• Registrarse
  • Iniciar sesión


  • Página 1 de 2 12 ÚltimoÚltimo
    Resultados 1 al 10 de 17

    En mis documentos hay un archivo oculto llamado default.rdp. (Solucionado)

    Hoy cuando abrí la carpeta de mis documentos me tope con que había un archivo oculto llamado default.rdp, al abrir ese archivo se abre el programa "Conexión a escritorio remoto". ¿A qué se debe?, ¿Es ...

    1. #1
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      En mis documentos hay un archivo oculto llamado default.rdp. (Solucionado)

      Hoy cuando abrí la carpeta de mis documentos me tope con que había un archivo oculto llamado default.rdp, al abrir ese archivo se abre el programa "Conexión a escritorio remoto".

      ¿A qué se debe?, ¿Es normal?

      Por cierto al archivo lo borre por "seguridad".

    2. #2
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.165

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Segun esto, no seria nada >> default.rdp


      Ahora bien, si no has echo nada de eso, podria ser algun malware



      Pega esto


      Descarga en el escritorio >>IFS (InfoSpyware First Steps) | InfoSpyware

      1. Cierra todos los programas que tengas abiertos.
      2. Ejecuta IFS.exe (Si usas Windows Vista/7 / 8 o 10 ,presiona clic derecho y selecciona "Ejecutar como Administrador.")
      3. Pulsar en el botón Analizar, y espera a que se realice el proceso.
      4. Al terminar se abrirá un informe, que debes copiar y pegar(entero) en tu próxima respuesta.


      El informe también se puede encontrar en "C:\IFS.log"
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Gracias por responder... Salu2

      Aquí te va el informe:

      Código:
      ~~~~~~~~~~~| Inicio: 
      
      *IFS (InfoSpyware First Steps) v 1.3
      *www.InfoSpyware.com | www.ForoSpyware.com
      *Iniciado: 19/06/2017 a las 18h.04m.17s
      
      ~~~~~~~~~~~|  Información del Sistema:
      
      OS: Microsoft Windows 10 Pro x64 
      Idioma: Spanish (Argentina) (Argentina|es-AR)
      Permisos de Administrador / ON
      Windows se Inició en   Modo Normal
      Drive: C:\Windows (Install: \Device\HarddiskVolume4)
      
      ~~~~~~~~~~~| Arquitectura Fisica:
      
      CPU: System manufacturer
      CPU Modelo: System Product Name
      Procesador: AMD A10-7860K Radeon R7, 12 Compute Cores 4C+8G (x64-BasedPC)
      Memoria RAM: 7 Gb. En Uso: 42 %
      Video: AMD Radeon(TM) R7 Graphics
      Chip: AMD Radeon Graphics Processor (0x130F) Capacidad video:1024 MB (Internal DAC(400MHz))
      
      ~~~~~~~~~~~| Unidades
      
      C: [FIXED|NTFS|] - [930.0 Gb][858.7 Gb][72.2 Gb]
      D: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      E: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      F: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      G: [REMOVABLE||] - [0 Gb][0 Gb][0 Gb]
      C:\ Fragmentación total 6.51% - Correcto
      
      ~~~~~~~~~~~| Seguridad del SO
      
      SafeBoot: Inicio en Modo seguro Correcto
      Security Center: Correcto (Servicio Activo)
      Windows Update: Correcto (Servicio Activo) 
      AV: Windows Defender *Protección Residente [OFF] / Actualizado*
      AV: Malwarebytes *Protección Residente [ON] / Actualizado*
      AV: ZoneAlarm Free Firewall Antivirus *Protección Residente [ON] / Actualizado*
      AV: 360 Total Security *Protección Residente [ON] / Actualizado*
      SP: ZoneAlarm Free Firewall Anti-Spyware *Protección Residente [ON] / Actualizado*
      SP: Malwarebytes *Protección Residente [ON] / Actualizado*
      SP: Windows Defender *Protección Residente [OFF] / Actualizado*
      SP: 360 Total Security *Protección Residente [ON] / Actualizado*
      FW: ZoneAlarm Free Firewall Firewall *Protección Residente [ON]*
      FW: Windows Firewall * Protección Residente [OFF]*
      
      ~~~~~~~~~~~|  Update Check
      
      Internet Explorer Versión Instalada 11
      Google Chrome Versión Instalada 59.0.3071.104
      
      ~~~~~~~~~~~| Process List 
      
      MBAMTray.exe (Malwarebytes Anti-Malware)
      MBAMservice.exe (Malwarebytes Anti-Malware)
      zatray.exe (Productos de Zone Labs|ZoneAlarm)
      vsmon.exe (Productos de Zone Labs|ZoneAlarm)
      zatray.exe (Productos de Zone Labs|ZoneAlarm)
      
      ~~~~~~~~~~~| Install Check 
      
      
      ZoneAlarm Free Firewall [15.1.504.17269]
      ZoneAlarm Firewall [15.1.504.17269]
      ZoneAlarm Antivirus [15.1.504.17269]
      ZoneAlarm Security [15.1.504.17269]
      CCleaner [5.30]
      Revo Uninstaller Pro 3.1.9 [3.1.9]
      
      ~~~~~~~~~~~| Registry Check
      
      HKLM\Run(x64): [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
      HKLM\Run(x64): [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
      HKLM\Run(x64): [Everything] "C:\Program Files\Everything\Everything.exe" -startup
      HKLM\Run: [QHSafeTray] "C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe" /start
      HKLM\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
      HKLM\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      HKLM\Run: [OneDrive] "C:\Users\usuario\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
      HKLM\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
      HKLM\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
      Winlogon(x64): Shell = explorer.exe
      Winlogon: Shell = explorer.exe
      Userinit(x64): Userinit = C:\Windows\system32\userinit.exe,
      Userinit: Userinit = C:\Windows\system32\userinit.exe,
      
      [HKCR\.\.open\command] -> Navegador Preferido es Internet Explorer
      StarPage:hxxp://go.microsoft.com/fwlink/p/?linkid=255141
      StarPage:hxxp://go.microsoft.com/fwlink/?LinkId=54896
      
      ~~~~~~~~~~~| PUPs Check
      
      HKLM64\SOFTWARE\Partner
      
      C:\Program Files (x86)\hotspot shield
      C:\Users\usuario\AppData\Roaming\hotspot shield
      
      ~~~~~~~~~~~| Listado 7 Días (Predeterminado)
      
      [17/06/2017 03:42] - C:\Windows\ERUNT
      [19/06/2017 16:52] - C:\Windows\setupact.log
      [19/06/2017 16:52] - C:\Windows\setuperr.log
      [18/06/2017 19:59] - C:\Windows\WindowsUpdate.log
      [17/06/2017 03:42] - C:\DelFix.txt
      [19/06/2017 18:03] - C:\FSTool
      [19/06/2017 18:04] - C:\IFS.log
      
      ~~~~~~~~~~~| C:\Windows\Tasks:
      
      
      ~~~~~~~~~~~| End Report
      *Finalizado 18:10:20
      *Se limpiaron los archivos temporales
      *[1599815] C:\Users\usuario\Desktop\IFS.exe
      *Herramienta de Análisis e investigación

    4. #4
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.165

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Descarga >> https://www.infospyware.com/antispyware/adwcleaner y colócalo en el escritorio:


      - Ejecútalo con todos los programas cerrados y con el antivirus deshabilitado >>Cómo deshabilitar temporalmente su Antivirus.
      - Si usas Windows Vista/ W 7/W 8, ejecútalo como administrador. (Botón derecho >> Ejecutar como Administrador) , aceptas la licencia (j’acepte) ..


      Presionas y das en Escanear y esperas a que el programa haga lo suyo.
      Ejecutamos Limpiar para realizar la limpieza y si nos pide reiniciar el pc lo hacemos.

      - Al terminar se abrirá un reporte en un archivo de texto, cuyo contenido deberás copiar y pegar en tu próxima respuesta.


      El reporte se encuentra también en C:\AdwCleaner- AdwCleaner[CX].txt



      1-Descarga Farbar Recovery Scan Tool By Farbar (Descarga el archivo dependiendo de la arquitectura de tu sistema).>> Como saber si mi sistema es de 32 o de 64 Bits

      • La guardas en el escritorio >> Esto es muy importante..
      • Con todos los programas /ventanas cerrados, doble clic para ejecutar Frst.exe.
      • En la ventana del Disclaimer, presiona Yes.
      • En la nueva ventana que se abre, presiona el botón Scan y espera paciente a que concluya el análisis.

      • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, estos estarán grabados en tu escritorio.

      • Para terminar abres los archivos Frst.txt y Addition.Txt copia y pega todo su contenido en tu próxima respuesta. Utiliza dos mensajes si te dice que es muy largo.



      Me pegas logs en orden
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      El AdwCleaner ya lo tenia descargado por la dudas.

