03-19 08:59 - 000157298 _____ C:\Windows\system32\perfc00A.dat
2020-04-07 10:30 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2020-04-07 10:28 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-04-07 06:59 - 2020-03-06 10:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-04-07 00:44 - 2020-03-06 16:23 - 000000000 ____D C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2020-04-07 00:33 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-07 00:33 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2020-04-06 20:26 - 2020-03-06 11:17 - 000000000 ____D C:\Users\gasto\AppData\Local\Packages
2020-04-06 18:43 - 2020-03-06 11:15 - 000000000 ____D C:\Users\gasto
2020-04-04 07:43 - 2020-03-06 11:20 - 000000000 ____D C:\Users\gasto\AppData\Local\PlaceholderTileLogoFolder
2020-04-03 22:23 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\winrm
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\WCN
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\winrm
2020-04-03 22:22 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\WCN
2020-04-03 22:22 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-04-03 22:22 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2020-04-03 22:22 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-04-03 22:21 - 2019-03-19 09:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-04-03 22:21 - 2019-03-19 09:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-04-03 22:21 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\slmgr
2020-04-03 22:21 - 2019-03-19 08:59 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\F12
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\dsc
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-04-03 22:21 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-04-03 22:21 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\servicing
2020-04-03 22:17 - 2019-03-19 09:01 - 000000000 ____D C:\Windows\OCR
2020-04-03 20:06 - 2020-03-06 16:28 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-02 11:26 - 2020-03-06 16:19 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-04-01 21:30 - 2020-03-07 10:26 - 000000000 ____D C:\Users\gasto\AppData\Local\D3DSCache
2020-03-30 12:32 - 2020-03-06 06:47 - 000000000 ____D C:\Windows\Panther
2020-03-30 12:32 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-03-30 12:24 - 2020-03-07 00:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-03-28 00:17 - 2020-03-06 11:17 - 000000000 ____D C:\Users\gasto\AppData\Local\VirtualStore
2020-03-27 13:01 - 2020-03-07 11:00 - 000000000 ____D C:\Users\gasto\AppData\Roaming\RenewedVision
2020-03-25 11:53 - 2020-03-06 10:48 - 000295088 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\Provisioning
2020-03-25 11:52 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2020-03-25 10:06 - 2020-03-06 10:49 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-03-24 19:26 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\System
2020-03-22 20:19 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ServiceState
2020-03-22 13:04 - 2019-03-19 02:00 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2020-03-22 13:04 - 2019-03-19 02:00 - 000020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2020-03-22 13:04 - 2019-03-19 02:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2020-03-22 13:04 - 2019-03-19 02:00 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000472064 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2020-03-22 13:04 - 2019-03-19 01:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2020-03-22 13:04 - 2019-03-19 01:57 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2020-03-20 20:42 - 2020-03-06 16:21 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 20:42 - 2020-03-06 16:21 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 15:30 - 2020-03-06 16:33 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-20 15:30 - 2020-03-06 16:33 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 21:51 - 2020-03-06 16:22 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 10:17 - 2020-03-06 11:29 - 000000000 ____D C:\ProgramData\Packages
2020-03-17 11:48 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-17 11:47 - 2020-03-06 16:39 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-17 11:44 - 2020-03-07 10:00 - 000000000 ____D C:\Windows\files
2020-03-15 10:35 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\appcompat
2020-03-14 22:55 - 2020-03-06 11:17 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-14 22:55 - 2020-03-06 11:17 - 000000000 ___RD C:\Users\gasto\3D Objects
2020-03-14 22:54 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-03-14 22:54 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Dism
2020-03-14 21:30 - 2020-03-06 17:38 - 000000000 ____D C:\Windows\system32\MRT
