[code] Malwarebytes www.malwarebytes.com -Detalles del registro- Fecha del análisis: 13/5/20 Hora del análisis: 0:17 Archivo de registro: fd48bece-94d8-11ea-9b34-0c9d92becb31.json -Información del software- Versión: 4.1.0.56 Versión de los componentes: 1.0.896 Versión del paquete de actualización: 1.0.23742 Licencia: Prueba -Información del sistema- SO: Windows 10 (Build 18362.778) CPU: x64 Sistema de archivos: NTFS Usuario: DESKTOP-L2H56T0\USUARIO -Resumen del análisis- Tipo de análisis: Análisis de amenazas Análisis iniciado por:: Manual Resultado: Completado Objetos analizados: 318781 Amenazas detectadas: 14 Amenazas en cuarentena: 14 Tiempo transcurrido: 0 min, 32 seg -Opciones de análisis- Memoria: Activado Inicio: Activado Sistema de archivos: Activado Archivo: Activado Rootkits: Desactivado Heurística: Activado PUP: Detectar PUM: Detectar -Detalles del análisis- Proceso: 0 (No hay elementos maliciosos detectados) Módulo: 0 (No hay elementos maliciosos detectados) Clave del registro: 0 (No hay elementos maliciosos detectados) Valor del registro: 0 (No hay elementos maliciosos detectados) Datos del registro: 0 (No hay elementos maliciosos detectados) Secuencia de datos: 0 (No hay elementos maliciosos detectados) Carpeta: 2 Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 295, 454748, , , , Archivo: 12 PUP.Optional.OpenCandy.UPX, C:\USERS\USUARIO\APPDATA\ROAMING\BITTORRENT\UPDATES\7.10.5_45312.EXE, En cuarentena, 7806, 723385, 1.0.23742, , ame, Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000388.ldb, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000390.log, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000391.ldb, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 295, 454748, , , , Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 295, 454748, 1.0.23742, , ame, Adware.Elex.ShrtCln, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 295, 454748, 1.0.23742, , ame, Sector físico: 0 (No hay elementos maliciosos detectados) WMI: 0 (No hay elementos maliciosos detectados) (end) [/code] [code] # ------------------------------- # Malwarebytes AdwCleaner 8.0.4.0 # ------------------------------- # Build: 04-03-2020 # Database: 2020-04-03.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 05-13-2020 # Duration: 00:00:00 # OS: Windows 10 Pro # Cleaned: 0 # Failed: 1 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** Not Deleted ifohbjbgfchkkfhphahclmkpgejiplfo ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2719 octets] - [10/05/2020 04:35:21] AdwCleaner[C00].txt - [2611 octets] - [10/05/2020 04:35:44] AdwCleaner[S01].txt - [1555 octets] - [13/05/2020 00:21:07] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## [/code] [code] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 10 Enterprise x64 Ran by USUARIO (Administrator) on 13/05/2020 at 0:27:18.64 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13/05/2020 at 0:32:21.14 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [/code] [code] Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 11-05-2020 Ejecutado por USUARIO (administrador) sobre DESKTOP-L2H56T0 (13-05-2020 00:34:01) Ejecutado desde C:\Users\USUARIO\Desktop Perfiles cargados: USUARIO Platform: Windows 10 Pro Versión 1903 18362.778 (X64) Idioma: Español (México) Navegador predeterminado: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1" Modo de Inicio: Normal Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Procesos (Lista blanca) ================= (Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atiesrxx.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <16> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (philandro Software GmbH -> ) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe ==================== Registro (Lista blanca) =================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [776136 2018-08-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-01-04] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [62620472 2020-04-25] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> ) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\Run: [Discord] => C:\Users\USUARIO\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1979048 2020-05-12] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1979048 2020-05-12] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\MountPoints2: {4444a1e7-d69f-11e9-959d-0c9d92becb31} - "D:\setup.exe" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\MountPoints2: {4444a8e8-d69f-11e9-959d-0c9d92becb31} - "F:\setup.exe" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> ) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\Run: [Discord] => C:\Users\USUARIO\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1979048 2020-05-12] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1979048 2020-05-12] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\MountPoints2: {4444a1e7-d69f-11e9-959d-0c9d92becb31} - "D:\setup.exe" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\MountPoints2: {4444a8e8-d69f-11e9-959d-0c9d92becb31} - "F:\setup.exe" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> ) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\Run: [Discord] => C:\Users\USUARIO\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1979048 2020-05-12] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [1979048 2020-05-12] (Brave Software, Inc. -> Brave Software, Inc.) HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\MountPoints2: {4444a1e7-d69f-11e9-959d-0c9d92becb31} - "D:\setup.exe" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\MountPoints2: {4444a8e8-d69f-11e9-959d-0c9d92becb31} - "F:\setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\81.1.8.96\Installer\chrmstp.exe [2020-05-12] (Brave Software, Inc.) [Archivo no firmado] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2019-09-13] ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) ==================== Tareas programadas (Lista blanca) ============ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) Task: {1D1D32F7-464D-410F-894A-A96395416AD4} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {25BA0162-F298-4FBF-9AAF-37237C7B96D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation) Task: {3105BE28-7DBB-4280-ABC7-244BA9922672} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6122400 2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {433F92F4-0983-41C5-BF9A-B09617CAA971} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171344 2020-05-09] (Microsoft Corporation -> Microsoft Corporation) Task: {52575F1D-608E-4A00-9AB2-CD2CB2E61AAC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {5C0132CA-F769-4E9F-A006-F012AA3695FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6122400 2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Task: {6660EFE3-676B-4932-ADDB-C820DA0B4BCD} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {6EBB94E9-45D6-4165-823B-9533BA68901C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171344 2020-05-09] (Microsoft Corporation -> Microsoft Corporation) Task: {792D8E6B-D20A-4E16-AA9F-934EB86781FA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation) Task: {98E8543E-D1F6-4FA1-B363-006D7180DA55} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-05] (Google Inc -> Google LLC) Task: {A144F972-1734-4912-9ADE-AFE9CD36D20F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {B8F628E1-0653-40DA-A9D7-33F74B703F5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-05] (Google Inc -> Google LLC) Task: {C36546FF-3912-472E-A100-619590AB1727} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [837344 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {DA3D25EA-505E-4D96-A358-49C5CDB173B2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {ED080C23-53F6-424B-8B53-0C0D049483F0} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {F1780869-8A49-4393-9A63-6725E6AD1DB5} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-01] (Advanced Micro Devices, Inc.) [Archivo no firmado] Task: {F76287AE-1114-4A46-860B-D069B44DD480} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-04-01] (Advanced Micro Devices, Inc.) [Archivo no firmado] Task: {FE2CC53D-067A-4CCC-84DC-CFC10C473DAC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) (Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.) ==================== Internet (Lista blanca) ==================== (Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{88446632-714f-4baa-b45e-1df3e5f5ac07}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{a1e3c260-9511-427b-aac6-72c5dbe7a92b}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-16] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-05-01] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-03-07] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-03-07] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default [2020-05-13] CHR HomePage: Default -> hxxps://www.google.com.co/ CHR NewTab: Default -> "active": true, "entry": "chrome-extension://nndegnhfodohkemfnmalamgebofbgjcc/newtab.html" CHR Extension: (Presentaciones) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-05] CHR Extension: (Documentos) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-05] CHR Extension: (Google Drive) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-05] CHR Extension: (YouTube) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-05] CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-08] CHR Extension: (Adblock para Youtube™) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-05-06] CHR Extension: (Adobe Acrobat) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-19] CHR Extension: (Floating Player) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekajjllcmeckibblgckgoceinmmgnfop [2019-10-12] CHR Extension: (Hojas de cálculo) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-05] CHR Extension: (Documentos de Google sin conexión) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-10] CHR Extension: (FINDFLIX - Netflix recommendations) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlcghhoipahfflceodiejjljgbolbldo [2020-04-01] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (New New Tab Page) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nndegnhfodohkemfnmalamgebofbgjcc [2019-09-28] CHR Extension: (Cortar vídeo) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2019-12-06] CHR Extension: (Netflix Party) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2020-04-17] CHR Extension: (Gmail) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-05] CHR Extension: (Chrome Media Router) - C:\Users\USUARIO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22] CHR HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Servicios (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atiesrxx.exe [524512 2020-04-02] (Advanced Micro Devices, Inc. -> AMD) R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3025872 2019-11-29] (philandro Software GmbH -> ) S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [1087736 2020-05-13] (ASUSTeK Computer Inc. -> ) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-05-11] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-07] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-03-07] (Brave Software, Inc. -> BraveSoftware Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-30] (Microsoft Corporation -> Microsoft Corporation) R2 GameInput; C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe [48776 2020-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe [46008 2020-04-17] (Microsoft Corporation -> Microsoft Corporation) R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [46008 2020-04-17] (Microsoft Corporation -> Microsoft Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-05-13] (Malwarebytes Inc -> Malwarebytes) R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [776136 2018-08-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-15] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation) S3 EasyAntiCheat; "C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe" [X] S3 IBG_gds_db; C:\Program Files (x86)\Embarcadero\Studio\20.0\InterBase2017\bin\ibguard.exe -i "C:\Program Files (x86)\Embarcadero\Studio\20.0\InterBase2017" -p gds_db S3 IBS_gds_db; C:\Program Files (x86)\Embarcadero\Studio\20.0\InterBase2017\bin\ibserver.exe -i "C:\Program Files (x86)\Embarcadero\Studio\20.0\InterBase2017" -p gds_db ===================== Controladores (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atikmdag.sys [65752288 2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\u0353575.inf_amd64_8e19095ae833d985\B353558\atikmpag.sys [592096 2020-04-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [103456 2019-05-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-07-20] (ASUSTeK Computer Inc. -> ) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [108152 2019-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2019-09-16] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47672 2019-09-16] (Disc Soft Ltd -> Disc Soft Ltd) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-05-13] (Malwarebytes Corporation -> Malwarebytes) R3 gameflt; C:\Windows\System32\DriverStore\FileRepository\gameflt.inf_amd64_158653e0522d616e\gameflt.sys [71000 2020-04-17] (Microsoft Windows -> Microsoft Corporation) S0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [1017008 2019-01-04] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-05-13] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-05-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-05-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-05-13] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [125088 2020-05-13] (Malwarebytes Inc -> Malwarebytes) S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-30] () [Archivo no firmado] S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [45960 2020-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [394680 2020-04-30] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64944 2020-04-30] (Microsoft Windows -> Microsoft Corporation) R3 Xvdd; C:\Windows\System32\DriverStore\FileRepository\xvdd.inf_amd64_7c3edb5ea11185bb\xvdd.sys [497000 2020-04-17] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Lista blanca) =================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) ==================== Un mes (creado) =================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-05-13 00:34 - 2020-05-13 00:34 - 000027687 _____ C:\Users\USUARIO\Desktop\FRST.txt 2020-05-13 00:32 - 2020-05-13 00:32 - 000000555 _____ C:\Users\USUARIO\Desktop\JRT.txt 2020-05-13 00:22 - 2020-05-13 00:31 - 000000000 ____D C:\Users\USUARIO\AppData\LocalLow\IGDump 2020-05-13 00:22 - 2020-05-13 00:22 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2020-05-13 00:22 - 2020-05-13 00:22 - 000125088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2020-05-13 00:22 - 2020-05-13 00:22 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2020-05-13 00:22 - 2020-05-13 00:22 - 000001725 _____ C:\Users\USUARIO\Desktop\AdwCleaner[C01].txt 2020-05-13 00:21 - 2020-05-13 00:21 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-05-13 00:19 - 2020-05-13 00:19 - 000003506 _____ C:\Users\USUARIO\Desktop\1.txt 2020-05-13 00:15 - 2020-05-13 00:15 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-05-13 00:15 - 2020-05-13 00:15 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-05-13 00:15 - 2020-05-13 00:15 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-05-13 00:14 - 2020-05-13 00:14 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-05-13 00:14 - 2020-05-13 00:14 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2020-05-13 00:13 - 2020-05-13 00:13 - 000000000 ____D C:\Program Files\Malwarebytes 2020-05-13 00:05 - 2020-05-13 00:05 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-05-13 00:05 - 2020-05-13 00:05 - 000002892 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-05-13 00:05 - 2020-05-13 00:05 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-05-13 00:05 - 2020-05-13 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-05-13 00:05 - 2020-05-13 00:05 - 000000000 ____D C:\Program Files\CCleaner 2020-05-13 00:01 - 2020-05-13 00:01 - 002285568 _____ (Farbar) C:\Users\USUARIO\Desktop\FRST64.exe 2020-05-13 00:00 - 2020-05-13 00:01 - 008196784 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\adwcleaner_8.0.4.exe 2020-05-13 00:00 - 2020-05-13 00:00 - 022267336 _____ (Piriform Software Ltd) C:\Users\USUARIO\Desktop\ccsetup565.exe 2020-05-13 00:00 - 2020-05-13 00:00 - 001980016 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\MBSetup.exe 2020-05-12 23:58 - 2020-05-12 23:58 - 001790024 _____ (Malwarebytes) C:\Users\USUARIO\Desktop\JRT.exe 2020-05-12 23:47 - 2020-05-12 23:48 - 000003386 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2393571388-1983671470-4249746595-1008 2020-05-12 22:48 - 2020-05-12 22:48 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\EasyAntiCheat 2020-05-12 22:26 - 2020-05-12 22:26 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput 2020-05-11 22:01 - 2020-05-11 22:02 - 044081152 _____ C:\Users\USUARIO\Downloads\EpicInstaller-10.15.2-fortnite-3096f2f0d86449dc81bb22afd5a2e8cb.msi 2020-05-10 05:20 - 2020-05-10 05:20 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe 2020-05-10 05:15 - 2020-05-10 05:21 - 000000000 ____D C:\ProgramData\HitmanPro 2020-05-10 05:09 - 2020-05-10 05:09 - 000000255 _____ C:\DelFix.txt 2020-05-10 05:09 - 2020-05-10 05:09 - 000000000 ____D C:\Windows\ERUNT 2020-05-10 04:45 - 2020-05-13 00:34 - 000000000 ____D C:\FRST 2020-05-10 04:34 - 2020-05-10 04:35 - 000000000 ____D C:\AdwCleaner 2020-05-10 04:27 - 2020-05-10 04:27 - 000000000 ____D C:\Users\USUARIO\AppData\Local\mbamtray 2020-05-10 04:27 - 2020-05-10 04:27 - 000000000 ____D C:\Users\USUARIO\AppData\Local\mbam 2020-05-10 04:27 - 2020-05-10 04:27 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-05-08 23:16 - 2020-05-08 23:17 - 000000000 _____ C:\Recovery.txt 2020-05-07 23:08 - 2020-05-08 01:52 - 000000000 ____D C:\ESD 2020-05-07 23:07 - 2020-05-07 23:07 - 000000000 ___HD C:\$Windows.