      Aquí va su informe:

      # AdwCleaner v6.047 - Archivo de registro creado 20/06/2017 en 15:08:57
      # Actualizado en 19/05/2017 por Malwarebytes
      # Base de datos : 2017-06-20.1 [Servidor]
      # Sistema Operativo : Windows 10 Pro (X64)
      # Nombre de usuario : Fede-PC - FEDEHDC-PC
      # Ejecutado desde : C:\Users\usuario\Downloads\adwcleaner_6.047.exe
      # Modo: Limpiar
      # Soporte : https://www.malwarebytes.com/support



      ***** [ Servicios ] *****



      ***** [ Carpetas ] *****



      ***** [ Archivos ] *****



      ***** [ DLL ] *****



      ***** [ WMI ] *****



      ***** [ Accesos directos ] *****



      ***** [ Tareas programadas ] *****

      [-] Tarea eliminada: Driver Booster Scheduler


      ***** [ Registro ] *****



      ***** [ Navegadores ] *****



      *************************

      :: Llaves "Tracing" eliminadas
      :: Se han borrado los ajustes de Winsock

      *************************

      C:\AdwCleaner\AdwCleaner[C0].txt - [3006 Bytes] - [13/05/2017 18:26:31]
      C:\AdwCleaner\AdwCleaner[C10].txt - [947 Bytes] - [20/06/2017 15:08:57]
      C:\AdwCleaner\AdwCleaner[C2].txt - [1940 Bytes] - [03/06/2017 14:09:38]
      C:\AdwCleaner\AdwCleaner[C3].txt - [2086 Bytes] - [05/06/2017 18:32:23]
      C:\AdwCleaner\AdwCleaner[C4].txt - [2306 Bytes] - [08/06/2017 00:05:28]
      C:\AdwCleaner\AdwCleaner[C5].txt - [2453 Bytes] - [08/06/2017 21:43:16]
      C:\AdwCleaner\AdwCleaner[C6].txt - [2553 Bytes] - [12/06/2017 21:13:51]
      C:\AdwCleaner\AdwCleaner[C7].txt - [2747 Bytes] - [16/06/2017 18:41:43]
      C:\AdwCleaner\AdwCleaner[C8].txt - [2708 Bytes] - [17/06/2017 18:24:05]
      C:\AdwCleaner\AdwCleaner[C9].txt - [3006 Bytes] - [20/06/2017 14:53:28]
      C:\AdwCleaner\AdwCleaner[S0].txt - [3152 Bytes] - [13/05/2017 18:25:00]
      C:\AdwCleaner\AdwCleaner[S10].txt - [2723 Bytes] - [08/06/2017 00:04:53]
      C:\AdwCleaner\AdwCleaner[S11].txt - [2870 Bytes] - [08/06/2017 21:42:29]
      C:\AdwCleaner\AdwCleaner[S12].txt - [3019 Bytes] - [12/06/2017 21:13:34]
      C:\AdwCleaner\AdwCleaner[S13].txt - [3164 Bytes] - [16/06/2017 18:25:49]
      C:\AdwCleaner\AdwCleaner[S14].txt - [2923 Bytes] - [16/06/2017 19:11:38]
      C:\AdwCleaner\AdwCleaner[S15].txt - [2995 Bytes] - [17/06/2017 18:04:27]
      C:\AdwCleaner\AdwCleaner[S16].txt - [3144 Bytes] - [18/06/2017 02:00:36]
      C:\AdwCleaner\AdwCleaner[S17].txt - [3221 Bytes] - [18/06/2017 17:46:09]
      C:\AdwCleaner\AdwCleaner[S18].txt - [3293 Bytes] - [20/06/2017 14:52:48]
      C:\AdwCleaner\AdwCleaner[S19].txt - [3440 Bytes] - [20/06/2017 15:08:00]
      C:\AdwCleaner\AdwCleaner[S1].txt - [1522 Bytes] - [13/05/2017 18:37:24]
      C:\AdwCleaner\AdwCleaner[S2].txt - [1598 Bytes] - [14/05/2017 21:00:03]
      C:\AdwCleaner\AdwCleaner[S3].txt - [1671 Bytes] - [18/05/2017 14:40:12]
      C:\AdwCleaner\AdwCleaner[S4].txt - [1752 Bytes] - [22/05/2017 17:40:30]
      C:\AdwCleaner\AdwCleaner[S5].txt - [1825 Bytes] - [24/05/2017 00:52:05]
      C:\AdwCleaner\AdwCleaner[S6].txt - [1898 Bytes] - [25/05/2017 18:33:56]
      C:\AdwCleaner\AdwCleaner[S7].txt - [2356 Bytes] - [03/06/2017 14:09:09]
      C:\AdwCleaner\AdwCleaner[S8].txt - [2502 Bytes] - [05/06/2017 18:31:42]
      C:\AdwCleaner\AdwCleaner[S9].txt - [2260 Bytes] - [05/06/2017 18:40:21]

      ########## EOF - C:\AdwCleaner\AdwCleaner[C10].txt - [3074 Bytes] ##########

    6. #6
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Informe del FRST:

      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-06-2017 01
      Ran by Fede-PC (administrator) on FEDEHDC-PC (20-06-2017 15:19:37)
      Running from C:\Users\usuario\Desktop
      Loaded Profiles: Fede-PC (Available Profiles: Fede-PC)
      Platform: Windows 10 Pro Version 1703 (X64) Language: Español (España, internacional)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: ***********************************************************************************************************

      ==================== Processes (Whitelisted) =================

      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

      (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
      (Microsoft Corporation) C:\Windows\System32\alg.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
      (Microsoft Corporation) C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
      (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
      (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
      (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
      (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
      (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
      (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
      (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
      (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
      (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
      (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe

      ==================== Registry (Whitelisted) ====================

      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
      HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
      HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2197608 2017-06-06] ()
      HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-06-09] (QIHU 360 SOFTWARE CO. LIMITED)
      HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-04-14] (Check Point Software Technologies Ltd.)
      HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [6153128 2017-05-22] (LogMeIn Inc.)
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\amddvr.exe [1384328 2017-04-24] (Advanced Micro Devices, Inc.)
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-25] (Valve Corporation)
      HKU\S-1-5-18\...\Run: [TunnelBear] => "C:\Program Files (x86)\TunnelBear\TunnelBear.UI.exe" -autoconnect
      ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
      ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
      GroupPolicy: Restriction <======= ATTENTION
      GroupPolicyScripts: Restriction <======= ATTENTION
      GroupPolicyScripts\User: Restriction <======= ATTENTION

      ==================== Internet (Whitelisted) ====================

      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
      Tcpip\..\Interfaces\{90ca569c-530a-435f-8b5e-3978a5295d19}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{90ca569c-530a-435f-8b5e-3978a5295d19}: [DhcpNameServer] 192.168.1.1

      Internet Explorer:
      ==================
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
      SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-1003139022-2186531576-1555623010-1001 -> {31249B91-0ED4-4C31-A16E-E7661A5EB559} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=chrf-iryus&type=ypi_znlrm_00_00_ie
      SearchScopes: HKU\S-1-5-21-1003139022-2186531576-1555623010-1001 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)

      FireFox:
      ========
      FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
      FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)

      Chrome:
      =======
      CHR HomePage: Default -> hxxps://www.google.com.ar/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
      CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
      CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=chrf-iryus&type=ypi_znlrm_00_00_chr
      CHR DefaultSearchKeyword: Default -> lp
      CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
      CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2017-06-20]
      CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-25]
      CHR Extension: (Adblock Plus) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-04-22]
      CHR Extension: (Alienware Theme) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\edniapajcmmgfcgpbjeelocndjnmhikl [2017-06-16]
      CHR Extension: (AdBlock) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-16]
      CHR Extension: (Protección de Internet 360) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-06-03]
      CHR Extension: (LastPass: Free Password Manager) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-06-15]
      CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-09]
      CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\System Profile [2017-06-19]
      CHR HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\usuario\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-04-27]
      CHR HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hpacaholihkepnhgeeiipghhgonbhdfb] - hxxps://clients2.google.com/service/update2/crx
      CHR HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx

      Opera:
      =======
      OPR Extension: (Traducir) - C:\Users\usuario\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2017-05-20]
      StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe

      ==================== Services (Whitelisted) ====================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      S3 360DocProtect; C:\Program Files (x86)\360\360DocProtect\Utils\360DocProtect.exe [943576 2017-05-04] (360.cn)
      R2 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1392320 2016-10-19] (Disc Soft Ltd)
      R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3760040 2017-05-22] (LogMeIn Inc.)
      R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2610808 2017-06-15] (AnchorFree Inc.)
      R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
      R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
      R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929376 2017-06-09] (QIHU 360 SOFTWARE CO. LIMITED)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
      R3 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-04-14] (Check Point Software Technologies Ltd.)
      S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
      S2 WSearch; C:\Windows\system32\SearchIndexer.exe [933376 2017-06-03] () [File not signed]
      S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
      R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-04-14] (Check Point Software Technologies Ltd.)

