Hola, desde hace unos días me aparece la dichosa ventanita al encender el pc con este bicho… Le pasé el MalwareBytes y el adwcleaner… Los 2 primeros analisis de malwarebytes dieron resultados. el adwcleaner nada. Parece que todo sigue igual, pasé otra vez malwarebytes y no encuentra nada… Os cuelgo el reporte a continuación a ver si alguien sabe por dónde tirar. Muchas gracias de antemano. Saludos.
Malwarebytes
www.malwarebytes.com
-Detalles del registro-
Fecha del análisis: 13/12/19
Hora del análisis: 19:50
Archivo de registro: 6960aac6-1dd9-11ea-92ee-408d5c4a079c.json
-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.770
Versión del paquete de actualización: 1.0.16120
Licencia: Gratis
-Información del sistema-
SO: Windows 10 (Build 18362.535)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-EV3DJ0V\casa
-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 330385
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 5 min, 48 seg
-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar
-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)
Módulo: 0
(No hay elementos maliciosos detectados)
Clave del registro: 0
(No hay elementos maliciosos detectados)
Valor del registro: 0
(No hay elementos maliciosos detectados)
Datos del registro: 0
(No hay elementos maliciosos detectados)
Secuencia de datos: 0
(No hay elementos maliciosos detectados)
Carpeta: 0
(No hay elementos maliciosos detectados)
Archivo: 0
(No hay elementos maliciosos detectados)
Sector físico: 0
(No hay elementos maliciosos detectados)
WMI: 0
(No hay elementos maliciosos detectados)
(end)
Si sirviera para algo les puedo colgar los reportes anteriores, donde si encontró amenazas.
-
Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
-
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?
-
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.
-
En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.
-
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.
En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST
Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by casa (administrator) on DESKTOP-EV3DJ0V (Gigabyte Technology Co., Ltd. H81M-S2H) (13-12-2019 20:28:18)
Running from C:\Users\casa\Downloads
Loaded Profiles: casa (Available Profiles: casa & torrecasa)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Español (España, internacional)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(AVAST Software s.r.o. -> ) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\Run: [bc44851a] => C:\ProgramData\Intel\Wireless\87d31c7\kbigdfd.exe [943784 2019-12-09] (AutoIt Consulting Ltd -> AutoIt Team)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2153.120\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01E5182A-34D4-4417-8F12-BAF8E7BD246C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {03B5648F-65B4-47A5-B910-5A98287B801E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {09E78840-2A24-4CF8-A7BD-A1EFD1EE3865} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-02] (Google Inc -> Google Inc.)
Task: {0BFFC6A7-2E53-49C1-9647-CA55D11E2A20} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E8B7F8E-C65D-4F6D-ACB7-E8C7D7B2D07B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A042246-704F-42E9-98CF-F5F729F3A632} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {2349A78D-5340-4524-B82C-268088B55DAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {2731ABD4-67E9-4F19-AAE1-3896A867C875} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3221657D-29B6-4CF4-ADDB-E8AA0EDC2815} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-10] (Adobe Inc. -> Adobe)
Task: {32AE4F30-137A-4108-9944-B2B91BE53015} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1857552 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {3310DDA8-DDE1-4684-A1AA-A337D57A193C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {5537D847-9941-478B-B98F-F77ABC7CCB0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-02] (Google Inc -> Google Inc.)