~WS 2020-05-04 18:03 - 2020-05-04 18:03 - 000000512 _____ C:\Users\USUARIO\.bash_history 2020-05-04 17:31 - 2020-05-04 17:32 - 000000000 ____D C:\adb 2020-05-04 17:21 - 2020-05-04 17:21 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Android Open Source Project 2020-05-04 17:11 - 2020-05-04 17:12 - 000000000 ____D C:\gradle 2020-05-04 16:23 - 2020-05-04 16:23 - 000000016 _____ C:\Users\USUARIO\.emulator_console_auth_token 2020-05-04 16:22 - 2020-05-04 17:18 - 000000000 ____D C:\Users\USUARIO\.gradle 2020-05-04 15:08 - 2020-05-12 21:51 - 000000000 ____D C:\Users\USUARIO\.ionic 2020-05-04 15:08 - 2020-05-04 15:08 - 000000000 ____D C:\Users\USUARIO\AppData\Local\insight-nodejs 2020-05-04 14:45 - 2020-05-04 14:45 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\vscode-cordova 2020-05-04 09:17 - 2019-12-26 15:40 - 000190464 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelHaxm.sys 2020-05-04 09:05 - 2020-05-04 09:05 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Android 2020-05-04 09:04 - 2020-05-04 09:04 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Google 2020-05-04 09:03 - 2020-05-04 09:03 - 000000000 ____D C:\Users\USUARIO\.AndroidStudio3.6 2020-05-04 09:03 - 2020-05-04 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio 2020-05-04 09:03 - 2020-05-04 09:03 - 000000000 ____D C:\Program Files\Android 2020-05-04 07:51 - 2020-05-04 07:52 - 000000000 ____D C:\java 2020-05-02 14:43 - 2020-05-02 14:43 - 002525834 _____ C:\Users\USUARIO\Downloads\Presentación Anteproyecto Audio (3).pptx 2020-04-30 15:15 - 2020-04-30 15:15 - 000000000 ____D C:\Program Files\RedHat 2020-04-30 14:59 - 2020-04-30 14:59 - 000000000 ____D C:\Users\USUARIO\.tooling 2020-04-30 14:55 - 2020-04-30 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN 2020-04-30 14:55 - 2020-04-30 14:55 - 000000000 ____D C:\Program Files\TortoiseSVN 2020-04-30 14:55 - 2020-04-30 14:55 - 000000000 ____D C:\Program Files\Common Files\TortoiseOverlays 2020-04-30 13:01 - 2020-04-30 13:01 - 000019409 _____ C:\Users\USUARIO\Downloads\devschile-admins (1).xlsx 2020-04-30 12:48 - 2020-04-30 12:48 - 000015128 _____ C:\Users\USUARIO\Downloads\devschile-admins.xlsx 2020-04-30 12:25 - 2020-04-30 12:25 - 000015121 _____ C:\Users\USUARIO\Downloads\SheetJSTableExport (1).xlsx 2020-04-30 12:21 - 2020-04-30 12:21 - 000000000 ____D C:\Users\USUARIO\Documents\Grabaciones de sonido 2020-04-30 12:16 - 2020-04-30 12:16 - 000015098 _____ C:\Users\USUARIO\Downloads\SheetJSTableExport.xlsx 2020-04-29 02:29 - 2020-04-29 02:29 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Speech Graphics 2020-04-27 15:27 - 2020-04-27 15:27 - 000000000 ____D C:\Users\USUARIO\AppData\Local\DBG 2020-04-27 15:27 - 2020-04-27 15:27 - 000000000 ____D C:\Users\USUARIO\AppData\Local\CrashReportClient 2020-04-25 19:36 - 2020-05-13 00:24 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\discord 2020-04-25 19:36 - 2020-04-25 19:36 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2020-04-25 19:36 - 2020-04-25 19:36 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Discord 2020-04-25 19:36 - 2020-04-25 19:36 - 000000000 ____D C:\ProgramData\SquirrelMachineInstalls 2020-04-24 16:17 - 2020-04-24 16:17 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Brave 2020-04-21 08:43 - 2020-04-26 07:44 - 000000000 ___HD C:\REPORTES 2020-04-19 18:20 - 2020-04-19 18:25 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Riot Games 2020-04-19 12:23 - 2020-04-19 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software 2020-04-19 12:23 - 2020-04-19 12:23 - 000000000 ____D C:\Program Files (x86)\AMD 2020-04-19 02:25 - 2020-04-02 04:45 - 001784744 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2020-04-19 02:25 - 2020-04-02 04:45 - 001784744 _____ C:\Windows\system32\vulkaninfo.exe 2020-04-19 02:25 - 2020-04-02 04:44 - 001375144 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-04-19 02:25 - 2020-04-02 04:44 - 001375144 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2020-04-19 02:25 - 2020-04-02 04:44 - 001086184 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 001086184 _____ C:\Windows\system32\vulkan-1.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000945032 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000945032 _____ C:\Windows\SysWOW64\vulkan-1.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000574888 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000493992 _____ C:\Windows\system32\dgtrayicon.exe 2020-04-19 02:25 - 2020-04-02 04:44 - 000491944 _____ C:\Windows\system32\GameManager64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000485800 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000428968 _____ C:\Windows\system32\EEURestart.exe 2020-04-19 02:25 - 2020-04-02 04:44 - 000374696 _____ C:\Windows\SysWOW64\GameManager32.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000344800 _____ C:\Windows\system32\clinfo.exe 2020-04-19 02:25 - 2020-04-02 04:44 - 000184744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000163240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000159456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000153512 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000138664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000136416 _____ (AMD) C:\Windows\system32\atimuixx.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000136416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000091560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mcl64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000076200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mcl32.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000047528 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000044456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000020408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll 2020-04-19 02:25 - 2020-04-02 04:44 - 000020408 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll 2020-04-19 02:25 - 2020-04-02 04:42 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll 2020-04-19 02:25 - 2020-04-02 04:42 - 000108056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll 2020-04-19 02:25 - 2020-04-01 14:20 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap 2020-04-19 02:25 - 2020-04-01 14:20 - 003437632 _____ C:\Windows\system32\atiumd6a.cap 2020-04-19 02:24 - 2020-04-02 04:44 - 000761056 _____ (AMD) C:\Windows\system32\atieclxx.exe 2020-04-19 02:24 - 2020-04-02 04:44 - 000451808 _____ C:\Windows\system32\atieah64.exe 2020-04-19 02:24 - 2020-04-02 04:44 - 000345824 _____ C:\Windows\SysWOW64\atieah32.exe 2020-04-19 02:24 - 2020-04-02 04:44 - 000241888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll 2020-04-19 02:24 - 2020-04-02 04:44 - 000209120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll 2020-04-19 02:24 - 2020-04-02 04:44 - 000124840 _____ C:\Windows\system32\atidxx64.dll 2020-04-19 02:24 - 2020-04-02 04:44 - 000107432 _____ C:\Windows\SysWOW64\atidxx32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 078651840 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdhip64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 062867880 _____ C:\Windows\system32\amd_comgr.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 052403624 _____ C:\Windows\SysWOW64\amd_comgr32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 004585896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 004095400 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 001243560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 001243560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000941992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000769448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000554408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000484776 _____ C:\Windows\system32\amdgfxinfo64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000469416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000467368 _____ C:\Windows\system32\amdlogum.exe 2020-04-19 02:24 - 2020-04-02 04:43 - 000384424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000374184 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000179080 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000167720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000158432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000135592 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000121792 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000121256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000106408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll 2020-04-19 02:24 - 2020-04-02 04:43 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 001686840 _____ (AMD) C:\Windows\system32\amf-mft-mjpeg-decoder64.