    7. #7
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      ===================== Drivers (Whitelisted) ======================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [183800 2017-04-21] (360.cn)
      R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [95232 2017-05-17] (360.cn)
      R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-06-09] (360.cn)
      R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [339456 2017-06-09] (360.cn)
      S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [57848 2017-04-21] (360.cn)
      R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [432120 2017-05-17] (360.cn)
      S3 AFTrafMgr1.2; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_2_64.sys [57272 2017-05-08] (AnchorFree Inc.)
      S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
      R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\atikmdag.sys [36558232 2017-05-03] (Advanced Micro Devices, Inc.)
      R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\atikmpag.sys [528792 2017-05-03] (Advanced Micro Devices, Inc.)
      R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2017-04-21] (Advanced Micro Devices)
      R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [199160 2017-05-17] (360.cn)
      S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
      R3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30264 2017-04-22] (Disc Soft Ltd)
      S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2017-04-22] (Disc Soft Ltd)
      S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47672 2017-04-22] (Disc Soft Ltd)
      R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-06-05] ()
      S3 FairplayKD; C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [78856 2017-05-22] (Multi Theft Auto)
      R1 FileAbap; C:\Windows\System32\drivers\FileAbap64.sys [141816 2017-04-23] (360.cn)
      R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-02-27] (LogMeIn Inc.)
      R2 hfFilter; C:\Windows\System32\drivers\hfFilter.sys [34400 2017-02-05] () [File not signed]
      R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-04-21] (REALiX(tm))
      R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2017-03-22] (AO Kaspersky Lab)
      S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29216 2017-03-22] (AO Kaspersky Lab)
      R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [189672 2017-03-22] (AO Kaspersky Lab)
      R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [435032 2017-03-22] (AO Kaspersky Lab)
      R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1007848 2017-03-22] (AO Kaspersky Lab)
      R0 klupd_KLIF_arkmon; C:\Windows\System32\Drivers\klupd_KLIF_arkmon.sys [229288 2017-05-02] (AO Kaspersky Lab)
      R3 klupd_KLIF_kimul; C:\Windows\System32\Drivers\klupd_KLIF_kimul.sys [87584 2017-05-02] (AO Kaspersky Lab)
      S3 klupd_KLIF_klark; C:\Windows\System32\Drivers\klupd_KLIF_klark.sys [251656 2017-05-02] (AO Kaspersky Lab)
      R0 klupd_KLIF_klbg; C:\Windows\System32\Drivers\klupd_KLIF_klbg.sys [112912 2017-05-02] (AO Kaspersky Lab)
      R3 klupd_KLIF_mark; C:\Windows\System32\Drivers\klupd_KLIF_mark.sys [173144 2017-05-02] (AO Kaspersky Lab)
      R0 MBAMChameleon; C:\Windows\System32\drivers\MBAMChameleon.sys [188312 2017-06-20] (Malwarebytes)
      R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [113592 2017-06-20] (Malwarebytes)
      R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [44960 2017-06-20] (Malwarebytes)
      R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-20] (Malwarebytes)
      R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-06-20] (Malwarebytes)
      R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [984032 2017-06-20] (Realtek )
      S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
      S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-29] () [File not signed]
      S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
      R3 tap-tb-0901; C:\Windows\System32\drivers\tap-tb-0901.sys [38656 2017-05-23] (The OpenVPN Project)
      R3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42088 2015-12-18] (Anchorfree Inc.)
      R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation)
      R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation)
      R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461240 2017-04-13] (Check Point Software Technologies Ltd.)
      S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
      S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
      S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
      U3 iswSvc; no ImagePath