Task: {56EA4DB4-698F-4A9D-8B2D-F881F4687BFA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {663310F4-9DBB-4376-9822-8CEE89FF961B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {724A3D38-D159-451E-86EC-EE2F75FD82F3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {793EBD08-79CA-4777-867E-1326C469A4F4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1857552 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E6D611B-52BD-4556-97F7-361D9BAB60FF} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E8C6D85-D0FB-4644-9C0E-9A2927F0AAEE} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {A2878B1C-FE64-4318-B447-A5A033837780} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {CD2EC266-A9E8-4CEE-BD75-05CD6A9E419B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4F7A447-AA63-47B3-A056-E2B16F43B4C9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-10] (Adobe Inc. -> Adobe)
Task: {E582B78E-DF61-4933-9D0A-235E2D8D727F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE96D043-6C87-45C9-9B2F-BD0E15469A0E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 212.231.6.7 46.6.113.34
Tcpip\..\Interfaces\{feb16e0a-4ed1-4a50-8247-90d7dc1bc6e2}: [DhcpNameServer] 212.231.6.7 46.6.113.34
Internet Explorer:
==================
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.es/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2019-09-19] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
Chrome:
=======
CHR Profile: C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default [2019-12-13]
CHR Extension: (Presentaciones) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-27]
CHR Extension: (Búsqueda de Google) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (New Finds) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckgjkpmngckgnbbfnbkoejaldaimgjh [2017-05-28]
CHR Extension: (Hojas de cálculo) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Avast Online Security) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\casa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2153.120\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-07-29] (Disc Soft Ltd -> Disc Soft Ltd)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel(R) pGFX -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-11-26] (Malwarebytes Inc -> Malwarebytes)
R2 RemoteServerWin; C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3187384 2017-12-13] (Unified Intents AB -> Unified Intents AB)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
R3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [95344 2012-07-31] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrSerIf; C:\WINDOWS\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys [19584 2006-09-02] (Brother Industries Ltd.) [File not signed]
R3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [21872 2012-06-22] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-08-24] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-08-24] (Disc Soft Ltd -> Disc Soft Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-13] (Malwarebytes Inc -> Malwarebytes)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [25592 2015-11-05] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-13 20:28 - 2019-12-13 20:29 - 000027355 _____ C:\Users\casa\Downloads\FRST.txt
2019-12-13 20:27 - 2019-12-13 20:28 - 000000000 ____D C:\FRST
2019-12-13 20:27 - 2019-12-13 20:27 - 002263552 _____ (Farbar) C:\Users\casa\Downloads\FRST64.exe
2019-12-13 19:49 - 2019-12-13 19:49 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-12-13 19:49 - 2019-12-13 19:49 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-12-13 19:13 - 2019-12-13 19:13 - 000000000 ____D C:\Users\casa\AppData\LocalLow\Apple Computer
2019-12-13 19:13 - 2019-12-13 19:13 - 000000000 ____D C:\Users\casa\AppData\Local\Macroplant,_LLC
2019-12-13 19:12 - 2019-12-13 19:23 - 000000000 ____D C:\Program Files (x86)\Sharepod
2019-12-13 19:11 - 2019-12-13 19:11 - 007350408 _____ (Macroplant LLC ) C:\Users\casa\Downloads\Sharepod-4.2.0.exe
2019-12-13 18:45 - 2019-12-13 18:47 - 000000000 ____D C:\Users\casa\AppData\Roaming\WindSolutions
2019-12-13 18:45 - 2019-12-13 18:47 - 000000000 ____D C:\ProgramData\WindSolutions
2019-12-13 18:45 - 2019-12-13 18:45 - 008998368 _____ (Ursa Minor Ltd.) C:\Users\casa\Downloads\Install_CopyTransControlCenter.exe
2019-12-12 15:49 - 2019-12-12 15:49 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 15:49 - 2019-12-12 15:49 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 15:48 - 2019-12-12 15:49 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 15:48 - 2019-12-12 15:48 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 15:48 - 2019-12-12 15:48 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 15:48 - 2019-12-12 15:48 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 15:48 - 2019-12-12 15:48 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 15:48 - 2019-12-12 15:48 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-12 11:22 - 2019-12-12 11:22 - 000000000 ____D C:\Users\casa\Evernote