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 001366192 _____ (AMD) C:\Windows\SysWOW64\amf-mft-mjpeg-decoder32.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 000546544 _____ C:\Windows\system32\amdmiracast.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 000135160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 000120072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll 2020-04-19 02:24 - 2020-04-02 04:42 - 000108048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll 2020-04-19 02:24 - 2020-04-01 14:15 - 000543168 _____ C:\Windows\SysWOW64\atiapfxx.blb 2020-04-19 02:24 - 2020-04-01 14:15 - 000543168 _____ C:\Windows\system32\atiapfxx.blb 2020-04-18 16:57 - 2020-04-17 23:39 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll 2020-04-18 16:57 - 2020-04-07 06:55 - 000169408 _____ (Microsoft Corporation) C:\Windows\system32\GameInput.dll 2020-04-18 16:57 - 2020-04-07 04:55 - 000138168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInput.dll 2020-04-16 00:58 - 2020-04-16 00:58 - 000000991 _____ C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Launcher.lnk 2020-04-15 12:16 - 2020-04-15 12:16 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 022636544 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 019812864 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 018027520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 014818816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 007017472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 006523048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 004129624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 003753472 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 002800128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys 2020-04-15 12:16 - 2020-04-15 12:16 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 002188600 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 001495864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001151816 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001077064 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000785920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000673704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2020-04-15 12:16 - 2020-04-15 12:16 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000491008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl 2020-04-15 12:16 - 2020-04-15 12:16 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys 2020-04-15 12:16 - 2020-04-15 12:16 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000277864 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000211256 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000123952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000089336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys 2020-04-15 12:16 - 2020-04-15 12:16 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000066624 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000050544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe 2020-04-15 12:16 - 2020-04-15 12:16 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin 2020-04-15 12:16 - 2020-04-15 12:16 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin 2020-04-15 12:15 - 2020-04-15 12:15 - 017790464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 004563200 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 003980800 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 003802624 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 003729408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 003587384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 002767928 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 002126144 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 002086656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001999960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001942528 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001762816 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2020-04-15 12:15 - 2020-04-15 12:15 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001413704 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 001011200 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000915192 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000879616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000589384 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2020-04-15 12:15 - 2020-04-15 12:15 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000416016 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000152408 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000142544 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000127280 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000058880 _____ C:\Windows\system32\runexehelper.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys 2020-04-15 12:15 - 2020-04-15 12:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe 2020-04-15 12:15 - 2020-04-15 12:15 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2020-04-15 12:15 - 2020-04-15 12:15 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2020-04-15 12:11 - 2020-03-16 22:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2020-04-15 12:11 - 2020-03-16 22:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2020-04-14 11:17 - 2020-04-14 11:17 - 000689505 _____ C:\Users\USUARIO\Documents\1.oxps ==================== Un mes (modificado) ================== (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.) 2020-05-13 00:26 - 2019-08-13 14:48 - 001771144 _____ C:\Windows\system32\PerfStringBackup.INI 2020-05-13 00:26 - 2019-03-19 06:49 - 000784334 _____ C:\Windows\system32\perfh00A.dat 2020-05-13 00:26 - 2019-03-19 06:49 - 000153302 _____ C:\Windows\system32\perfc00A.dat 2020-05-13 00:26 - 2019-03-18 23:50 - 000000000 ____D C:\Windows\INF 2020-05-13 00:22 - 2019-08-30 09:55 - 000003116 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2020-05-13 00:22 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-05-13 00:21 - 2019-08-30 09:55 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2020-05-13 00:21 - 2019-08-30 09:52 - 001125768 _____ C:\Windows\system32\wpbbin.exe 2020-05-13 00:21 - 2019-08-30 09:52 - 001087736 _____ C:\Windows\system32\AsusUpdateCheck.exe 2020-05-13 00:21 - 2019-08-13 14:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-05-13 00:21 - 2019-03-18 23:37 - 000786432 _____ C:\Windows\system32\config\BBI 2020-05-13 00:19 - 2019-10-25 10:00 - 000000000 ____D C:\Users\USUARIO\AppData\Local\TSVNCache 2020-05-13 00:18 - 2019-08-13 14:47 - 000000000 ____D C:\Users\USUARIO 2020-05-13 00:14 - 2019-03-18 23:52 - 000000000 ___HD C:\Windows\ELAMBKUP 2020-05-13 00:10 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\AppReadiness 2020-05-13 00:06 - 2019-08-21 10:26 - 000000000 ____D C:\Windows\system32\MRT 2020-05-13 00:06 - 2019-03-18 23:37 - 000000000 ____D C:\Windows\CbsTemp 2020-05-13 00:04 - 2019-08-21 10:26 - 120636720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-05-12 23:46 - 2019-08-13 14:48 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-05-12 22:25 - 2019-10-19 06:01 - 000000000 ____D C:\Users\USUARIO\.atom 2020-05-12 22:25 - 2019-09-06 21:14 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Code 2020-05-12 20:41 - 2019-09-06 21:12 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\WhatsApp 2020-05-12 19:20 - 2019-09-05 19:14 - 000004224 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{E24CEFA1-A125-4F9F-9E52-EF6348786D32} 2020-05-12 18:43 - 2019-08-13 14:48 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Packages 2020-05-12 15:54 - 2020-03-07 06:48 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2020-05-12 12:48 - 2019-08-13 14:42 - 000000000 ____D C:\Windows\system32\SleepStudy 2020-05-12 06:27 - 2019-11-21 10:18 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\npm-cache 2020-05-12 00:12 - 2020-03-18 07:29 - 000000000 ____D C:\Users\USUARIO\.android 2020-05-11 21:34 - 2020-03-24 06:41 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Postman 2020-05-11 21:16 - 2019-09-08 16:01 - 000000000 ____D C:\Windows\system32\appmgmt 