      ==================== NetSvcs (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== One Month Created files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-06-20 15:19 - 2017-06-20 15:20 - 00016699 _____ C:\Users\usuario\Desktop\FRST.txt
      2017-06-20 15:19 - 2017-06-20 15:19 - 00000000 ____D C:\FRST
      2017-06-20 15:12 - 2017-06-20 15:12 - 00003154 _____ C:\Users\usuario\Desktop\AdwCleaner[C10].txt
      2017-06-20 14:54 - 2017-06-20 14:55 - 00235240 _____ C:\Windows\system32\FNTCACHE.DAT
      2017-06-20 14:38 - 2017-06-20 14:37 - 02439680 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe
      2017-06-20 14:37 - 2017-06-20 14:37 - 02439680 _____ (Farbar) C:\Users\usuario\Downloads\FRST64.exe
      2017-06-19 18:03 - 2017-06-19 18:10 - 00000000 ____D C:\FSTool
      2017-06-19 18:01 - 2017-06-19 18:02 - 01599815 _____ C:\Users\usuario\Downloads\IFS.exe
      2017-06-18 15:51 - 2017-06-18 16:12 - 00000000 ____D C:\Users\usuario\AppData\Roaming\PhotoScape
      2017-06-18 15:51 - 2017-06-18 15:51 - 00001104 _____ C:\Users\usuario\Desktop\PhotoScape.lnk
      2017-06-18 15:51 - 2017-06-18 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
      2017-06-18 15:51 - 2017-06-18 15:51 - 00000000 ____D C:\Program Files (x86)\PhotoScape
      2017-06-18 15:48 - 2017-06-18 15:50 - 21025552 _____ (Mooii) C:\Users\usuario\Downloads\PhotoScapeSetup_V3.7.exe
      2017-06-18 15:24 - 2017-06-18 15:24 - 00001123 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
      2017-06-18 15:24 - 2017-06-18 15:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
      2017-06-18 03:39 - 2017-06-18 20:12 - 00000000 ____D C:\Users\usuario\AppData\Local\Everything
      2017-06-18 03:20 - 2017-06-18 20:12 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Everything
      2017-06-18 03:20 - 2017-06-18 03:20 - 00001062 _____ C:\Users\usuario\Desktop\Buscar con Everything.lnk
      2017-06-18 03:20 - 2017-06-18 03:20 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
      2017-06-18 03:20 - 2017-06-18 03:20 - 00000000 ____D C:\Program Files\Everything
      2017-06-18 03:17 - 2017-06-18 03:17 - 01443120 _____ () C:\Users\usuario\Downloads\Everything-1.4.1.877.x64-Setup.exe
      2017-06-18 00:42 - 2017-06-18 00:42 - 00809692 _____ C:\Users\usuario\Downloads\WinsockFix_InfoSpyware.zip
      2017-06-17 22:51 - 2017-06-17 22:51 - 00522240 _____ (OldTimer Tools) C:\Users\usuario\Downloads\OTM.exe
      2017-06-17 20:08 - 2017-06-17 20:08 - 00167376 _____ C:\Users\usuario\Downloads\fileassassin-setup-1.06.esp.exe
      2017-06-17 19:50 - 2017-06-17 19:50 - 00113964 _____ C:\Users\usuario\Downloads\unlocker1.9.0-portable.zip
      2017-06-17 03:42 - 2017-06-17 17:24 - 00000243 _____ C:\DelFix.txt
      2017-06-17 03:42 - 2017-06-17 03:42 - 00000000 ____D C:\Windows\ERUNT
      2017-06-17 03:37 - 2017-06-17 03:37 - 00781312 _____ C:\Users\usuario\Downloads\DelFix.exe
      2017-06-16 16:26 - 2017-06-16 16:35 - 00000000 ___RD C:\Users\usuario\Documents\Respaldos-Archivos,etc... (Juegos)
      2017-06-16 16:26 - 2017-06-16 16:26 - 00000780 _____ C:\Users\usuario\Desktop\Documentos.lnk
      2017-06-15 22:44 - 2017-06-15 22:44 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Screaming Bee
      2017-06-15 22:44 - 2017-06-15 22:44 - 00000000 ____D C:\ProgramData\Screaming Bee
      2017-06-15 22:42 - 2017-06-15 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
      2017-06-15 22:42 - 2017-06-15 22:42 - 00000000 ____D C:\Program Files (x86)\Screaming Bee
      2017-06-15 22:37 - 2017-06-15 22:37 - 07010582 _____ C:\Users\usuario\Downloads\Screaming Bee MorphVOX Pro 4.4.17 + Crack.rar
      2017-06-14 22:06 - 2017-06-03 07:15 - 01596600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
      2017-06-14 22:06 - 2017-06-03 07:15 - 00750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
      2017-06-14 22:06 - 2017-06-03 07:15 - 00382368 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
      2017-06-14 22:06 - 2017-06-03 07:14 - 01147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
      2017-06-14 22:06 - 2017-06-03 07:14 - 01024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
      2017-06-14 22:06 - 2017-06-03 07:10 - 00130464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
      2017-06-14 22:06 - 2017-06-03 07:09 - 08318880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
      2017-06-14 22:06 - 2017-06-03 07:09 - 01003624 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
      2017-06-14 22:06 - 2017-06-03 07:08 - 02969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
      2017-06-14 22:06 - 2017-06-03 07:07 - 00923048 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
      2017-06-14 22:06 - 2017-06-03 07:07 - 00119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
      2017-06-14 22:06 - 2017-06-03 07:02 - 02444192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
      2017-06-14 22:06 - 2017-06-03 07:01 - 05477096 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
      2017-06-14 22:06 - 2017-06-03 07:00 - 00872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
      2017-06-14 22:06 - 2017-06-03 07:00 - 00321376 _____ (Microsoft Corporation) C:\Windows\system32\capauthz.dll
      2017-06-14 22:06 - 2017-06-03 07:00 - 00219040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
      2017-06-14 22:06 - 2017-06-03 06:59 - 01409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
      2017-06-14 22:06 - 2017-06-03 06:59 - 00626528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
      2017-06-14 22:06 - 2017-06-03 06:59 - 00311200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
      2017-06-14 22:06 - 2017-06-03 06:59 - 00259400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
      2017-06-14 22:06 - 2017-06-03 06:58 - 21352696 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
      2017-06-14 22:06 - 2017-06-03 06:58 - 07904784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
      2017-06-14 22:06 - 2017-06-03 06:58 - 00660384 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
      2017-06-14 22:06 - 2017-06-03 06:58 - 00254176 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
      2017-06-14 22:06 - 2017-06-03 06:57 - 00371616 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 02228120 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 01854880 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 01693600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 01458592 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 00848288 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 00846752 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
      2017-06-14 22:06 - 2017-06-03 06:56 - 00844696 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 00697760 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 00672672 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
      2017-06-14 22:06 - 2017-06-03 06:56 - 00399264 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
      2017-06-14 22:06 - 2017-06-03 06:55 - 02681760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
      2017-06-14 22:06 - 2017-06-03 06:36 - 01150784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
      2017-06-14 22:06 - 2017-06-03 06:35 - 02259768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
      2017-06-14 22:06 - 2017-06-03 06:28 - 23677440 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
      2017-06-14 22:06 - 2017-06-03 06:26 - 00266640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capauthz.dll
      2017-06-14 22:06 - 2017-06-03 06:23 - 20373920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
      2017-06-14 22:06 - 2017-06-03 06:23 - 06760024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
      2017-06-14 22:06 - 2017-06-03 06:23 - 00573856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
      2017-06-14 22:06 - 2017-06-03 06:21 - 01516448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
      2017-06-14 22:06 - 2017-06-03 06:20 - 00583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
      2017-06-14 22:06 - 2017-06-03 06:14 - 03673088 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
      2017-06-14 22:06 - 2017-06-03 06:14 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\PerceptionSimulationExtensions.dll
      2017-06-14 22:06 - 2017-06-03 06:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
      2017-06-14 22:06 - 2017-06-03 06:14 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
      2017-06-14 22:06 - 2017-06-03 06:14 - 00047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
      2017-06-14 22:06 - 2017-06-03 06:12 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
      2017-06-14 22:06 - 2017-06-03 06:11 - 02958848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
      2017-06-14 22:06 - 2017-06-03 06:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
      2017-06-14 22:06 - 2017-06-03 06:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
      2017-06-14 22:06 - 2017-06-03 06:11 - 00038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
      2017-06-14 22:06 - 2017-06-03 06:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
      2017-06-14 22:06 - 2017-06-03 06:11 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
      2017-06-14 22:06 - 2017-06-03 06:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
      2017-06-14 22:06 - 2017-06-03 06:10 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
      2017-06-14 22:06 - 2017-06-03 06:10 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCredentialDeployment.exe
      2017-06-14 22:06 - 2017-06-03 06:09 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Identity.Provider.dll
      2017-06-14 22:06 - 2017-06-03 06:09 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\devicengccredprov.dll
      2017-06-14 22:06 - 2017-06-03 06:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
      2017-06-14 22:06 - 2017-06-03 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
      2017-06-14 22:06 - 2017-06-03 06:07 - 23682048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
      2017-06-14 22:06 - 2017-06-03 06:07 - 00778240 _____ C:\Windows\system32\MBR2GPT.EXE
      2017-06-14 22:06 - 2017-06-03 06:07 - 00721920 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
      2017-06-14 22:06 - 2017-06-03 06:07 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
      2017-06-14 22:06 - 2017-06-03 06:07 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
      2017-06-14 22:06 - 2017-06-03 06:06 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
      2017-06-14 22:06 - 2017-06-03 06:05 - 20506624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
      2017-06-14 22:06 - 2017-06-03 06:05 - 07336448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
      2017-06-14 22:06 - 2017-06-03 06:05 - 01878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
      2017-06-14 22:06 - 2017-06-03 06:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
      2017-06-14 22:06 - 2017-06-03 06:05 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devicengccredprov.dll
      2017-06-14 22:06 - 2017-06-03 06:04 - 12787200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
      2017-06-14 22:06 - 2017-06-03 06:04 - 00925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
      2017-06-14 22:06 - 2017-06-03 06:04 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
      2017-06-14 22:06 - 2017-06-03 06:03 - 19336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
      2017-06-14 22:06 - 2017-06-03 06:03 - 01260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
      2017-06-14 22:06 - 2017-06-03 06:03 - 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
      2017-06-14 22:06 - 2017-06-03 06:02 - 08245760 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
      2017-06-14 22:06 - 2017-06-03 06:01 - 06726656 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
      2017-06-14 22:06 - 2017-06-03 06:01 - 02804736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
      2017-06-14 22:06 - 2017-06-03 06:00 - 03379200 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
      2017-06-14 22:06 - 2017-06-03 06:00 - 00933376 _____ C:\Windows\system32\SearchIndexer.exe
      2017-06-14 22:06 - 2017-06-03 06:00 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 04730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 02672128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 02625024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 02056192 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
      2017-06-14 22:06 - 2017-06-03 05:59 - 01293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 01142784 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
      2017-06-14 22:06 - 2017-06-03 05:59 - 00975360 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
      2017-06-14 22:06 - 2017-06-03 05:59 - 00636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
      2017-06-14 22:06 - 2017-06-03 05:58 - 05961216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
      2017-06-14 22:06 - 2017-06-03 05:58 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
      2017-06-14 22:06 - 2017-06-03 05:58 - 02516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
      2017-06-14 22:06 - 2017-06-03 05:58 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
      2017-06-14 22:06 - 2017-06-03 05:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
      2017-06-14 22:06 - 2017-06-03 05:58 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
      2017-06-14 22:06 - 2017-06-03 05:57 - 11870720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
      2017-06-14 22:06 - 2017-06-03 05:57 - 06535168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
      2017-06-14 22:06 - 2017-06-03 05:57 - 05557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
      2017-06-14 22:06 - 2017-06-03 05:57 - 02829824 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
      2017-06-14 22:06 - 2017-06-03 05:57 - 01675264 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
      2017-06-14 22:06 - 2017-06-03 05:57 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
      2017-06-14 22:06 - 2017-06-03 05:57 - 00797184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
      2017-06-14 22:06 - 2017-06-03 05:56 - 06292992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
      2017-06-14 22:06 - 2017-06-03 05:55 - 03656192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
      2017-06-14 22:06 - 2017-06-03 05:55 - 02132480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
      2017-06-14 22:06 - 2017-06-03 05:55 - 01019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
      2017-06-14 22:06 - 2017-06-03 05:54 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
      2017-06-14 22:06 - 2017-06-03 05:54 - 02298368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
      2017-06-14 22:06 - 2017-06-03 05:54 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
      2017-06-14 22:06 - 2017-06-03 05:53 - 04559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
      2017-06-14 22:06 - 2017-06-03 05:51 - 00064512 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
      2017-06-12 23:50 - 2017-06-12 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
      2017-06-12 23:50 - 2017-06-12 23:50 - 00000000 ____D C:\Program Files\CPUID
      2017-06-12 23:48 - 2017-06-12 23:48 - 01553592 _____ (CPUID, Inc. ) C:\Users\usuario\Downloads\cpu-z_1.79-rog-en.exe
      2017-06-12 22:52 - 2017-06-12 22:53 - 04761896 _____ (techPowerUp (www.techpowerup.com)) C:\Users\usuario\Downloads\GPU-Z_ASUS_ROG_2.1.0.exe
      2017-06-08 20:11 - 2017-06-08 20:10 - 38226325 _____ C:\Users\usuario\Downloads\CCleaner 5.30 Pro Full Por Geek Tutos.rar
      2017-06-04 18:30 - 2014-10-03 18:54 - 00000000 ____D C:\Users\usuario\Documents\Ficheros (RocketDock)
      2017-06-04 18:28 - 2017-06-04 18:29 - 06539735 _____ C:\Users\usuario\Downloads\Ficheros.rar
      2017-06-04 18:28 - 2017-06-04 18:28 - 06463660 _____ (Punk Software ) C:\Users\usuario\Downloads\RocketDock-v1.3.5.exe
      2017-06-03 18:58 - 2017-06-19 18:20 - 00000000 ___RD C:\Users\usuario\Documents\Programas y Utilidades (Herramientas)
      2017-06-03 18:44 - 2017-06-03 18:48 - 142054536 _____ (Igor Pavlov) C:\Users\usuario\Downloads\NSATool.exe
      2017-06-01 18:32 - 2017-06-12 17:50 - 00000176 _____ C:\Users\usuario\BullseyeCoverageError.txt
      2017-06-01 17:24 - 2017-06-03 13:47 - 00000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
      2017-06-01 17:24 - 2017-06-03 13:47 - 00000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
      2017-06-01 17:23 - 2017-06-01 17:24 - 00000176 _____ C:\Users\Default\BullseyeCoverageError.txt
      2017-06-01 17:23 - 2017-06-01 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
      2017-06-01 17:23 - 2017-06-01 17:23 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
      2017-06-01 16:45 - 2017-06-01 16:45 - 00000000 ____D C:\Users\usuario\AppData\Local\IsolatedStorage
      2017-06-01 16:37 - 2017-06-01 16:39 - 29900344 _____ (TunnelBear) C:\Users\usuario\Downloads\TunnelBear-Installer.exe
      2017-06-01 16:22 - 2017-06-18 15:24 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
      2017-06-01 16:19 - 2017-06-01 16:20 - 15373152 _____ (AnchorFree Inc.) C:\Users\usuario\Downloads\HotspotShield-6.8.7-S435DIKW.exe
      2017-05-31 14:35 - 2017-05-31 14:35 - 00000458 _____ C:\Users\usuario\Downloads\ReeplazarHost.zip
      2017-05-31 14:35 - 2017-05-31 14:35 - 00000424 _____ C:\Users\usuario\Downloads\ReeplazarHost2 (1).zip