2019-12-12 11:22 - 2019-12-12 11:22 - 000000000 ____D C:\Users\casa\AppData\LocalLow\Evernote
2019-12-12 11:21 - 2019-12-12 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2019-12-12 11:21 - 2019-12-12 11:21 - 000000000 ____D C:\Program Files (x86)\Evernote
2019-12-12 11:16 - 2019-12-12 11:17 - 130774496 _____ (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\casa\Downloads\Evernote_6.21.2.8716.exe
2019-12-11 14:53 - 2019-12-11 14:53 - 000024690 _____ C:\Users\casa\Downloads\lista actualizada 11-12-19.xlsx
2019-12-11 09:13 - 2019-12-11 09:13 - 008218800 _____ (Malwarebytes) C:\Users\casa\Downloads\adwcleaner_8.0.0 (1).exe
2019-12-10 13:11 - 2019-12-10 13:11 - 005133880 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-12-01 00:54 - 2019-12-01 00:54 - 000000000 ____D C:\testintel2
2019-11-26 10:38 - 2019-11-26 10:38 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-26 10:38 - 2019-11-26 10:38 - 000002032 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-11-26 10:38 - 2019-11-26 10:38 - 000000000 ____D C:\Users\casa\AppData\Local\cache
2019-11-24 15:44 - 2019-11-24 15:44 - 000000000 ____D C:\testintel
2019-11-14 00:37 - 2019-11-14 00:37 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 002369552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001718584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001616696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001387024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000960040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000816952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000666640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000259384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-14 00:37 - 2019-11-14 00:37 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-14 00:37 - 2019-11-14 00:37 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-11-14 00:37 - 2019-11-14 00:37 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-11-14 00:37 - 2019-11-14 00:37 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
2019-11-14 00:37 - 2019-11-14 00:37 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2019-11-14 00:37 - 2019-11-14 00:37 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2019-11-14 00:37 - 2019-11-14 00:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2019-11-14 00:36 - 2019-11-14 00:36 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-14 00:36 - 2019-11-14 00:36 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-14 00:36 - 2019-11-14 00:36 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2019-11-14 00:36 - 2019-11-14 00:36 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-11-14 00:36 - 2019-11-14 00:36 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-11-14 00:36 - 2019-11-14 00:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-14 00:35 - 2019-11-14 00:35 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-11-14 00:35 - 2019-11-14 00:35 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-11-14 00:35 - 2019-11-14 00:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-14 00:35 - 2019-11-14 00:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 003968512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-11-14 00:34 - 2019-11-14 00:34 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-11-14 00:34 - 2019-11-14 00:34 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-11-14 00:34 - 2019-11-14 00:34 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2019-11-14 00:34 - 2019-11-14 00:34 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2019-11-14 00:34 - 2019-11-14 00:34 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2019-11-14 00:11 - 2019-11-14 00:11 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-14 00:11 - 2019-11-14 00:11 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-13 20:21 - 2019-08-30 00:47 - 000004216 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{12B90BB7-10F8-444D-AC84-046D4DCBC0E8}
2019-12-13 20:21 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-13 20:00 - 2015-11-03 22:23 - 000000000 ____D C:\Program Files\KMSpico
2019-12-13 19:48 - 2018-10-15 02:17 - 000000000 ____D C:\Users\casa\AppData\Local\CrashDumps
2019-12-13 19:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-13 19:40 - 2019-08-30 00:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-13 19:32 - 2019-08-30 00:40 - 001684180 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-13 19:32 - 2019-03-19 12:59 - 000752490 _____ C:\WINDOWS\system32\perfh00A.dat
2019-12-13 19:32 - 2019-03-19 12:59 - 000148070 _____ C:\WINDOWS\system32\perfc00A.dat
2019-12-13 19:32 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-13 19:29 - 2015-11-02 04:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 19:28 - 2017-10-17 20:13 - 000000000 ___RD C:\Users\casa\3D Objects