2020-05-11 04:58 - 2019-10-25 08:47 - 000000000 ____D C:\ProgramData\Embarcadero 2020-05-11 04:57 - 2019-10-25 08:47 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Embarcadero 2020-05-10 18:28 - 2019-12-01 07:49 - 000000000 ___SH C:\Users\Public\Shared Files 2020-05-10 13:00 - 2019-08-13 14:50 - 000003384 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2393571388-1983671470-4249746595-1001 2020-05-10 13:00 - 2019-08-13 14:50 - 000000000 ___RD C:\Users\USUARIO\OneDrive 2020-05-10 13:00 - 2019-08-13 14:47 - 000002373 _____ C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-05-10 05:12 - 2019-11-06 20:07 - 000000000 ____D C:\Users\USUARIO\AppData\LocalLow\Temp 2020-05-10 04:35 - 2020-04-11 17:22 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Lavasoft 2020-05-10 04:31 - 2019-08-13 14:42 - 000461208 _____ C:\Windows\system32\FNTCACHE.DAT 2020-05-10 04:30 - 2019-09-08 11:36 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\BitTorrent 2020-05-10 04:23 - 2019-09-06 21:10 - 000000000 ____D C:\Users\USUARIO\Documents\kevin 2020-05-10 04:19 - 2020-02-12 08:11 - 000000000 ____D C:\Users\USUARIO\AppData\Local\CrashDumps 2020-05-10 04:19 - 2019-08-13 15:41 - 000000000 ____D C:\Windows\Panther 2020-05-09 19:30 - 2020-03-02 20:18 - 000030452 _____ C:\Users\USUARIO\Desktop\Libro.xlsx 2020-05-09 13:06 - 2019-08-13 14:52 - 000000000 ____D C:\Program Files\Microsoft Office 2020-05-08 23:35 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-05-08 23:34 - 2020-04-12 03:24 - 000000000 ____D C:\Users\USUARIO\Desktop\MU ARGENTO SEASON6 EP.3 2020-05-08 22:55 - 2019-08-13 15:01 - 000000000 ____D C:\Users\USUARIO\AppData\Local\D3DSCache 2020-05-08 22:23 - 2019-08-13 14:56 - 000000000 ____D C:\Program Files\Intel 2020-05-08 20:23 - 2019-09-08 19:16 - 000000000 ____D C:\Users\USUARIO\AppData\Local\WhatsApp 2020-05-08 17:01 - 2019-09-06 21:13 - 000000000 ____D C:\Program Files\Microsoft VS Code 2020-05-08 13:39 - 2019-10-25 10:22 - 000000000 ___HD C:\SIOSALUDFILE 2020-05-08 13:36 - 2019-10-25 10:22 - 000000000 ____D C:\REPORTES_SIO 2020-05-08 09:03 - 2019-10-19 06:01 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc 2020-05-08 09:02 - 2019-10-19 06:00 - 000000000 ____D C:\Users\USUARIO\AppData\Local\atom 2020-05-08 09:02 - 2019-09-06 21:12 - 000000000 ____D C:\Users\USUARIO\AppData\Local\SquirrelTemp 2020-05-07 22:35 - 2019-09-05 19:23 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-05-07 14:13 - 2019-09-06 21:14 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2020-05-05 15:46 - 2020-03-24 06:41 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Postman 2020-05-05 13:06 - 2020-03-24 06:41 - 000000000 ____D C:\Users\USUARIO\AppData\Local\Postman 2020-05-04 17:40 - 2019-11-21 08:04 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\npm 2020-05-04 00:18 - 2019-09-10 21:15 - 000000000 ___RD C:\Users\USUARIO\Google Drive 2020-05-01 22:58 - 2019-03-18 23:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-05-01 19:06 - 2019-12-01 07:43 - 000000000 ____D C:\Users\USUARIO\AppData\Local\NVIDIA Corporation 2020-04-30 20:03 - 2019-08-13 14:42 - 000000000 ____D C:\Windows\system32\Drivers\wd 2020-04-30 12:00 - 2019-11-21 10:15 - 000000121 _____ C:\Users\USUARIO\.yarnrc 2020-04-29 10:30 - 2019-12-06 04:01 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\obs-studio 2020-04-25 19:08 - 2019-08-13 15:05 - 000000000 ____D C:\ProgramData\Packages 2020-04-25 19:08 - 2019-08-13 14:55 - 000000000 ____D C:\Users\USUARIO\AppData\Local\PlaceholderTileLogoFolder 2020-04-19 18:26 - 2019-08-13 15:00 - 000000000 ____D C:\ProgramData\Riot Games 2020-04-19 18:20 - 2019-08-13 14:57 - 000000000 ____D C:\Riot Games 2020-04-19 12:23 - 2019-08-30 09:54 - 000000000 ____D C:\Program Files\AMD 2020-04-19 02:25 - 2019-08-30 09:53 - 000000000 ____D C:\AMD 2020-04-17 23:40 - 2020-02-16 08:21 - 001449920 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll 2020-04-17 23:39 - 2020-02-16 08:21 - 000153528 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll 2020-04-17 23:39 - 2020-02-16 08:21 - 000118200 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll 2020-04-17 23:39 - 2020-02-16 08:21 - 000033720 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe 2020-04-15 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\SystemResources 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\migwiz 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\system32\es-MX 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\ShellExperiences 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\Provisioning 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\PolicyDefinitions 2020-04-15 14:17 - 2019-03-18 23:52 - 000000000 ____D C:\Windows\bcastdvr 2020-04-14 06:48 - 2019-10-19 06:01 - 000000000 ____D C:\Users\USUARIO\AppData\Roaming\Atom 2020-04-14 01:36 - 2019-09-10 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google ==================== Archivos en la raíz de algunos directorios ======== 2020-04-01 18:49 - 2019-10-25 09:11 - 000000300 _____ () C:\ProgramData\sysopdbm.dll 2019-10-23 06:45 - 2019-10-23 06:45 - 000007666 _____ () C:\Users\USUARIO\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (No existe una corrección automática para los archivos que no pasan la verificación.) ==================== Final de FRST.txt ======================== [/code] [code] Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 11-05-2020 Ejecutado por USUARIO (13-05-2020 00:35:01) Ejecutado desde C:\Users\USUARIO\Desktop Windows 10 Pro Versión 1903 18362.778 (X64) (2019-08-13 19:44:01) Modo de Inicio: Normal ========================================================== ==================== Cuentas: ============================= Administrador (S-1-5-21-2393571388-1983671470-4249746595-500 - Administrator - Disabled) dalex (S-1-5-21-2393571388-1983671470-4249746595-1006 - Limited - Disabled) DefaultAccount (S-1-5-21-2393571388-1983671470-4249746595-503 - Limited - Disabled) Invitado (S-1-5-21-2393571388-1983671470-4249746595-501 - Limited - Disabled) jbn17 (S-1-5-21-2393571388-1983671470-4249746595-1005 - Limited - Disabled) paula (S-1-5-21-2393571388-1983671470-4249746595-1004 - Limited - Disabled) Risha (S-1-5-21-2393571388-1983671470-4249746595-1007 - Limited - Disabled) USUARIO (S-1-5-21-2393571388-1983671470-4249746595-1001 - Administrator - Enabled) => C:\Users\USUARIO WDAGUtilityAccount (S-1-5-21-2393571388-1983671470-4249746595-504 - Limited - Disabled) ==================== Centro de Seguridad ======================== (Si una entrada es incluida en el fixlist, será eliminada.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} ==================== Programas instalados ====================== (Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.) Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) AdoptOpenJDK JDK con Hotspot 8.0.242.08 (x64) (HKLM\...\{579C8D3F-8B5C-41F9-9053-EFDA22B24514}) (Version: 8.0.242.08 - AdoptOpenJDK) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.1 - Advanced Micro Devices, Inc.) Android Studio (HKLM\...\Android Studio) (Version: 3.6 - Google LLC) AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.4.0 - philandro Software GmbH) Apache NetBeans IDE 11.3 (HKLM\...\nbi-nb-all-11.3.0.0.2002) (Version: 11.3 - Apache NetBeans) Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden ARGENMU Online versión 2.0 (HKLM-x32\...\{C443C813-4E2D-4A10-A09D-B0337F9567B7}_is1) (Version: 2.0 - ArgenGamers) Atom (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\atom) (Version: 1.46.0 - GitHub Inc.) Atom (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\atom) (Version: 1.46.0 - GitHub Inc.) Atom (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\atom) (Version: 1.46.0 - GitHub Inc.) Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.) Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 81.1.8.96 - Brave Software Inc) CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform) Discord (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\Discord) (Version: 0.0.306 - Discord Inc.) Discord (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\Discord) (Version: 0.0.306 - Discord Inc.) Discord (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\Discord) (Version: 0.0.306 - Discord Inc.) Embarcadero InterBase 2017 [instance = gds_db] (HKLM-x32\...\Embarcadero InterBase 2017 [instance = gds_db]) (Version: 13.3.1.333 - Embarcadero Technologies Inc.) Embarcadero RAD Studio (HKLM-x32\...