      2017-05-31 13:53 - 2017-05-31 13:53 - 00000425 _____ C:\Users\usuario\Downloads\NETSTAT.zip
      2017-05-31 00:07 - 2017-05-31 00:07 - 00062312 _____ C:\Users\usuario\Downloads\cports1.75.zip
      2017-05-30 02:47 - 2017-05-30 02:48 - 00000000 ____D C:\Users\usuario\AppData\LocalLow\Adobe
      2017-05-30 02:45 - 2017-05-30 04:42 - 00000000 ____D C:\Users\usuario\AppData\Local\Adobe
      2017-05-30 02:45 - 2017-05-30 02:45 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
      2017-05-30 01:04 - 2017-05-30 04:32 - 00000000 ____D C:\ProgramData\Adobe
      2017-05-29 15:30 - 2017-06-03 19:04 - 00000000 ___RD C:\Users\usuario\Documents\El Libro Negro Del Hacker
      2017-05-29 15:19 - 2017-06-03 00:42 - 07413144 _____ C:\Users\usuario\Downloads\El Libro Negro Del Hacker.rar
      2017-05-25 19:45 - 2017-05-20 06:13 - 01333136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
      2017-05-25 19:45 - 2017-05-20 05:48 - 04469832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
      2017-05-25 19:45 - 2017-05-20 05:45 - 00349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
      2017-05-25 19:45 - 2017-05-20 05:44 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
      2017-05-25 19:45 - 2017-05-20 05:44 - 00181664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 05802968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 04672848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 02424016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 01529384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 01455592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 01120864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
      2017-05-25 19:45 - 2017-05-20 05:43 - 00354400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
      2017-05-25 19:45 - 2017-05-20 05:26 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
      2017-05-25 19:45 - 2017-05-20 05:25 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSMDesktopProvider.dll
      2017-05-25 19:45 - 2017-05-20 05:24 - 00362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
      2017-05-25 19:45 - 2017-05-20 05:23 - 06728192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
      2017-05-25 19:45 - 2017-05-20 05:22 - 01292288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
      2017-05-25 19:45 - 2017-05-20 05:21 - 01984000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceFlows.DataModel.dll
      2017-05-25 19:45 - 2017-05-20 05:20 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
      2017-05-25 19:45 - 2017-05-20 05:18 - 01450496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
      2017-05-25 19:45 - 2017-05-20 05:17 - 00952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
      2017-05-25 19:45 - 2017-05-20 05:17 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
      2017-05-25 19:45 - 2017-05-20 05:14 - 04417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
      2017-05-25 19:45 - 2017-05-20 05:14 - 04056576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
      2017-05-25 19:45 - 2017-05-20 05:14 - 02679296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
      2017-05-25 19:45 - 2017-05-20 05:11 - 01536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
      2017-05-25 19:45 - 2017-05-20 05:10 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Midi.dll
      2017-05-25 19:45 - 2017-05-20 05:10 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
      2017-05-25 19:45 - 2017-05-20 05:10 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
      2017-05-25 19:45 - 2017-05-20 05:08 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
      2017-05-25 19:45 - 2017-05-20 04:07 - 00287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
      2017-05-25 19:45 - 2017-05-20 03:58 - 00188824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
      2017-05-25 19:45 - 2017-05-20 03:54 - 00730016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
      2017-05-25 19:45 - 2017-05-20 03:54 - 00144288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
      2017-05-25 19:45 - 2017-05-20 03:07 - 00277504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
      2017-05-25 19:44 - 2017-05-20 05:55 - 00606960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
      2017-05-25 19:44 - 2017-05-20 05:47 - 01474800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
      2017-05-25 19:44 - 2017-05-20 05:46 - 05821496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
      2017-05-25 19:44 - 2017-05-20 05:46 - 01266544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
      2017-05-25 19:44 - 2017-05-20 05:46 - 00754080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
      2017-05-25 19:44 - 2017-05-20 05:29 - 13840384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
      2017-05-25 19:44 - 2017-05-20 05:29 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
      2017-05-25 19:44 - 2017-05-20 05:27 - 02199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
      2017-05-25 19:44 - 2017-05-20 05:27 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
      2017-05-25 19:44 - 2017-05-20 05:26 - 00059904 _____ C:\Windows\SysWOW64\xboxgipsynthetic.dll
      2017-05-25 19:44 - 2017-05-20 05:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Diagnostics.dll
      2017-05-25 19:44 - 2017-05-20 05:22 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
      2017-05-25 19:44 - 2017-05-20 05:22 - 00394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DictationManager.dll
      2017-05-25 19:44 - 2017-05-20 05:21 - 00476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
      2017-05-25 19:44 - 2017-05-20 05:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
      2017-05-25 19:44 - 2017-05-20 05:20 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
      2017-05-25 19:44 - 2017-05-20 05:20 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
      2017-05-25 19:44 - 2017-05-20 05:20 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
      2017-05-25 19:44 - 2017-05-20 05:19 - 05719040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
      2017-05-25 19:44 - 2017-05-20 05:17 - 00909312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
      2017-05-25 19:44 - 2017-05-20 05:17 - 00329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
      2017-05-25 19:44 - 2017-05-20 05:16 - 05225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
      2017-05-25 19:44 - 2017-05-20 05:16 - 03667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
      2017-05-25 19:44 - 2017-05-20 05:16 - 02588160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
      2017-05-25 19:44 - 2017-05-20 05:16 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
      2017-05-25 19:44 - 2017-05-20 05:15 - 02088960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
      2017-05-25 19:44 - 2017-05-20 05:14 - 02211328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
      2017-05-25 19:44 - 2017-05-20 05:14 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll
      2017-05-25 19:44 - 2017-05-20 04:08 - 01459728 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
      2017-05-25 19:44 - 2017-05-20 04:08 - 00543648 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
      2017-05-25 19:44 - 2017-05-20 04:03 - 00777400 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
      2017-05-25 19:44 - 2017-05-20 03:59 - 00112544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
      2017-05-25 19:44 - 2017-05-20 03:56 - 04847928 _____ (Microsoft Corporation) C:\Windows\explorer.exe
      2017-05-25 19:44 - 2017-05-20 03:56 - 00712608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
      2017-05-25 19:44 - 2017-05-20 03:56 - 00370928 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
      2017-05-25 19:44 - 2017-05-20 03:55 - 07325584 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
      2017-05-25 19:44 - 2017-05-20 03:55 - 01911752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
      2017-05-25 19:44 - 2017-05-20 03:55 - 01506712 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
      2017-05-25 19:44 - 2017-05-20 03:55 - 01055648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
      2017-05-25 19:44 - 2017-05-20 03:55 - 00961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
      2017-05-25 19:44 - 2017-05-20 03:55 - 00211872 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
      2017-05-25 19:44 - 2017-05-20 03:54 - 00546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
      2017-05-25 19:44 - 2017-05-20 03:53 - 00654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
      2017-05-25 19:44 - 2017-05-20 03:53 - 00411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
      2017-05-25 19:44 - 2017-05-20 03:53 - 00363424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
      2017-05-25 19:44 - 2017-05-20 03:53 - 00335808 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
      2017-05-25 19:44 - 2017-05-20 03:53 - 00255904 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
      2017-05-25 19:44 - 2017-05-20 03:52 - 04709528 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
      2017-05-25 19:44 - 2017-05-20 03:52 - 01700408 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
      2017-05-25 19:44 - 2017-05-20 03:51 - 06551856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
      2017-05-25 19:44 - 2017-05-20 03:51 - 02604256 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
      2017-05-25 19:44 - 2017-05-20 03:51 - 01670496 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
      2017-05-25 19:44 - 2017-05-20 03:51 - 01219560 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
      2017-05-25 19:44 - 2017-05-20 03:51 - 00406064 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
      2017-05-25 19:44 - 2017-05-20 03:48 - 00387928 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
      2017-05-25 19:44 - 2017-05-20 03:10 - 00809472 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
      2017-05-25 19:44 - 2017-05-20 03:10 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
      2017-05-25 19:44 - 2017-05-20 03:10 - 00361472 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV2.dll
      2017-05-25 19:44 - 2017-05-20 03:10 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
      2017-05-25 19:44 - 2017-05-20 03:10 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksthunk.sys
      2017-05-25 19:44 - 2017-05-20 03:09 - 17365504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
      2017-05-25 19:44 - 2017-05-20 03:09 - 02199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
      2017-05-25 19:44 - 2017-05-20 03:09 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
      2017-05-25 19:44 - 2017-05-20 03:08 - 00086016 _____ C:\Windows\system32\xboxgipsynthetic.dll
      2017-05-25 19:44 - 2017-05-20 03:08 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
      2017-05-25 19:44 - 2017-05-20 03:08 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rootmdm.sys
      2017-05-25 19:44 - 2017-05-20 03:07 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSaveExt.dll
      2017-05-25 19:44 - 2017-05-20 03:07 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\snmptrap.exe
      2017-05-25 19:44 - 2017-05-20 03:06 - 00866816 _____ (Microsoft Corporation) C:\Windows\system32\NPSMDesktopProvider.dll
      2017-05-25 19:44 - 2017-05-20 03:06 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
      2017-05-25 19:44 - 2017-05-20 03:06 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.SharedPC.AccountManager.dll
      2017-05-25 19:44 - 2017-05-20 03:05 - 07931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
      2017-05-25 19:44 - 2017-05-20 03:05 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
      2017-05-25 19:44 - 2017-05-20 03:03 - 08331264 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
      2017-05-25 19:44 - 2017-05-20 03:03 - 00892416 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
      2017-05-25 19:44 - 2017-05-20 03:03 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\DictationManager.dll
      2017-05-25 19:44 - 2017-05-20 03:03 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
      2017-05-25 19:44 - 2017-05-20 03:03 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
      2017-05-25 19:44 - 2017-05-20 03:03 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
      2017-05-25 19:44 - 2017-05-20 03:02 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll
      2017-05-25 19:44 - 2017-05-20 03:02 - 00601088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 02347520 _____ (Microsoft Corporation) C:\Windows\system32\DeviceFlows.DataModel.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00590848 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
      2017-05-25 19:44 - 2017-05-20 03:01 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\embeddedmodesvc.dll
      2017-05-25 19:44 - 2017-05-20 03:00 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
      2017-05-25 19:44 - 2017-05-20 03:00 - 01067008 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll
      2017-05-25 19:44 - 2017-05-20 03:00 - 00846848 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
      2017-05-25 19:44 - 2017-05-20 03:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
      2017-05-25 19:44 - 2017-05-20 03:00 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 01818624 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 01468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 01141760 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 01028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 00972800 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
      2017-05-25 19:44 - 2017-05-20 02:59 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
      2017-05-25 19:44 - 2017-05-20 02:58 - 03784704 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
      2017-05-25 19:44 - 2017-05-20 02:58 - 03135488 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
      2017-05-25 19:44 - 2017-05-20 02:58 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
      2017-05-25 19:44 - 2017-05-20 02:58 - 01046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
      2017-05-25 19:44 - 2017-05-20 02:58 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
      2017-05-25 19:44 - 2017-05-20 02:58 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
      2017-05-25 19:44 - 2017-05-20 02:57 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
      2017-05-25 19:44 - 2017-05-20 02:56 - 02730496 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
      2017-05-25 19:44 - 2017-05-20 02:56 - 01076736 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
      2017-05-25 19:44 - 2017-05-20 02:55 - 04396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
      2017-05-25 19:44 - 2017-05-20 02:55 - 03332096 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
      2017-05-25 19:44 - 2017-05-20 02:55 - 02499584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
      2017-05-25 19:44 - 2017-05-20 02:55 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
      2017-05-25 19:44 - 2017-05-20 02:54 - 04707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
      2017-05-25 19:44 - 2017-05-20 02:54 - 04537344 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
      2017-05-25 19:44 - 2017-05-20 02:54 - 03803136 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
      2017-05-25 19:44 - 2017-05-20 02:54 - 02938880 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
      2017-05-25 19:44 - 2017-05-20 02:54 - 01275904 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll
      2017-05-25 19:44 - 2017-05-20 02:52 - 01356800 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
      2017-05-25 19:44 - 2017-05-20 02:52 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
      2017-05-25 19:44 - 2017-05-20 02:52 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
      2017-05-25 19:44 - 2017-05-20 02:52 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
      2017-05-25 19:44 - 2017-05-20 02:51 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
      2017-05-25 19:44 - 2017-05-20 02:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
      2017-05-25 19:44 - 2017-05-20 02:50 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Midi.dll
      2017-05-25 19:44 - 2017-05-20 02:50 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
      2017-05-25 19:44 - 2017-05-20 02:48 - 02438656 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
      2017-05-25 19:44 - 2017-05-20 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
      2017-05-25 19:44 - 2017-05-20 02:47 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\rdbui.dll
      2017-05-25 19:44 - 2017-05-20 02:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
      2017-05-25 19:04 - 2017-05-25 19:09 - 00002223 _____ C:\Users\usuario\Desktop\Minecraft.lnk
      2017-05-25 19:04 - 2017-05-25 19:04 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
      2017-05-25 18:57 - 2017-05-25 19:02 - 63340400 _____ C:\Users\usuario\Downloads\Minecraft launcher Team Extreme.rar
      2017-05-23 20:19 - 2017-05-23 20:19 - 00038656 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap-tb-0901.sys
      2017-05-22 17:43 - 2017-06-20 15:04 - 00001144 _____ C:\Users\usuario\Desktop\AdwCleaner.lnk
      2017-05-22 17:31 - 2017-05-22 17:32 - 04110280 _____ C:\Users\usuario\Downloads\adwcleaner_6.047.exe
      2017-05-21 03:34 - 2017-05-21 03:34 - 00000000 ____D C:\Users\usuario\VirtualBox VMs