2020-03-14 21:12 - 2020-03-06 17:38 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-08 02:56 - 2020-03-07 00:16 - 000000000 ____D C:\Users\gasto\.android
==================== Archivos en la raíz de algunos directorios ========
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default\DotNetAobScanMemory.dll
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ () C:\Users\Default\vBm09Тx40Сui来40.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ () C:\Users\Default\Уdpa34n1jy8ysro.exe
2020-03-13 16:18 - 2020-03-14 17:21 - 000013824 _____ () C:\Users\Default User\DotNetAobScanMemory.dll
2020-03-14 17:12 - 2020-03-14 17:12 - 000511488 _____ () C:\Users\Default User\vBm09Тx40Сui来40.exe
2020-03-14 17:21 - 2020-03-14 17:21 - 000511488 _____ () C:\Users\Default User\Уdpa34n1jy8ysro.exe
==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
Análisis adicional
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por gasto (07-04-2020 10:39:37)
Ejecutado desde C:\Users\gasto\Downloads
Windows 10 Home Versión 1909 18363.752 (X64) (2020-03-06 13:56:33)
Modo de Inicio: Normal
==========================================================
==================== Cuentas: =============================
Administrador (S-1-5-21-3595769944-1073380373-716707422-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3595769944-1073380373-716707422-503 - Limited - Disabled)
gasto (S-1-5-21-3595769944-1073380373-716707422-1001 - Administrator - Enabled) => C:\Users\gasto
Invitado (S-1-5-21-3595769944-1073380373-716707422-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3595769944-1073380373-716707422-504 - Limited - Disabled)
==================== Centro de Seguridad ========================
(Si una entrada es incluida en el fixlist, será eliminada.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Programas instalados ======================
(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
Apache NetBeans IDE 11.3 (HKLM\...\nbi-nb-all-11.3.0.0.2002) (Version: 11.3 - Apache NetBeans)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Bonjour (HKLM\...\{A74AB300-5777-41B7-91A2-C21875D4A483}) (Version: 2.0.0.36 - Apple Inc.)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Discord (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{3A595C95-121D-4EB0-8D57-C7A309BA6C09}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HeidiSQL 11.0.0.5934 (HKLM\...\HeidiSQL_is1) (Version: 11.0 - Ansgar Becker)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.8.0.1065 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4487026C-A32C-4FF5-858E-8DB890814949}) (Version: 17.8.0.1065 - Intel Corporation)
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Java SE Development Kit 8 Update 241 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180241}) (Version: 8.0.2410.7 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Project Professional 2019 - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Project Professional 2019 - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Visio Professional 2019 - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{4ffaf7b8-a84a-4813-840c-8b1f1343ae54}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.43.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E15F69FA-660D-45CC-B28F-6CBC4CAD2091}) (Version: 1.0.0.0 - Mojang)
MySQL Server 5.1 (HKLM\...\{BF2D5DC8-CBD0-46DD-8A2D-BAD190AC2F17}) (Version: 5.1.45 - MySQL AB)
NordVPN (HKLM-x32\...\{83E5941F-5F93-4097-81F5-79FA38FFB875}) (Version: 6.27.11 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.27.11) (Version: 6.27.11 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.5 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20242 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.143.0.24 - Overwolf Ltd.)
Paquete de controladores de Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Porofessor.gg (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.4.1 - Overwolf app)
ProPresenter 6 (HKLM-x32\...\ProPresenter 6) (Version: 6.0.4.1 - Renewed Vision)
Qualcomm USB Drivers For Windows (HKLM-x32\...\{D9FB7F91-9687-4B09-894D-072903CADEA4}) (Version: 1.00.25 - QUALCOMM Incorporated)
Servicios de impresión de Bonjour (HKLM\...\{4CE925AF-6519-4FEB-BEBD-DE2BFE2944EB}) (Version: 2.0.0.36 - Apple Inc.)
Spotify (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop versión 2.0.1 (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.0.1 - Telegram FZ-LLC)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version: - Lenovo Group Limited)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
==================== Personalizado CLSID (Lista blanca): ==============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-03-04] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Lista blanca) ====================
==================== Accesos directos & WMI ========================
(Las entradas pueden ser listadas para ser restauradas o eliminadas.)