2019-12-13 19:28 - 2017-06-23 17:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-12-13 19:28 - 2015-11-02 04:23 - 000000000 __SHD C:\Users\casa\IntelGraphicsProfiles
2019-12-13 19:27 - 2019-08-30 00:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-13 19:27 - 2019-08-30 00:27 - 000455136 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 19:26 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-13 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-13 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-13 19:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-13 18:02 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-13 15:39 - 2015-11-29 15:47 - 000000000 ____D C:\ProgramData\Unified Remote
2019-12-13 12:05 - 2016-04-10 13:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-13 07:36 - 2019-08-30 00:47 - 000003608 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-13 07:36 - 2019-08-30 00:47 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 07:36 - 2019-08-30 00:47 - 000003326 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 07:36 - 2019-08-30 00:47 - 000003286 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-13 07:36 - 2019-08-30 00:47 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-13 07:36 - 2019-08-30 00:47 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1814117895-116575333-4275017759-1001
2019-12-13 07:36 - 2019-08-30 00:47 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-13 07:36 - 2019-08-30 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-12 23:18 - 2015-11-03 18:23 - 000000000 ____D C:\Users\casa\AppData\Roaming\vlc
2019-12-12 21:23 - 2015-11-02 20:13 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-12 19:19 - 2019-10-04 17:45 - 000040960 _____ C:\Users\casa\Desktop\Calendari Teatre 2019-20.xls
2019-12-12 18:36 - 2016-06-10 16:50 - 000000000 ____D C:\Users\casa\AppData\Roaming\Audacity
2019-12-12 15:51 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 14:15 - 2017-12-01 08:42 - 000000000 ____D C:\Users\casa\AppData\Local\Packages
2019-12-12 11:29 - 2015-11-03 18:09 - 000000000 ___RD C:\Users\casa\Desktop\El churro
2019-12-12 11:22 - 2019-08-29 06:50 - 000000000 ____D C:\Users\casa
2019-12-12 11:07 - 2019-08-30 00:47 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-11 11:18 - 2015-11-02 04:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 11:16 - 2015-11-02 04:33 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 00:48 - 2018-05-22 17:09 - 000000000 ____D C:\Users\casa\AppData\Local\PlaceholderTileLogoFolder
2019-12-10 15:15 - 2019-08-29 06:50 - 000000000 ____D C:\Users\torrecasa
2019-12-10 13:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-10 13:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-05 18:52 - 2019-07-13 13:07 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-27 17:48 - 2019-08-30 00:47 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-11-27 17:48 - 2019-08-30 00:47 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-11-27 17:48 - 2018-04-08 20:24 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-11-26 10:37 - 2019-07-13 13:07 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-25 04:57 - 2019-08-29 06:50 - 000002405 _____ C:\Users\casa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-25 04:57 - 2015-11-02 04:26 - 000000000 ___RD C:\Users\casa\OneDrive
2019-11-14 20:57 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-14 20:57 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-14 20:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-14 20:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-11-14 20:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-14 20:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2019-11-13 16:45 - 2016-10-03 11:31 - 000000146 _____ C:\Users\casa\Desktop\Sonido - Acceso directo.lnk
==================== Files in the root of some directories ========
2017-11-07 21:20 - 2017-11-07 21:20 - 000000600 ___SH () C:\Users\casa\AppData\Local\7d1997db57d9a4ee768d19.68008180
2017-04-17 18:20 - 2017-05-05 19:22 - 000465408 _____ (Dirección General de la Policía) C:\Users\casa\AppData\Local\DNIeService.exe
2019-09-15 13:24 - 2019-09-15 13:24 - 000007605 _____ () C:\Users\casa\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by casa (13-12-2019 20:29:45)
Running from C:\Users\casa\Downloads
Windows 10 Pro Version 1903 18362.535 (X64) (2019-08-29 23:48:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-1814117895-116575333-4275017759-500 - Administrator - Disabled)
casa (S-1-5-21-1814117895-116575333-4275017759-1001 - Administrator - Enabled) => C:\Users\casa
DefaultAccount (S-1-5-21-1814117895-116575333-4275017759-503 - Limited - Disabled)
Invitado (S-1-5-21-1814117895-116575333-4275017759-501 - Limited - Disabled)
torrecasa (S-1-5-21-1814117895-116575333-4275017759-1002 - Limited - Enabled) => C:\Users\torrecasa