      ==================== One Month Modified files and folders ========

      (If an entry is included in the fixlist, the file/folder will be moved.)

      2017-06-20 15:14 - 2017-04-21 21:53 - 01976456 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-06-20 15:14 - 2017-03-20 02:11 - 02825820 _____ C:\Windows\system32\perfh00A.dat
      2017-06-20 15:14 - 2017-03-20 02:11 - 00767174 _____ C:\Windows\system32\perfc00A.dat
      2017-06-20 15:10 - 2017-04-22 13:06 - 00000000 ____D C:\Users\usuario\AppData\LocalLow\360WD
      2017-06-20 15:09 - 2017-05-18 13:50 - 00188312 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
      2017-06-20 15:09 - 2017-05-18 13:50 - 00113592 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
      2017-06-20 15:09 - 2017-05-18 13:50 - 00093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
      2017-06-20 15:09 - 2017-05-16 17:30 - 00000000 ____D C:\bksystem
      2017-06-20 15:09 - 2017-05-07 01:57 - 00252832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
      2017-06-20 15:09 - 2017-05-07 01:53 - 00044960 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
      2017-06-20 15:09 - 2017-04-22 01:02 - 00065536 _____ C:\Windows\system32\spu_storage.bin
      2017-06-20 15:09 - 2017-04-21 21:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
      2017-06-20 15:09 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\Registration
      2017-06-20 15:09 - 2017-03-18 08:40 - 00786432 _____ C:\Windows\system32\config\BBI
      2017-06-20 15:08 - 2017-05-13 18:20 - 00000000 ____D C:\AdwCleaner
      2017-06-20 15:02 - 2017-04-21 23:05 - 00003036 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Fede-PC)
      2017-06-20 14:43 - 2017-04-21 19:43 - 00002387 _____ C:\Users\usuario\Desktop\Driver Booster 4.lnk
      2017-06-20 14:43 - 2017-03-18 18:01 - 00000000 ____D C:\Windows\INF
      2017-06-20 14:42 - 2017-04-21 20:13 - 00984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
      2017-06-20 14:04 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\AppReadiness
      2017-06-19 22:32 - 2017-04-21 21:45 - 00000000 ____D C:\Windows\system32\SleepStudy
      2017-06-19 16:59 - 2017-03-18 18:03 - 00000000 ___HD C:\Program Files\WindowsApps
      2017-06-19 01:33 - 2017-04-21 21:52 - 00000000 ____D C:\Users\usuario
      2017-06-18 23:59 - 2017-04-22 13:06 - 00000000 ____D C:\ProgramData\360safe
      2017-06-18 22:46 - 2017-05-07 04:12 - 00000430 __RSH C:\ProgramData\ntuser.pol
      2017-06-18 17:23 - 2017-04-23 18:51 - 00000000 ____D C:\Users\usuario\AppData\Roaming\.minecraft
      2017-06-18 15:25 - 2017-05-07 16:07 - 00000000 ____D C:\ProgramData\Hotspot Shield
      2017-06-18 15:22 - 2017-04-22 01:02 - 00000000 ____D C:\ProgramData\Package Cache
      2017-06-18 02:13 - 2017-04-22 01:37 - 00000000 ____D C:\Users\usuario\AppData\Local\ElevatedDiagnostics
      2017-06-17 22:46 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\rescache
      2017-06-17 16:46 - 2017-04-21 19:44 - 00000000 ____D C:\ProgramData\ProductData
      2017-06-17 01:17 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\system32\NDF
      2017-06-17 00:59 - 2017-04-22 13:05 - 00000000 _RSHD C:\360SANDBOX
      2017-06-16 22:30 - 2017-03-18 08:40 - 00032768 _____ C:\Windows\system32\config\ELAM
      2017-06-16 18:03 - 2017-03-18 17:51 - 00000000 ____D C:\Windows\CbsTemp
      2017-06-16 16:44 - 2017-04-25 02:50 - 00000000 ___RD C:\Users\usuario\Documents\Documentos de Texto
      2017-06-16 16:40 - 2017-04-25 20:34 - 00000403 _____ C:\Users\usuario\AppData\Local\Lockdir6
      2017-06-16 16:39 - 2017-04-25 20:34 - 00000029 _____ C:\Users\Public\Lockdir6.lg
      2017-06-15 23:24 - 2017-05-20 19:26 - 00000000 ____D C:\Users\usuario\.VirtualBox
      2017-06-15 20:46 - 2017-04-22 00:38 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-06-14 22:29 - 2017-04-21 19:23 - 00565416 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
      2017-06-14 22:23 - 2017-04-21 21:53 - 00000000 __RHD C:\Users\Public\AccountPictures
      2017-06-14 22:20 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\system32\oobe
      2017-06-14 22:20 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\system32\appraiser
      2017-06-14 22:15 - 2017-04-21 21:41 - 00000000 ____D C:\Windows\system32\MRT
      2017-06-14 22:11 - 2017-04-21 21:40 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
      2017-06-13 15:19 - 2017-04-22 13:05 - 00001150 _____ C:\Users\Public\Desktop\360 Total Security.lnk
      2017-06-13 15:19 - 2017-04-22 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
      2017-06-13 01:55 - 2017-04-26 18:14 - 00000000 ____D C:\Windows\Minidump
      2017-06-12 18:33 - 2017-05-12 22:08 - 00000000 ____D C:\Users\usuario\AppData\Local\LogMeIn Hamachi
      2017-06-11 19:34 - 2017-04-22 19:51 - 00000000 ___RD C:\Users\usuario\Desktop\Saved Pictures
      2017-06-09 19:39 - 2017-05-06 01:58 - 00000000 ____D C:\Program Files (x86)\Steam
      2017-06-09 06:00 - 2017-04-22 13:06 - 00095232 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
      2017-06-09 06:00 - 2017-04-22 13:05 - 00339456 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
      2017-06-08 20:14 - 2017-05-07 15:21 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
      2017-06-05 21:53 - 2017-05-18 13:50 - 00077376 _____ C:\Windows\system32\Drivers\mbae64.sys
      2017-06-03 19:01 - 2017-05-10 18:43 - 00000000 ___RD C:\Users\usuario\Documents\Cursores
      2017-06-03 07:12 - 2017-05-20 05:13 - 00003358 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1495268021
      2017-06-03 03:32 - 2017-03-18 18:06 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-06-03 03:32 - 2017-03-18 18:06 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-06-03 01:20 - 2017-05-20 05:13 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
      2017-06-03 01:20 - 2017-05-20 05:12 - 00000000 ____D C:\Program Files\Opera
      2017-06-01 18:28 - 2017-04-22 13:54 - 00000000 __SHD C:\$360Section
      2017-06-01 18:28 - 2017-04-22 13:17 - 00000000 ____D C:\ProgramData\360Quarant
      2017-05-30 05:01 - 2017-04-21 21:53 - 00000000 ____D C:\Users\usuario\AppData\Local\Packages
      2017-05-30 04:42 - 2017-04-21 21:53 - 00000000 ____D C:\Users\usuario\AppData\Roaming\Adobe
      2017-05-30 03:13 - 2017-04-22 22:41 - 00000000 ____D C:\Users\usuario\AppData\Roaming\DAEMON Tools Pro
      2017-05-29 15:09 - 2017-04-27 19:55 - 00000000 ___RD C:\Users\usuario\Google Drive
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ___SD C:\Windows\SysWOW64\F12
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ___SD C:\Windows\system32\F12
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ___RD C:\Program Files\Windows Defender
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ____D C:\Windows\ShellExperiences
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
      2017-05-25 19:51 - 2017-03-18 18:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
      2017-05-24 00:33 - 2017-05-16 20:25 - 00000075 _____ C:\Windows\Tempadvdataprocnew.ini
      2017-05-22 17:17 - 2017-04-21 22:44 - 00000000 ____D C:\Windows\Panther
      2017-05-21 20:37 - 2017-05-09 23:30 - 00000000 ____D C:\ProgramData\PopCap Games