ShortcutWithArgument: C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Escritorio Remoto de Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Módulos cargados (Lista blanca) =============
2020-03-12 21:30 - 2009-02-27 16:38 - 000139264 ____R () [Archivo no firmado] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-03-12 21:30 - 2008-08-18 18:27 - 000122880 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\brlmw03a.dll
2020-03-12 21:30 - 2012-07-13 13:09 - 000385024 ____N (Brother Industries, Ltd.) [Archivo no firmado] C:\Program Files (x86)\Browny02\BrMonitor.dll
==================== Alternate Data Streams (Lista blanca) ========
(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)
AlternateDataStreams: C:\Users\gasto\Datos de programa:7dd1e1189f9fcf05a559dccee48d89c6 [394]
AlternateDataStreams: C:\Users\gasto\AppData\Roaming:7dd1e1189f9fcf05a559dccee48d89c6 [394]
==================== Modo Seguro (Lista blanca) ==================
==================== Asociación (Lista blanca) =================
==================== Internet Explorer sitios de confianza/restringidos ==========
==================== Otras Áreas ===========================
(Actualmente no existe una corrección automática para esta sección.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\gasto\AppData\Local\Microsoft\WindowsApps;C:\adb;C:\Program Files\Java\jre1.8.0_241\bin;C:\Program Files\Java\jdk1.8.0_241\bin;
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 200.49.130.40 - 200.42.4.203
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Firewall de Windows está habilitado.
==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==
(Si una entrada es incluida en el fixlist, será eliminada.)
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-3595769944-1073380373-716707422-1001\...\StartupApproved\Run: => "NordVPN"
==================== Reglas de firewall (Lista blanca) ================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
FirewallRules: [{98BB5C6C-4706-4ACE-B24E-E299E42B727E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5625A5F4-AAD8-424C-82D5-754D487B9F0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{1A722ABC-941F-4866-973D-2E30A5092F1A}C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [UDP Query User{76AFC76E-D0EF-49CC-B7D9-798D6082B8CC}C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\propresenter.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [TCP Query User{45C789D2-4E0D-44C5-8230-8406404334AC}C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [UDP Query User{F78E3C86-B0A9-43BA-8F98-240BB36BE0A9}C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe] => (Allow) C:\program files (x86)\renewed vision\propresenter 6\cloudsyncapp.exe (Renewed Vision -> Renewed Vision LLC.) [Archivo no firmado]
FirewallRules: [TCP Query User{9C7B0B16-B4C2-4E56-AC02-AD34A7AB71E7}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{1AD731C3-7AA9-4D24-9A6E-B6588B54882F}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{3EAF057C-938E-485A-B9B4-ABAA5419A76F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5B8ED27B-3908-485F-9BFA-1A7161FF0714}] => (Allow) C:\Users\gasto\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{25A8FEC1-2320-48AC-878B-180FA6525DAE}C:\users\gasto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gasto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{84358E32-F3AF-413A-9899-46C58C3624B8}C:\users\gasto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gasto\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{728635AD-CC87-474A-A01B-2F318DF18AA1}] => (Allow) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A304CB26-7F41-4EAE-A7DB-DF9AC8DEA7CB}] => (Allow) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{523B7C40-19F2-40F1-B327-14B5C7714F6E}] => (Block) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8440E2EE-6DA7-4A8B-80CD-5F7FBCAFB14D}] => (Block) C:\Program Files (x86)\Overwolf\0.143.0.24\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{38D9CF85-2A67-4092-BB56-C7116AC00117}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{8F24A840-0EFF-4994-85BA-757E173A98F6}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
==================== Puntos de Restauración =========================
25-03-2020 19:47:20 Se ha instalado DirectX
27-03-2020 12:58:12 Eliminado Hitman Blood Money
30-03-2020 12:16:15 Microsoft Build Tools 2015
01-04-2020 21:25:12 Se ha instalado DirectX
03-04-2020 01:36:19 Installed Minecraft Launcher
05-04-2020 03:49:01 Installed Minecraft Launcher
06-04-2020 17:53:18 Removed Java(TM) SE Development Kit 14 (64-bit)
07-04-2020 00:45:35 AdwCleaner_BeforeCleaning_07/04/2020_00:45:33
07-04-2020 10:33:11 JRT Pre-Junkware Removal
==================== Dispositivos defectuosos en el Administrador de dispositivos ============
==================== Errores del registro de eventos: ========================
Errores de aplicación:
==================
Error: (04/07/2020 10:28:49 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.
Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.
Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]
Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.