\{BC75D23E-8A89-4FEF-AFD1-AE110ED83630}) (Version: 20.0 - Embarcadero Technologies, Inc.) Hidden Embarcadero RAD Studio 10.3 (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\Embarcadero RAD Studio 10.3) (Version: 20.0 - Embarcadero Technologies, Inc.) Embarcadero RAD Studio 10.3 (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\Embarcadero RAD Studio 10.3) (Version: 20.0 - Embarcadero Technologies, Inc.) Embarcadero RAD Studio 10.3 (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\Embarcadero RAD Studio 10.3) (Version: 20.0 - Embarcadero Technologies, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Far Cry 4 Gold Edition MULTi15 - ElAmigos versión 1.10.0 (HKLM-x32\...\{6FD241CF-7D56-4D74-A8EE-9AB7C4428162}_is1) (Version: 1.10.0 - UBISoft) GameInput Redistributable (HKLM-x32\...\{5CAEA37E-8C31-F1D0-9BD8-91B1EFAEF885}) (Version: 10.1.19041.1124 - Microsoft Corporation) Git version 2.24.0.2 (HKLM\...\Git_is1) (Version: 2.24.0.2 - The Git Development Community) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{bd366c5e-00cd-46ed-b647-0b9874f32140}) (Version: 10.1.17809.8096 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.1.1075 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden Intel® Hardware Accelerated Execution Manager (HKLM\...\{7563302D-BD6B-4153-BA7D-3E3432E7C22D}) (Version: 7.5.6 - Intel Corporation) Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C80D774E-288D-423A-B5FF-97D2B7854C75}) (Version: 17.0.1.1075 - Intel Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc) Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes) Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12730.20250 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.45.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.45.0 - Microsoft Corporation) Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.45.0 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1104.625 - Microsoft Corporation) MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Node.js (HKLM\...\{41408FBE-699A-4989-83CA-AB035EECA740}) (Version: 12.13.1 - Node.js Foundation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden OpenJDK 1.8.0_252-2-redhat (HKLM\...\{F543325A-4E0F-4C77-9042-03BE7615AF6B}) (Version: 1.8.2522.9 - Red Hat, Inc.) OpenSSL 1.0.2q Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team) Oracle Data Provider for .NET Help (HKLM-x32\...\{6AA003BF-73E5-4911-ADB7-71DD5674DDD4}) (Version: 10.2.000 - Oracle Corporation) paint.net (HKLM\...\{BAFF7E40-25F2-4681-95F1-9D0E8EF0ABA4}) (Version: 4.2.8 - dotPDN LLC) Postman-win64-7.23.0 (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\Postman) (Version: 7.23.0 - Postman) Postman-win64-7.23.0 (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\Postman) (Version: 7.23.0 - Postman) Postman-win64-7.23.0 (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\Postman) (Version: 7.23.0 - Postman) Python 2.7.17 (64-bit) (HKLM\...\{9255D53C-6C21-4664-AAF3-6EAC50F867Da}) (Version: 2.7.17150 - Python Software Foundation) Python 3.5.4 (64-bit) (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\{5d57524f-af24-49a7-b90b-92138880481e}) (Version: 3.5.4150.0 - Python Software Foundation) Python 3.5.4 (64-bit) (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\{5d57524f-af24-49a7-b90b-92138880481e}) (Version: 3.5.4150.0 - Python Software Foundation) Python 3.5.4 (64-bit) (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\{5d57524f-af24-49a7-b90b-92138880481e}) (Version: 3.5.4150.0 - Python Software Foundation) Python 3.5.4 Add to Path (64-bit) (HKLM\...\{7EB7A65E-2EDB-4D94-BA2B-445D19E00C5D}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Core Interpreter (64-bit debug) (HKLM\...\{B721682C-5623-45A6-B41F-11AE32422FD9}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Core Interpreter (64-bit symbols) (HKLM\...\{4B04CF47-7FFD-4C32-BD9E-FB31EF3E81DE}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Core Interpreter (64-bit) (HKLM\...\{7808D6D7-9C0D-4593-8808-B83EF9EC8884}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Development Libraries (64-bit debug) (HKLM\...\{CE4CBCE7-5066-41B9-9C7E-504CB603B73A}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Development Libraries (64-bit) (HKLM\...\{3E5BDD64-1DA3-4C6A-87E3-5759E6C58191}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Documentation (64-bit) (HKLM\...\{7CE3B1AC-72AF-497C-B259-4AF399623AE3}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Executables (64-bit debug) (HKLM\...\{A401A09F-5029-4FB0-A9DA-1B535B3B7E46}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Executables (64-bit symbols) (HKLM\...\{CCB64553-31E3-43D3-B0E4-913C9D5BC8F9}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Executables (64-bit) (HKLM\...\{84848A30-C77B-4442-B84C-08B7B4DA1B01}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 pip Bootstrap (64-bit) (HKLM\...\{0399AD56-31E2-40D2-810B-01231A8A1515}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Standard Library (64-bit debug) (HKLM\...\{54ADD8D1-14AE-4653-B95E-77E310D772F5}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Standard Library (64-bit symbols) (HKLM\...\{CCAEB375-B809-40B6-8D8F-7FAF9EBAC2FB}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Standard Library (64-bit) (HKLM\...\{9FE0823D-9A9B-45AB-82CD-86879F4BADB8}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Tcl/Tk Support (64-bit debug) (HKLM\...\{AA56D3D5-41EF-4B97-9E58-85300EFDFBC8}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Tcl/Tk Support (64-bit symbols) (HKLM\...\{C46331A4-9295-4CB7-9C7B-D713AA91C13C}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Tcl/Tk Support (64-bit) (HKLM\...\{9C11591B-57F1-4DBF-8D05-85E910609371}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Test Suite (64-bit debug) (HKLM\...\{779F5826-EBA4-42D0-894A-B2372109010B}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Test Suite (64-bit symbols) (HKLM\...\{FE5E7001-EC72-4753-BA1A-F8F0D4A43262}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Test Suite (64-bit) (HKLM\...\{F7E6C0F0-E854-4F65-9722-45981A876E5F}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python 3.5.4 Utility Scripts (64-bit) (HKLM\...\{5C780CBB-67B4-4819-9A00-E3BD40540197}) (Version: 3.5.4150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{0CC63724-2076-4548-8958-554A8297E28F}) (Version: 3.5.6063.0 - Python Software Foundation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8504 - Realtek Semiconductor Corp.) SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden TortoiseSVN 1.13.1.28686 (64 bit) (HKLM\...\{F7080EF1-BD21-483B-ACAE-E19FAA2DF458}) (Version: 1.13.28686 - TortoiseSVN) Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden vcpp_crt.redist.clickonce (HKLM-x32\...\{108AD0F6-2878-452B-8351-2C22A7A0C355}) (Version: 14.16.27033 - Microsoft Corporation) Hidden Visual Studio Build Tools 2017 (HKLM-x32\...\104eca81) (Version: 15.9.28307.905 - Microsoft Corporation) vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden WhatsApp (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\WhatsApp) (Version: 2.2019.6 - WhatsApp) WhatsApp (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\WhatsApp) (Version: 2.2019.6 - WhatsApp) WhatsApp (HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\WhatsApp) (Version: 2.2019.6 - WhatsApp) WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden Yarn (HKLM-x32\...\{32FB6348-314B-4B00-A0C5-CD8D7779F76F}) (Version: 1.19.1 - Yarn Contributors) Packages: ========= Centro de Xbox Insider -> C:\Program Files\WindowsApps\Microsoft.FlightDashboard_469.2003.9001.0_x64__8wekyb3d8bbwe [2020-03-12] (Microsoft Corporation) Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation) DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2020-02-16] (Microsoft Corporation) DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2020-02-16] (Microsoft Corporation) EclipseCrossword -> C:\Program Files\WindowsApps\GreenEclipse.EclipseCrossword_1.2.62.0_x86__8gc1x8scajppy [2020-04-25] (Green Eclipse) Halo -> C:\Program Files\WindowsApps\Microsoft.Tomp_1.0.4723.0_x64__8wekyb3d8bbwe [2020-04-19] (Microsoft Studios) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-21] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad] MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-10] (Netflix, Inc.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-10-26] (Realtek Semiconductor Corp) Servicios de juegos -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.40.7001.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation) SoundCloud for Windows (Beta) -> C:\Program Files\WindowsApps\SoundcloudLtd.SoundCloudforWindowsBeta_1.1.36.0_x64__2xc63xn306dnw [2020-03-30] (Soundcloud Ltd.) Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation) ==================== Personalizado CLSID (Lista blanca): ============== (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) CustomCLSID: HKU\S-1-5-21-2393571388-1983671470-4249746595-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0 ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-28] ( () [Archivo no firmado]) [El archivo está en uso ] ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google) ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-28] ( () [Archivo no firmado]) [El archivo está en uso ] ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google) ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> Ningún archivo ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-05-13] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2019-10-31] (Open Source Developer, Stefan KUENG -> hxxps://tortoisesvn.net) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Lista blanca) ==================== (Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.) HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32original.dll [746496 2019-03-18] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [msacm.iac2] => C:\Windows\SysWOW64\iac25_32.ax [197632 2019-03-18] (Microsoft Windows -> Intel Corporation) HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [9216 2019-03-18] (Microsoft Windows -> Microsoft Corporation) ==================== Accesos directos & WMI ======================== (Las entradas pueden ser listadas para ser restauradas o eliminadas.) Shortcut: C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Embarcadero RAD Studio 10.3\Android SDKs\Android Tools.lnk -> C:\Users\USUARIO\Documents\Embarcadero\Studio\20.0\PlatformSDKs\android-sdk-windows\tools\android.bat () ShortcutWithArgument: C:\Users\USUARIO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Embarcadero RAD Studio 10.3\RAD Studio Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /K "C:\Program Files (x86)\Embarcadero\Studio\20.0\bin\rsvars.bat" ==================== Módulos cargados (Lista blanca) ============= 2018-12-28 17:46 - 2018-12-28 17:46 - 000126976 _____ (Intel Corporation) [Archivo no firmado] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll 2020-04-19 13:08 - 2020-04-19 13:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll 2020-04-19 13:08 - 2020-04-19 13:08 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll ==================== Alternate Data Streams (Lista blanca) ======== (Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.) AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [488] AlternateDataStreams: C:\Users\USUARIO\ntuser.ini:NTV [11668] ==================== Modo Seguro (Lista blanca) ================== (Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Asociación (Lista blanca) ================= ==================== Internet Explorer sitios de confianza/restringidos ========== (Si una entrada es incluida en el fixlist, será eliminada del registro.) IE trusted site: HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\localhost -> localhost ==================== Hosts contenido: ========================= (Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.) 2019-03-18 23:49 - 2020-05-10 05:12 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Otras Áreas =========================== (Actualmente no existe una corrección automática para esta sección.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Users\USUARIO\Documents\proyectos\oracle_b64\instantclient_18_5;C:\Python27\;C:\Python27\Scripts;C:\Program Files (x86)\Embarcadero\Studio\20.0\bin;C:\Users\USUARIO\Documents\Embarcadero\Studio\20.0\Bpl;C:\Program Files (x86)\Embarcadero\Studio\20.0\bin64;C:\Users\USUARIO\Documents\Embarcadero\Studio\20.0\Bpl\Win64;C:\oracle\product\10.2.0\client_1\bin;C:\Program Files\Python35\Scripts\;C:\Program Files\Python35\;C:\Program Files\Python37\Scripts\;C:\Program Files\Python37\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Users\USUARIO\AppData\Local\WhatsApp\;C:\Program Files\nodejs\;C:\Program Files\Git\cmd;C:\ProgramData\chocolatey\bin;C:\Program Files (x86)\Yarn\bin\;C:\Program Files\TortoiseSVN\bin;C:\Program Files\RedHat\java-1.8.0-openjdk-1.8.0.252-2\bin;C:\Program Files\RedHat\java-1.8.0-openjdk-1.8.0.252-2\jre\bin; HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156201\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157732\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002159012\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156294\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157841\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002159137\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\c413599bc57f7596d75bea1775b14169.jpg HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\Control Panel\Desktop\\Wallpaper -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\c413599bc57f7596d75bea1775b14169.jpg HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\Control Panel\Desktop\\Wallpaper -> C:\Users\USUARIO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\c413599bc57f7596d75bea1775b14169.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Firewall de Windows está habilitado. ==================== MSCONFIG/TASK MANAGER elementos deshabilitados == (Si una entrada es incluida en el fixlist, será eliminada.) HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\StartupFolder: => "DeskPins.lnk" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001\...\StartupApproved\Run: => "Voobly" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\StartupFolder: => "DeskPins.lnk" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002156404\...\StartupApproved\Run: => "Voobly" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\StartupFolder: => "DeskPins.lnk" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2393571388-1983671470-4249746595-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05132020002157950\...\StartupApproved\Run: => "Voobly" ==================== Reglas de firewall (Lista blanca) ================ (Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.) FirewallRules: [TCP Query User{18AE9C0F-DF51-49AD-A1E6-62C2FC99BBC4}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [UDP Query User{273F65AD-75F7-478F-B4C6-662F9CEAABF3}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [TCP Query User{02374A9F-9BBE-41C9-AE17-04D6D1B16413}C:\java\jdk8u252-b09\bin\java.exe] => (Allow) C:\java\jdk8u252-b09\bin\java.exe FirewallRules: [UDP Query User{1AFEDF42-DB8B-4CDB-A7DE-8923E5429CE8}C:\java\jdk8u252-b09\bin\java.exe] => (Allow) C:\java\jdk8u252-b09\bin\java.exe FirewallRules: [{A9D2F19E-21A7-4F7B-8A1D-8EB5D90845B4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{3A40A83F-FFE4-4454-A831-525849009FCA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [TCP Query User{8A6787A0-2FB4-4C6A-8870-FC4A47671D98}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js) FirewallRules: [UDP Query User{F7CB68B0-7A7E-45E8-A18A-24144DAB7D69}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (Node.js Foundation -> Node.js) FirewallRules: [TCP Query User{6AC51351-0539-40DB-8977-C99A9F02537E}C:\program files (x86)\embarcadero\studio\20.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\20.0\bin\bds.exe (Idera, Inc. -> Embarcadero Technologies, Inc.) FirewallRules: [UDP Query User{229AE68E-DB3C-4163-A519-F7A06FDEC68E}C:\program files (x86)\embarcadero\studio\20.0\bin\bds.exe] => (Allow) C:\program files (x86)\embarcadero\studio\20.0\bin\bds.exe (Idera, Inc. -> Embarcadero Technologies, Inc.) FirewallRules: [{B9144FC3-9667-4F70-97C6-3A2D43153C6B}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [TCP Query User{F650A8D3-942D-40B5-92E8-1A9F066CE5CE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{6C4A4506-3D01-45E9-A8D2-E13CA5C33CA1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{F1653909-1F8D-4B1C-A623-1117DF978C18}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{57F9CEB2-1595-4D31-BD1B-5E6BA944AC92}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{6D21EE70-CD2A-43B3-8CFC-1E203C15395C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) FirewallRules: [{07667E7B-935A-4726-A138-7DC231E65536}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> ) ==================== Puntos de Restauración ========================= ATENCIÓN: Restaurar Sistema está deshabilitado (Total:446.5 GB) (Free:268.55 GB) (60%) ==================== Dispositivos defectuosos en el Administrador de dispositivos ============ ==================== Errores del registro de eventos: ======================== Errores de aplicación: ================== Error: (05/13/2020 12:23:58 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 17.0.1.1075, marca de tiempo: 0x5c2654f8 Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.18362.778, marca de tiempo: 0xafa78a6a Código de excepción: 0xe0434352 Desplazamiento de errores: 0x000000000003a799 Identificador del proceso con errores: 0x26f8 Hora de inicio de la aplicación con errores: 0x01d628e6b378317f Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll Identificador del informe: 584f0d1f-5b40-4148-8fba-5ffdadf6aa8b Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (05/13/2020 12:23:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: IAStorDataMgrSvc.