      ==================== Files in the root of some directories =======

      2017-04-25 20:34 - 2017-06-16 16:40 - 0000403 _____ () C:\Users\usuario\AppData\Local\Lockdir6
      2017-04-22 02:01 - 2017-05-07 04:30 - 0007597 _____ () C:\Users\usuario\AppData\Local\Resmon.ResmonCfg
      2017-04-21 19:19 - 2017-04-21 19:19 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
      2017-05-06 19:53 - 2017-05-06 19:53 - 0000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

      ==================== Bamital & volsnap ======================

      (There is no automatic fix for files that do not pass verification.)

      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

      LastRegBack: 2017-06-14 21:59

      ==================== End of FRST.txt ============================

    8. #8
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Informe del Addition:

      Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2017 01
      Ran by Fede-PC (20-06-2017 15:21:17)
      Running from C:\Users\usuario\Desktop
      Windows 10 Pro Version 1703 (X64) (2017-04-22 00:49:38)
      Boot Mode: Normal
      ==========================================================


      ==================== Accounts: =============================

      Administrador (S-1-5-21-1003139022-2186531576-1555623010-500 - Administrator - Disabled)
      DefaultAccount (S-1-5-21-1003139022-2186531576-1555623010-503 - Limited - Disabled)
      Fede-PC (S-1-5-21-1003139022-2186531576-1555623010-1001 - Administrator - Enabled) => C:\Users\usuario
      HomeGroupUser$ (S-1-5-21-1003139022-2186531576-1555623010-1003 - Limited - Enabled)
      Invitado (S-1-5-21-1003139022-2186531576-1555623010-501 - Limited - Disabled)

      ==================== Security Center ========================

      (If an entry is included in the fixlist, it will be removed.)

      AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
      AV: ZoneAlarm Free Firewall Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
      AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
      AS: ZoneAlarm Free Firewall Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
      AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
      AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
      FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

      ==================== Installed Programs ======================

      (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

      360 Document Protector (HKLM-x32\...\360DocProtect) (Version: 1.0.0.1061 - 360 Security Center)
      360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.0.0.1202 - 360 Security Center)
      AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
      Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
      Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
      CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
      Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
      CPUID ROG CPU-Z 1.79.1 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.79.1 - CPUID, Inc.)
      DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 8.0.0.0631 - Disc Soft Ltd)
      Driver Booster 4.3 (HKLM-x32\...\Driver Booster_is1) (Version: 4.3.0 - IObit)
      Everything 1.4.1.877 (x64) (HKLM\...\Everything) (Version: 1.4.1.877 (x64) - David Carpenter)
      Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.104 - Google Inc.)
      Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
      Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
      Hotspot Shield 6.8.12 (HKLM-x32\...\{c67c171b-b51a-4ff1-a641-6f4a9fb11bc9}) (Version: 6.8.12.10541 - AnchorFree Inc.)
      Hotspot Shield 6.8.12 (x32 Version: 6.8.12 - AnchorFree Inc.) Hidden
      Hotspot Shield 6.8.12 (x32 Version: 6.8.12.10541 - AnchorFree Inc.) Hidden
      Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
      LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.578 - LogMeIn, Inc.)
      LogMeIn Hamachi (x32 Version: 2.2.0.578 - LogMeIn, Inc.) Hidden
      Malwarebytes versión 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
      MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
      Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
      Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
      Microsoft OneDrive (HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
      Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
      Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
      Minecraft1.6.2 (HKLM-x32\...\Minecraft1.6.2) (Version: - )
      MorphVOX Pro (HKLM-x32\...\{4bfc0d50-0417-46a0-ab1e-475fb1a90916}) (Version: 4.4.17.22603 - Screaming Bee)
      MorphVOX Pro (x32 Version: 4.4.17.22603 - Screaming Bee) Hidden
      Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - )
      Opera Stable 45.0.2552.888 (HKLM-x32\...\Opera 45.0.2552.888) (Version: 45.0.2552.888 - Opera Software)
      Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation)
      PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
      Popcap Game Collection (HKLM-x32\...\{69EA986B-B172-4FAA-B54D-853BD3A2B264}) (Version: 1.00.0000 - Popcap)
      Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8051 - Realtek Semiconductor Corp.)
      Revo Uninstaller Pro 3.1.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.9 - VS Revo Group, Ltd.)
      SecretFolder version 4.7.0.0 (HKLM-x32\...\SecretFolder_is1) (Version: 4.7.0.0 - hxxp://ohsoft.net/)
      Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
      TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
      Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly)
      Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-5) (Version: 1.0.39.1 - LunarG, Inc.)
      Vulkan Run Time Libraries 1.0.39.1 (Version: 1.0.39.1 - LunarG, Inc.) Hidden
      WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
      ZoneAlarm Antivirus (x32 Version: 15.1.504.17269 - Check Point Software Technologies Ltd.) Hidden
      ZoneAlarm Firewall (x32 Version: 15.1.504.17269 - Check Point Software Technologies Ltd.) Hidden
      ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.1.504.17269 - Check Point)
      ZoneAlarm Security (x32 Version: 15.1.504.17269 - Check Point Software Technologies Ltd.) Hidden

      ==================== Custom CLSID (Whitelisted): ==========================

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


      ==================== Scheduled Tasks (Whitelisted) =============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      Task: {089B476B-95D0-460D-8B5C-CE618C125B94} - System32\Tasks\S-1-5-21-1003139022-2186531576-1555623010-1001\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
      Task: {1039CD2B-E619-4425-8C8B-9DC02A389616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-22] (Google Inc.)
      Task: {184C086C-C2A6-45A9-9BD0-287433BEA10F} - System32\Tasks\Opera scheduled Autoupdate 1495268021 => C:\Program Files\Opera\launcher.exe [2017-05-31] (Opera Software)
      Task: {1BA03C94-D3DA-4E19-B12E-EE835DE1207A} - System32\Tasks\Driver Booster SkipUAC (usuario) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe [2017-03-16] (IObit)
      Task: {4265B828-5BC9-41E0-A54B-6C488D81999B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-22] (Google Inc.)
      Task: {42D45FBB-7D4B-4829-966B-2EB515BAB1F4} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
      Task: {87E292C4-7A52-4297-B39F-CC20E744E59F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
      Task: {9F1AE3B0-47BE-40D5-B510-FCBDEB6E6480} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-05] (Piriform Ltd)
      Task: {C9CA81B5-72D1-4FC5-A2DA-49FE686F1B72} - System32\Tasks\Driver Booster SkipUAC (Fede-PC) => C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe [2017-03-16] (IObit)

      (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


      ==================== Shortcuts & WMI ========================

      (The entries could be listed to be restored or removed.)