WDAGUtilityAccount (S-1-5-21-1814117895-116575333-4275017759-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32\...\Antares Autotune Evo VST RTAS_is1) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.2.2153.120 - Los creadores de Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.0.170814 - )
Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Edirol HQ Orchestral VSTi v1.03 (HKLM-x32\...\Edirol HQ Orchestral VSTi v1.03) (Version: - )
Evernote v. 6.21.2 (HKLM-x32\...\{50BD5F92-DB34-11E9-A489-005056951CAD}) (Version: 6.21.2.8716 - Evernote Corp.)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Instalable DNIe (HKLM\...\{B4A6EF31-AC22-4BE2-A714-581FC66DBFAF}) (Version: 13.1.0 - Cuerpo Nacional de Policía)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LXFree for Java (HKLM-x32\...\{A415B951-C5DF-41CE-884C-A46BD31878A3}) (Version: 1.8.2.0 - Claude Heintz Design)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Melodyne Runtime 4.1 (x64) (HKLM\...\{59E4B5CE-8453-4F63-A098-44AE2EB0EC78}) (Version: 1.0.0 - Celemony Software GmbH)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Dirección General de la Policía (UMPass) SmartCard (12/15/2016 1.0.2.5) (HKLM\...\3A8235ACF0CF89B7EACE136B69B0B68ADC94D283) (Version: 12/15/2016 1.0.2.5 - Dirección General de la Policía)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Yamaha Steinberg USB Driver (HKLM\...\{D58E72D3-4EF3-4EDC-AF17-89DBA0E3D1AA}) (Version: 1.9.6 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{D58E72D3-4EF3-4EDC-AF17-89DBA0E3D1AA}) (Version: 1.9.6 - Yamaha Corporation)
Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-12-09] (Microsoft Corporation)
Complemento de motor del medio de Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-09] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-16] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-10] (Microsoft Studios) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-27] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.vorbis] => C:\WINDOWS\system32\vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-05-20 14:11 - 2009-02-27 15:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-01-09 21:27 - 2014-05-19 17:19 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-01-09 21:27 - 2014-09-11 18:09 - 001498112 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-05-20 14:11 - 2012-06-05 14:59 - 000025299 ____R (Brother Industries, Ltd) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\brlm03a.dll
2019-05-20 14:11 - 2008-08-18 17:27 - 000122880 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\brlmw03a.dll
2019-05-20 14:11 - 2011-04-08 10:14 - 000163840 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brmfcmon\BRMFCWNDSpa.dll
2019-05-20 14:11 - 2010-03-10 17:16 - 000770048 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccDCtl.dll
2019-05-20 14:11 - 2012-10-09 14:30 - 000372736 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccFCtl.dll
2019-05-20 14:11 - 2009-09-28 12:38 - 005390336 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccimg.dll
2019-05-20 14:11 - 2010-03-29 04:22 - 000159744 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccspa.dll
2015-12-14 14:15 - 2010-04-24 05:00 - 000336896 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM9W.DLL
2019-05-20 14:11 - 2003-06-29 23:00 - 000259584 ____N (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTDIS12n.dll
2019-05-20 14:11 - 2005-07-04 23:00 - 000131584 ____N (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTFIL12n.DLL
2019-05-20 14:11 - 2003-06-29 23:00 - 000406016 ____N (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTKRN12n.dll
2015-11-29 15:47 - 2016-10-10 04:27 - 000556544 _____ (Soft Service Company) [File not signed] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2019-04-17 12:32 - 2016-09-23 13:08 - 001283584 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\LIBEAY32MD.dll
2019-04-17 12:32 - 2016-09-23 13:08 - 000255488 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\SSLEAY32MD.dll
2016-01-09 21:27 - 2014-09-11 18:10 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2019-01-04 11:35 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;%INTEL_DEV_REDIST%redist\ia32\compiler;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\casa\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Papel tapiz de Galería fotográfica.jpg
DNS Servers: 212.231.6.7 - 46.6.113.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\StartupApproved\Run: => "Unified Remote V3"