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.FormatException en System.Text.StringBuilder.FormatError() en System.Text.StringBuilder.AppendFormatHelper(System.IFormatProvider, System.String, System.ParamsArray) en System.String.FormatHelper(System.IFormatProvider, System.String, System.ParamsArray) en System.String.Format(System.IFormatProvider, System.String, System.Object[]) en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[]) en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel) en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs) en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() en IAStorUtil.SystemDataModelListener.LoadSavedSystemState() en IAStorDataMgr.EventRelay.b__12_0(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() en System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (05/13/2020 12:23:58 AM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: ) Description: Internal program error: missing resource string DM_1_0_7 Error: (05/13/2020 12:21:27 AM) (Source: VSS) (EventID: 13) (User: ) Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema. ] Error: (05/13/2020 12:21:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 17.0.1.1075, marca de tiempo: 0x5c2654f8 Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.18362.778, marca de tiempo: 0xafa78a6a Código de excepción: 0xe0434352 Desplazamiento de errores: 0x000000000003a799 Identificador del proceso con errores: 0xfa0 Hora de inicio de la aplicación con errores: 0x01d628e64deb591f Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll Identificador del informe: b4d96c9f-ec9a-44d0-ab5a-bc870566510c Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Error: (05/13/2020 12:21:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Aplicación: IAStorDataMgrSvc.exe Versión de Framework: v4.0.30319 Descripción: el proceso terminó debido a una excepción no controlada. Información de la excepción: System.FormatException en System.Text.StringBuilder.FormatError() en System.Text.StringBuilder.AppendFormatHelper(System.IFormatProvider, System.String, System.ParamsArray) en System.String.FormatHelper(System.IFormatProvider, System.String, System.ParamsArray) en System.String.Format(System.IFormatProvider, System.String, System.Object[]) en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[]) en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel) en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs) en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() en IAStorUtil.SystemDataModelListener.LoadSavedSystemState() en IAStorDataMgr.EventRelay.b__12_0(System.Object) en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() en System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (05/13/2020 12:21:08 AM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: ) Description: Internal program error: missing resource string DM_1_0_7 Error: (05/13/2020 12:12:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 17.0.1.1075, marca de tiempo: 0x5c2654f8 Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.18362.778, marca de tiempo: 0xafa78a6a Código de excepción: 0xe0434352 Desplazamiento de errores: 0x000000000003a799 Identificador del proceso con errores: 0x2a60 Hora de inicio de la aplicación con errores: 0x01d628e50c4f9356 Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll Identificador del informe: 47224631-4fb1-492e-a40f-867c26b5c9de Nombre completo del paquete con errores: Identificador de aplicación relativa del paquete con errores: Errores del sistema: ============= Error: (05/13/2020 12:27:24 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio. Error: (05/13/2020 12:27:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio GameInput Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio. Error: (05/13/2020 12:24:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Intel(R) Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (05/13/2020 12:21:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (05/13/2020 12:21:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces. Error: (05/13/2020 12:21:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Windows Installer terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio. Error: (05/13/2020 12:21:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio ‪Servicio Hacer clic y ejecutar de Microsoft Office‬ terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio. Error: (05/13/2020 12:21:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: El servicio Realtek Audio Universal Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio. Windows Defender: =================================== Date: 2020-05-08 17:33:37.570 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {E060899A-C70F-4D5E-B78B-E0075DEF9D87} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-05-05 06:47:50.529 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0 Nombre: HackTool:Win32/AutoKMS Id.: 2147685180 Gravedad: Alta Categoría: Herramienta Ruta de acceso: containerfile:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar; file:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar->Activador KMS\Auto.cmd; file:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar->Activador KMS\cert\installAll.cmd Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.313.2918.0, AS: 1.313.2918.0, NIS: 1.313.2918.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-05-05 06:47:50.525 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: containerfile:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar; file:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar->Activador KMS\AutoPico.exe; file:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar->Activador KMS\KMSELDI.exe; file:_C:\Users\USUARIO\Desktop\Microsoft Office 2016 FULL.rar->Activador KMS\Service_KMS.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Sistema Usuario: NT AUTHORITY\SYSTEM Nombre de proceso: Unknown Versión de inteligencia de seguridad: AV: 1.313.2918.0, AS: 1.313.2918.0, NIS: 1.313.2918.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 Date: 2020-05-05 03:22:40.959 Description: El examen de Antivirus de Windows Defender se detuvo antes de completarse. Id. de examen: {A6011073-A6FC-46B2-BA14-FB665C58FC11} Tipo de examen: Antimalware Parámetros de examen: Examen rápido Usuario: NT AUTHORITY\SYSTEM Date: 2020-05-03 23:36:32.684 Description: Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado. Para más información, consulta lo siguiente: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0 Nombre: HackTool:MSIL/AutoKMS Id.: 2147711767 Gravedad: Alta Categoría: Herramienta Ruta de acceso: file:_C:\Users\USUARIO\Desktop\Activador KMS\AutoPico.exe Origen de detección: Equipo local Tipo de detección: Concreto Origen de detección: Protección en tiempo real Usuario: DESKTOP-L2H56T0\USUARIO Nombre de proceso: C:\Windows\explorer.exe Versión de inteligencia de seguridad: AV: 1.313.2862.0, AS: 1.313.2862.0, NIS: 1.313.2862.0 Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4 CodeIntegrity: =================================== Date: 2020-02-13 13:01:05.442 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:01:05.441 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:01:05.440 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:01:05.438 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:01:05.267 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:01:05.264 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:00:50.458 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-02-13 13:00:50.455 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. ==================== Información de la memoria =========================== BIOS: American Megatrends Inc. 2012 01/22/2019 Placa base: ASUSTeK COMPUTER INC. TUF B360M-PLUS GAMING S Procesador: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz Porcentaje de memoria en uso: 52% RAM física total: 8109.46 MB RAM física disponible: 3877.98 MB Virtual total: 26541.46 MB Virtual disponible: 20509.98 MB ==================== Unidades ================================ Drive c: () (Fixed) (Total:446.5 GB) (Free:268.55 GB) NTFS \\?\Volume{79b7def8-c7b5-4a8a-b860-a3d3c2e5e780}\ (Recuperación) (Fixed) (Total:0.52 GB) (Free:0.13 GB) NTFS \\?\Volume{2fb33792-3c24-45bc-af45-12fb6e501bfc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Tabla de particiones ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 447.1 GB) (Disk ID: 00000000) Partition: GPT. ==================== Final de Addition.txt ======================= [/code]