      Shortcut: C:\Users\usuario\Desktop\The Conquerors.lnk -> C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\The Conquerors.bat ()

      ==================== Loaded Modules (Whitelisted) ==============

      2017-06-12 21:07 - 2017-06-12 21:07 - 00012080 ____N () C:\Windows\TEMP\BullseyeCoverage-x64-3.dll
      2017-05-18 13:50 - 2017-06-05 21:53 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
      2017-03-18 17:58 - 2017-03-18 17:58 - 00138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
      2017-04-22 13:05 - 2017-06-09 06:00 - 00785360 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
      2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
      2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
      2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
      2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
      2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
      2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
      2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
      2017-03-18 17:59 - 2017-03-20 02:14 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
      2017-04-22 13:05 - 2017-06-09 06:00 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
      2017-06-15 12:36 - 2017-06-15 12:36 - 00166520 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
      2017-04-22 13:05 - 2017-06-09 06:00 - 00498272 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
      2017-03-22 08:06 - 2017-03-22 08:06 - 00865232 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\ProgramData:NT [40]
      AlternateDataStreams: C:\ProgramData:NT2 [432]
      AlternateDataStreams: C:\Users\All Users:NT [40]
      AlternateDataStreams: C:\Users\All Users:NT2 [432]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT [40]
      AlternateDataStreams: C:\ProgramData\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
      AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [432]
      AlternateDataStreams: C:\Users\usuario\Datos de programa:NT [40]
      AlternateDataStreams: C:\Users\usuario\Datos de programa:NT2 [432]
      AlternateDataStreams: C:\Users\usuario\AppData\Roaming:NT [40]
      AlternateDataStreams: C:\Users\usuario\AppData\Roaming:NT2 [432]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ==========================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2017-03-18 18:03 - 2017-05-08 21:12 - 00003937 _____ C:\Windows\system32\Drivers\etc\hosts

      127.0.0.1 activate.adobe.com
      127.0.0.1 practivate.adobe.com
      127.0.0.1 lmlicenses.wip4.adobe.com
      127.0.0.1 lm.licenses.adobe.com
      127.0.0.1 na1r.services.adobe.com
      127.0.0.1 hlrcv.stage.adobe.com
      127.0.0.1 bandicam.com
      127.0.0.1 ssl.bandisoft.com
      0.0.0.0 keystone.mwbsys.com
      0.0.0.0 anchorfree.net
      0.0.0.0 rss2search.com
      0.0.0.0 techbrowsing.com
      0.0.0.0 box.anchorfree.net
      0.0.0.0 MeFeedia
      0.0.0.0 AnchorFree
      0.0.0.0 MeFeedia
      0.0.0.0 anchorfree.us
      0.0.0.0 a433.com
      0.0.0.0 anchorfree.net
      0.0.0.0 rpt.anchorfree.net
      0.0.0.0 delivery.anchorfree.us/land.php
      0.0.0.0 hsselite.com
      0.0.0.0 www.hsselite.com
      0.0.0.0 anchorfree.net
      0.0.0.0 rss2search.com
      0.0.0.0 techbrowsing.com
      0.0.0.0 box.anchorfree.net
      0.0.0.0 MeFeedia
      0.0.0.0 AnchorFree
      0.0.0.0 MeFeedia

      There are 76 more lines.


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\usuario\Desktop\Saved Pictures\Fondos de Pantalla, etc\wallhaven-509708.jpg
      DNS Servers: 8.8.8.8 - 8.8.4.4
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      Windows Firewall is disabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
      HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
      HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
      HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\StartupApproved\Run: => "OneDrive"
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\StartupApproved\Run: => "uTorrent"
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\StartupApproved\Run: => "Steam"
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
      HKU\S-1-5-21-1003139022-2186531576-1555623010-1001\...\StartupApproved\Run: => "Voobly"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [TCP Query User{F607CE84-A586-472C-98E9-47888E46A32D}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
      FirewallRules: [UDP Query User{7D98A43E-7CAD-4185-A7AD-0CBFA5136C7F}C:\program files (x86)\voobly\voobly.exe] => (Allow) C:\program files (x86)\voobly\voobly.exe
      FirewallRules: [TCP Query User{D2DB3050-3EA1-4823-9B66-AE6E438C15AC}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
      FirewallRules: [UDP Query User{3468BF0E-E4FE-4C7B-9C8A-73C050E657C2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
      FirewallRules: [TCP Query User{285EC375-C425-4665-9D01-C4C006788B72}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
      FirewallRules: [UDP Query User{34C43AA7-1968-4513-B48D-04AA8B842A30}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
      FirewallRules: [TCP Query User{4811A4D7-F9F3-49BC-A030-A4DA7C11F023}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
      FirewallRules: [UDP Query User{080B2387-32A2-47EE-B865-A8F1E71329CC}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
      FirewallRules: [{3DDB476C-91F8-4ECB-BD8C-7B8BD0AB893E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{79CDCEBF-6711-49C0-BA11-54E57195C777}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{8C81F540-AC58-4CFA-8849-A028428F79FB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{C1C8FF42-8D42-453B-89BC-782BA1906B3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{E392E2DA-516F-4ADE-894F-301067A22859}] => (Allow) C:\Program Files\Opera\45.0.2552.812\opera.exe
      FirewallRules: [{5F4FB35D-BEB3-4866-9909-C1462BF8D48F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
      FirewallRules: [{1FC88CE5-C6F6-48DE-9E3A-42A2457E629B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DriverBooster.exe
      FirewallRules: [{D79A4A01-A73D-465D-9823-25DCB8AD92EC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
      FirewallRules: [{2B93FE6C-48DF-4299-8B89-9918DAB07989}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\DBDownloader.exe
      FirewallRules: [{8E603BA4-DCCA-457B-B5A3-62EDE1DA9E1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
      FirewallRules: [{585419C2-7396-4D73-8EC8-5C8CB316F4A2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.3.0\AutoUpdate.exe
      FirewallRules: [TCP Query User{90042B59-F481-4335-8200-3E4C9F8D3605}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
      FirewallRules: [UDP Query User{0176788E-ABD7-40C7-809C-667609D530DC}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
      FirewallRules: [{A9E6BFF9-4D24-40DF-98BB-248932D15B00}] => (Allow) C:\Program Files\Opera\45.0.2552.888\opera.exe
      FirewallRules: [{B0E94E56-8D45-4C8F-93F3-AE16BAD2298C}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
      FirewallRules: [{4048D361-B028-49D8-8193-A914A6518840}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
      FirewallRules: [{D0864724-275D-455E-9576-866BE3235727}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
      FirewallRules: [{30AC26E1-9F34-41FD-8FF1-245F53192BB3}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
      FirewallRules: [{151324FF-DE8B-4D67-9770-6488571442D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{2EB1E18B-72F2-4848-A9CC-912DC94A6E2B}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
      FirewallRules: [{DC32B569-2374-47BC-A4FC-F093761BCF6B}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

      ==================== Restore Points =========================

      14-06-2017 22:07:06 Windows Update
      14-06-2017 23:31:40 PuntoDeRestauracionN°1
      16-06-2017 18:01:41 Instalador de Módulos de Windows
      18-06-2017 05:37:14 Revo Uninstaller Pro's restore point - Thumbs.ms
      20-06-2017 14:41:36 Driver Booster : Realtek PCIe GBE Family Controller

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (06/20/2017 0358 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (06/20/2017 0307 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

      Error: (06/20/2017 03:09:52 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007139F
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (06/20/2017 02:56:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (06/20/2017 02:55:41 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

      Error: (06/20/2017 02:55:40 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (06/20/2017 02:43:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (06/20/2017 02:43:20 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
      Description: Error de la activación de licencia (slui.exe) con el siguiente código:
      hr=0x8007007B
      Argumentos de línea de comandos:
      RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

      Error: (06/20/2017 02:13:07 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: FEDEHDC-PC)
      Description: microsoft.zunevideo_8wekyb3d8bbwe1009

      Error: (06/20/2017 02:13:07 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: FEDEHDC-PC)
      Description: microsoft.zunemusic_8wekyb3d8bbwe1009


      System errors:
      =============
      Error: (06/20/2017 03:21:18 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:21:18 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:21:05 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:21:05 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:19:38 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:19:38 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:18:42 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:18:42 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:18:42 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

      Error: (06/20/2017 03:18:42 PM) (Source: DCOM) (EventID: 10005) (User: FEDEHDC-PC)
      Description: Error de DCOM "5" al intentar iniciar el servicio WSearch con argumentos "No disponible" para ejecutar el servidor:
      {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


      CodeIntegrity:
      ===================================
      Date: 2017-06-19 17:14:33.502
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:33.402
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:32.925
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:32.825
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:32.357
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:32.253
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:31.758
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:31.658
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:31.223
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

      Date: 2017-06-19 17:14:31.123
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


      ==================== Memory info ===========================

      Processor: AMD A10-7860K Radeon R7, 12 Compute Cores 4C+8G
      Percentage of memory in use: 38%
      Total physical RAM: 7108.86 MB
      Available physical RAM: 4373.2 MB
      Total Virtual: 8260.86 MB
      Available Virtual: 4988.39 MB

      ==================== Drives ================================

      Drive c: () (Fixed) (Total:930.96 GB) (Free:858.42 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

      Partition: GPT.

      ==================== End of Addition.txt ============================

    9. #9
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.165

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Hotspot Shield 6.8.12 lo has instalado tu?
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    10. #10
      Usuario Avatar de FIBH07
      Registrado
      jun 2017
      Ubicación
      Argentina
      Mensajes
      13

      Re: Acabo de ver en mis documentos un archivo oculto llamado default.rdp. ¿A qué se d

      Si, si, lo he instalado yo.

    Página 1 de 2 12 ÚltimoÚltimo