Error: (04/07/2020 07:00:42 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]
Error: (04/07/2020 12:46:13 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]
Error: (04/07/2020 12:45:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Microsoft Windows Protocol Services Host.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.ComponentModel.Win32Exception
en System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean)
en System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
en System.Diagnostics.Process.OpenProcessHandle(Int32)
en System.Diagnostics.Process.set_EnableRaisingEvents(Boolean)
en ..()
en ..()
en ..()
en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
en System.Threading.ThreadHelper.ThreadStart()
Error: (04/07/2020 12:45:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Microsoft Windows Protocol Services Host.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.ComponentModel.Win32Exception
en System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean)
en System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
en System.Diagnostics.Process.OpenProcessHandle(Int32)
en System.Diagnostics.Process.set_EnableRaisingEvents(Boolean)
en ..()
en ..()
en ..()
en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
en System.Threading.ThreadHelper.ThreadStart()
Errores del sistema:
=============
Error: (04/07/2020 10:33:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (04/07/2020 10:33:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Dolby DAX API Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
Error: (04/07/2020 10:31:28 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
Error: (04/07/2020 10:31:23 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
Error: (04/07/2020 10:31:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error:
El sistema no puede encontrar el archivo especificado.
Error: (04/07/2020 10:31:04 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Error al intentar leer el archivo local de hosts.
Error: (04/07/2020 10:30:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft Office Click-to-Run Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.
Error: (04/07/2020 10:30:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio MySQL se terminó de manera inesperada. Esto ha sucedido 1 veces.
Windows Defender:
===================================
Date: 2020-04-07 10:39:33.858
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Uwasson.A!ml&threatid=251745&enterprise=0
Nombre: Program:Win32/Uwasson.A!ml
Id.: 251745
Gravedad: Media
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\Default\vBm09?x40?ui?40.exe; file:_C:\Users\Default\?dpa34n1jy8ysro.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-8P86LC0\gasto
Nombre de proceso: C:\Users\gasto\Downloads\FRST64.exe
Versión de inteligencia de seguridad: AV: 1.313.937.0, AS: 1.313.937.0, NIS: 1.313.937.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-07 10:39:33.582
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Uwasson.A!ml&threatid=251745&enterprise=0
Nombre: Program:Win32/Uwasson.A!ml
Id.: 251745
Gravedad: Media
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\Default\vBm09?x40?ui?40.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-8P86LC0\gasto
Nombre de proceso: C:\Users\gasto\Downloads\FRST64.exe
Versión de inteligencia de seguridad: AV: 1.313.937.0, AS: 1.313.937.0, NIS: 1.313.937.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-07 00:48:01.227
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Windows\Program Files (x86)\Microsoft Host Interface\Data\Microsoft Windows Protocol Services Host.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.313.917.0, AS: 1.313.917.0, NIS: 1.313.917.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-07 00:48:00.801
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Startup.lnk; file:_C:\Windows\Program Files (x86)\Microsoft Host Interface\gScrape\Microsoft Windows Protocol Services Host.exe; startup:_C:\Users\gasto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Startup.lnk
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-8P86LC0\gasto
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.313.917.0, AS: 1.313.917.0, NIS: 1.313.917.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
Date: 2020-04-07 00:48:00.799
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Windows\Program Files (x86)\Microsoft Host Interface\Data\Microsoft Windows Protocol Services Host.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.313.917.0, AS: 1.313.917.0, NIS: 1.313.917.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4
CodeIntegrity:
===================================
Date: 2020-04-07 10:35:35.888
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-07 10:35:35.884
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-07 10:32:08.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-07 10:32:08.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-07 10:28:57.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-07 10:28:57.445
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-07 10:28:56.859
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-07 10:28:56.857
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Información de la memoria ===========================
BIOS: LENOVO 7SCN34WW 06/10/2019
Placa base: LENOVO LNVNB161216
Procesador: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Porcentaje de memoria en uso: 23%
RAM física total: 12193.22 MB
RAM física disponible: 9346.32 MB
Virtual total: 14049.22 MB
Virtual disponible: 11322.79 MB
==================== Unidades ================================
Drive c: () (Fixed) (Total:899.97 GB) (Free:813.06 GB) NTFS
Drive d: (Backups) (Fixed) (Total:30.91 GB) (Free:21.16 GB) NTFS
\\?\Volume{85aae850-82b3-4f37-875c-e8082f67cc7f}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{c3e906f8-e4d4-48f9-a301-8c827cfab93f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Tabla de particiones ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A16901E7)
Partition: GPT.
==================== Final de Addition.txt =======================
SINCERAMENTE LES AGRADEZCO MUCHISIMO
Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :
-
Para hacerlo descarga DelFix.exe(en tu escritorio).