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{560184AC-FAA0-4BA7-961B-B7952551E950}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{2DE821DA-2627-463F-A20F-F338F894E949}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{066071CC-9936-4FEF-AF52-D92E944AAB23}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{674A080C-3611-4E96-8C11-08270F2FF1F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B23056D7-CCCB-4CE4-8F30-09E634CA0EDD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9829301D-F11E-4791-8D77-8617BFAC64C7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B01DD9AD-6E15-428A-9A4C-C7A4D3322B68}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F2C7D496-EB1E-4084-80C3-3613AD6B5F5E}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5202F3D6-A809-4EFA-A8FA-E1BF8C3426A0}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{12A31307-FC0A-43BA-B91A-54EC9524A827}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D4628F42-3DE6-4D57-BCBD-D0FB39E9B42C}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2DB03181-E5BC-4D3E-B09E-26761BA9F66E}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5B1BA8B8-99CE-4AE5-B3A5-335E64503821}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{F9D1BAAC-C479-4874-99BF-F9A1FD2047D7}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{86F9E794-F008-4328-9670-F5C06B418F57}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{ABB715C3-58D5-416B-BD3A-F90A12108B4B}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{9A150884-D391-449E-8887-9174F25A83D3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{18B9F320-F7B2-4993-B953-445033D1E0A3}] => (Allow) LPort=2869
FirewallRules: [{EE0974F0-4E11-4F6F-86AC-06BA01E24FB2}] => (Allow) LPort=1900
FirewallRules: [{FBCC1738-2C75-49A8-BAEA-6EE811B1A6D6}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{E9B649BD-D5F2-4321-86B9-AD1E96473471}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [TCP Query User{6FB657B2-9209-4C47-AA03-AE7F3D03E3B8}C:\users\casa\desktop\programas utilidades\win10controllerserver\win10controller.exe] => (Allow) C:\users\casa\desktop\programas utilidades\win10controllerserver\win10controller.exe () [File not signed]
FirewallRules: [UDP Query User{54BADB23-6177-4610-8850-F7ACBA53DC57}C:\users\casa\desktop\programas utilidades\win10controllerserver\win10controller.exe] => (Allow) C:\users\casa\desktop\programas utilidades\win10controllerserver\win10controller.exe () [File not signed]
FirewallRules: [{21FCCDF6-C11B-4A20-9756-6115CBEA1D46}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6A4F8DBB-04AA-4A0B-8C21-C614FC392C09}] => (Allow) C:\Users\casa\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{54531C24-4D8B-4720-B460-9C041485E59D}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [UDP Query User{28DD27C5-2EA8-48F9-B702-9B204D65903B}C:\program files (x86)\freetime\formatfactory\formatfactory.exe] => (Allow) C:\program files (x86)\freetime\formatfactory\formatfactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{BBFC070E-0561-4B4F-9F3B-18613E2E6318}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{B3B4F1C0-D25F-41B7-80E6-D67AD4851E6C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D5056046-B652-4BE7-A648-C53BE71E7C4F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC982496-BE75-4748-B07E-F4A52E145962}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{63C89E3B-A47C-4307-B98D-9DE980D43E9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
30-11-2019 23:31:38 Punto de control programado
09-12-2019 11:31:28 Punto de control programado
12-12-2019 11:21:15 Installed Evernote v. 6.21.2
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/13/2019 08:10:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8148,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/13/2019 07:48:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: kbigdfd.exe, versión: 3.3.15.1, marca de tiempo: 0x5ab0f552
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x038933bc
Identificador del proceso con errores: 0x1fb4
Hora de inicio de la aplicación con errores: 0x01d5b1e34a4ced7c
Ruta de acceso de la aplicación con errores: C:\ProgramData\Intel\Wireless\87d31c7\kbigdfd.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: f44ae5fe-396d-44c5-8c1e-e1382b8fc980
Nombre completo del paquete con errores:
Identificador de aplicación relativa del paquete con errores:
Error: (12/13/2019 07:48:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3884,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/13/2019 07:30:49 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows no puede cargar el archivo DLL del contador extensible "C:\WINDOWS\system32\sysmain.dll" (código de error de Win32 126).
Error: (12/13/2019 07:19:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3520,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/13/2019 07:09:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (128,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/13/2019 06:52:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15108,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/13/2019 06:08:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5156,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (12/13/2019 07:36:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Error: (12/13/2019 07:36:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-EV3DJ0V)
Description: El servidor {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} no se registró con DCOM dentro del tiempo de espera requerido.