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
-
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.
- Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
AlternateDataStreams: C:\Users\gasto\Datos de programa:7dd1e1189f9fcf05a559dccee48d89c6 [394]
AlternateDataStreams: C:\Users\gasto\AppData\Roaming:7dd1e1189f9fcf05a559dccee48d89c6 [394]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
2020-03-13 17:58 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.
Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.
Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.
-
Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
-
Presionar el botón FIX/Corregir y aguardar a que termine.
-
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).
Pegar el contenido de este fichero en tu próxima respuesta.
Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.
Saludos.
Hola de nuevo, muchísimas gracias por su asesoramiento sinceramente ya no me arrojo ningun error mas y anda mucho mas rápida y ágil
Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por gasto (07-04-2020 16:21:49) Run:1
Ejecutado desde C:\Users\gasto\OneDrive\Escritorio
Perfiles cargados: gasto (Perfiles disponibles: gasto)
Modo de Inicio: Normal
==============================================
fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
AlternateDataStreams: C:\Users\gasto\Datos de programa:7dd1e1189f9fcf05a559dccee48d89c6 [394]
AlternateDataStreams: C:\Users\gasto\AppData\Roaming:7dd1e1189f9fcf05a559dccee48d89c6 [394]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
2020-03-13 17:58 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************
El punto de restauración fue creado correctamente.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\###MegaContextMenuExt => eliminado correctamente
C:\Users\gasto\Datos de programa => ":7dd1e1189f9fcf05a559dccee48d89c6" ADS eliminado correctamente
"C:\Users\gasto\AppData\Roaming" => ":7dd1e1189f9fcf05a559dccee48d89c6" ADS no encontrado.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\System\CurrentControlSet\Services\MBAMChameleon => eliminado correctamente
MBAMChameleon => servicio eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => no encontrado
MBAMChameleon => servicio no encontrado.
C:\Windows\system32\autoitx3.dll => movido correctamente
Hosts restaurado correctamente.
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-3595769944-1073380373-716707422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-3595769944-1073380373-716707422-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
========= Final de RemoveProxy: =========
========= netsh winsock reset =========
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
========= Final de CMD: =========
========= ipconfig /renew =========
Configuraci¢n IP de Windows
No se puede realizar ninguna operaci¢n en Ethernet 3 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
Adaptador de Ethernet Ethernet 3:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Conexi¢n de rea local* 1:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de Ethernet Ethernet:
Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Adaptador de LAN inal mbrica Wi-Fi:
Sufijo DNS espec¡fico para la conexi¢n. . : fibertel.com.ar
V¡nculo: direcci¢n IPv6 local. . . : fe80::a177:7e06:625b:1ef1%12
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.9
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Puerta de enlace predeterminada . . . . . : 192.168.0.1
========= Final de CMD: =========
========= ipconfig /flushdns =========
Configuraci¢n IP de Windows
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
========= Final de CMD: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.
Unable to cancel {51CF1C4C-F4C1-4339-B66E-2ADF40F569A0}.
Unable to cancel {52AE1652-C362-425A-A618-D501A9752004}.
{C3925DA5-B057-4415-A158-045AC53EE31E} canceled.
1 out of 3 jobs canceled.
========= Final de CMD: =========
========= netsh advfirewall reset =========
Aceptar
========= Final de CMD: =========
========= netsh advfirewall set allprofiles state ON =========
Aceptar
========= Final de CMD: =========
========= netsh int ipv4 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
========= netsh int ipv6 reset =========
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
========= Final de CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11815433 B
Java, Flash, Steam htmlcache => 49208719 B
Windows/system/drivers => 7760571 B
Edge => 9919198 B
Chrome => 113731352 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 0 B
LocalService => 23462 B
NetworkService => 34074 B
gasto => 221797323 B
RecycleBin => 0 B
EmptyTemp: => 403.9 MB datos temporales eliminados.
================================
El sistema necesita reiniciarse.
==== Final de Fixlog 16:22:40 ====
Perfecto @Gaston_Ferrari excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.
Para hacerlo descarga DelFix.exe en tu escritorio.
-
Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
-
Marca todas las casillas, y pulsas en Run
Se abrirá el informe (DelFix.txt), puedes cerrarlo.
Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.
Tema Solucionado.
Saludos, Javier.