Windows Defender:
===================================
Date: 2019-10-17 00:10:47.388
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk; file:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{638FDE3A-9397-43CC-9D34-78A56E169077}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\AutoPico.lnk; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de inteligencia de seguridad: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-16 23:59:04.232
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\AutoPico.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de inteligencia de seguridad: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-16 15:00:51.904
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3808,ProcessStart:132157037426864138; service:_Service KMSELDI
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de inteligencia de seguridad: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-16 15:00:03.909
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Nombre: HackTool:Win64/AutoKMS
Id.: 2147723334
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Windows\System32\svchost.exe
Versión de inteligencia de seguridad: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-16 15:00:02.123
Description:
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.303.1818.0, AS: 1.303.1818.0, NIS: 1.303.1818.0
Versión de motor: AM: 1.1.16400.2, NIS: 1.1.16400.2
CodeIntegrity:
===================================
Date: 2019-12-13 19:49:49.181
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-12-13 19:29:15.483
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-13 19:29:15.469
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-13 19:29:15.456
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-13 19:29:15.442
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-13 19:29:15.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-13 19:29:15.412
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2019-12-13 19:29:15.399
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F1 08/19/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2H
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 46%
Total physical RAM: 8078.13 MB
Available physical RAM: 4297.41 MB
Total Virtual: 9358.13 MB
Available Virtual: 5378.28 MB
==================== Drives ================================
Drive c: (disco local) (Fixed) (Total:930.45 GB) (Free:794.44 GB) NTFS
\\?\Volume{e98ef070-94ec-4f5f-8f7c-e32c831bf373}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{fc964ad0-e4da-493f-b795-6bc7d6642931}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{392bac62-7f70-44a9-b988-d0857f17b0e4}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00088753)
Partition: GPT.
==================== End of Addition.txt =======================
Primeramente, corta y pega frst.exe, en el escritorio, pues se indicaba mu claro que se ejecutase desde ahi.
Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :
-
Para hacerlo descarga Delfix en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
-
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
En el equipo con los demas programas cerrados:
Inicio >>> Ejecutar >>>Escribes notepad.exe.
Ahora copia y pega estos archivos dentro del Notepad:
Start
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction - Chrome <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\...\Run: [bc44851a] => C:\ProgramData\Intel\Wireless\87d31c7\kbigdfd.exe [943784 2019-12-09] (AutoIt Consulting Ltd -> AutoIt Team)
C:\ProgramData\Intel\Wireless
Task: {724A3D38-D159-451E-86EC-EE2F75FD82F3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
2017-11-07 21:20 - 2017-11-07 21:20 - 000000600 ___SH () C:\Users\casa\AppData\Local\7d1997db57d9a4ee768d19.68008180
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
HKU\S-1-5-21-1814117895-116575333-4275017759-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<
Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.
-
Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)
-
Ejecutas Frst.exe.
-
Presionas el botón Fix y aguardas a que termine.
-
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
Lo pegas en tu próxima respuesta, comentado como va el problema
Hola compañero, perdón por la cagada de no ejecutarlo desde el escritorio, le dí directamente al descargar… Ahora sí ejecuté delfix desde escritorio y allí guardé el archivo resultante. Tb guardé ahí el script que me mencionaste. Pero al intentar entrar a la carpeta descargas para mover el frst al escritorio, se queda pensando y no muestra el contenido de la carpeta…
Reinicia el pc y trata de nuevo…
Si no,muevelo uns vez estes en modo seguro
Buenas! Seguí los pasos y al reiniciar ya no aparece la ventanita del autolt v3 en inicio. solucionado pues! Mil gracias!!
Para eliminar las herramientas usadas en la desinfección, realizas:
-
Descargas y Ejecutas >> Delfix, en tu escritorio.
-
Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)
-
Marca solamente la casilla Remove disinfection tools
-
Pulsar en Run.
Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.
Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.
Me alegro de haberte podido ayudar!
Muchisimas gracias Miguelgrado. Aparte de que no apareció más creo que el pc anda más rápido… muchas gracias por tu ayuda y por la rapidez de respuesta. Saludos!
De nada …
Saludos