Ayuda ,ventana emergente

Demian_Orue · 22 Marzo, 2020 08:53

Buenos di@s a todos , resulta que al abrir en navegador y poner una web ( elmundo.es) por ejemplo ,me carga el periodico pero al momento me redirecciona a esta web :

http://us.dematerializing348kj.xyz/es/?v=Orange&p1=Samsung%20Galaxy%20S20#&cep=4Kj6spZiwCMyc6VQVV3md-dsNI5g-w1R4ML6KfW8Xs5sCuBF99iESxeYlwy69gsJkRMM8nimziyAVP3rNF9RSqpUcj8kwOo6Nne-m9_BebtrcXR-9wzkemHoWaPMSGqL8PF-IIdBDSb5Xf2edYVHRGzu_mrNTuEHITCjwN28A4U87Kh3cFMSV7EbeMcZ-aNKfU7TgdXum65AOa3H24nY2FUvO-Zxpl3FIUrLRWFL41CXyEkk0JdCPwlLyDCi5TTiGIJOadZpOhWYzkutidtix211k_IFByyNekwmptCzEH9gYiEEcrwrRzz_6Q4R_l5BaGm38oFrfA9f-L3vOiYPgS7rxNmB_BWdy2aVdoBUVVMU1Lojyi5HN2i1m0npsinYwd5-46UBUsEwoWAVgsvfBl39bsDnfXiljqv7DkLPR5gHSH5zu_qwp5_0QT_Y1k7xQjbRhAfIJ6utUx1szuFbILLTzROQXfRkrOEBBwVjz7PyKFh2SlX29EbRoNKOIxIpgFzWz-67oVdC9xnQOZVY_IAlNXsVPo7x32PDpNu7vJPpkhMl3CoVy4JhnfD24GXehSPHF4si1upHiwxB91P9aA&lptoken=155c84dd8698651f7910&clickid=bzbcw3w2dltsowvn&channel_id=no+pub&rtb_source=BE-DE-DK-ES-SE-AT-CH-2-libertymutual-windows300250&campaign_id=177631&sizeid=300&ref={ref}&mediaid=no%20Media&counry=ES&language=es-ES&isp=Orange

Entonces me toca cerrar el navegador y volver a abrirlo y ya no sale mas esa direccion, tambien al iniciar el ordenador me sale una ventana con una X , voy a adjuntar una foto ( hace unos dias no salia)

http://imgfz.com/i/XvUa2T9.jpeg

no me deja poner el enlace de la foto aqui ,dejo el enlace arriba del error.

Eso son los dos problemas que tengo ahora mismo , no suelo usar mucho el ordenador ,pero esto es un poco molesto.

Sin mas , muchas gracias por la ayuda prestada.

un cordial saludo.

Miguelgrado · 22 Marzo, 2020 09:40

Realiza los siguientes pasos, , sin cambiar el orden

1) Descarga, instala y ejecuta Malwarebytes’ Anti-Malware.

Presiona clic en “Use Malewarebytes Free” (Usar Malewarebyte gratis).
Pulsa en el botón “Open Malewarebytes Free”.

imagen

Presiona el botón “Scan” (Escaneo).

imagen

Una vez finalizado el escaneo aparecerá la siguiente pantalla:

imagen

Pulsa en “View report” (Ver informe).
Luego presionar el botón “Export” (Exportar). Elijes “Text file” (fichero de texto). Elijes un nombre y guardas ese archivo en el escritorio…

2) Descarga Adwcleaner en el escritorio.

Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.
Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador.")
Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
Si no encuentra nada, pulsamos “Omitir Reparación”
El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.

Demian_Orue · 22 Marzo, 2020 11:54

Buenos dias @Miguelgrado y @Daniela gracias por sus respuestas , paso a pegar los informes :

 Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 22/3/20
Hora del análisis: 12:25
Archivo de registro: cd69a6ae-6c2f-11ea-92d8-90e6ba9d786e.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.854
Versión del paquete de actualización: 1.0.21174
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.720)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-UI0O3VK\Bolita de pelo

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 322426
Amenazas detectadas: 56
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 min, 20 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 16
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered necid, Sin acciones por parte del usuario, 244, 308969, , , , 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{27052866-F0FF-47A2-8BC1-53C3760635C2}, Sin acciones por parte del usuario, 244, 308969, , , , 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{27052866-F0FF-47A2-8BC1-53C3760635C2}, Sin acciones por parte del usuario, 244, 308969, , , , 
PUP.Optional.InstallCore, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\PRODUCTSETUP, Sin acciones por parte del usuario, 494, 481004, 1.0.21174, , ame, 
PUP.Optional.InstallCore, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\CSASTATS\ic, Sin acciones por parte del usuario, 494, 586068, 1.0.21174, , ame, 
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, 430, 440037, , , , 
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, 430, 440037, , , , 
PUP.Optional.SearchManager, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nahhmpbckpgdidfnmfkfgiflpjijilce, Sin acciones por parte del usuario, 430, 440037, 1.0.21174, , ame, 
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\OCILPNNAPNKMCDABAEOOBBAMLNIHEAEP, Sin acciones por parte del usuario, 430, 748794, , , , 
PUP.Optional.SearchManager, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ocilpnnapnkmcdabaeoobbamlniheaep, Sin acciones por parte del usuario, 430, 748794, 1.0.21174, , ame, 
PUP.Optional.SearchManager, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Sin acciones por parte del usuario, 430, 183362, , , , 
PUP.Optional.SearchManager, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Sin acciones por parte del usuario, 430, 183362, , , , 
PUP.Optional.SearchManager, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pilplloabdedfmialnfchjomjmpjcoej, Sin acciones por parte del usuario, 430, 183362, 1.0.21174, , ame, 
PUP.Optional.WinYahoo, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Sin acciones por parte del usuario, 244, 182758, , , , 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Sin acciones por parte del usuario, 244, 182758, , , , 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Sin acciones por parte del usuario, 244, 182758, 1.0.21174, , ame, 

Valor del registro: 9
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|49E55CEB, Sin acciones por parte del usuario, 5598, 783345, 1.0.21174, , ame, 
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|f355585f, Sin acciones por parte del usuario, 5598, 781622, , , , 
PUP.Optional.InstallCore, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\PRODUCTSETUP|TB, Sin acciones por parte del usuario, 494, 481004, 1.0.21174, , ame, 
PUP.Optional.SearchManager, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NAHHMPBCKPGDIDFNMFKFGIFLPJIJILCE, Sin acciones por parte del usuario, 430, 440037, , , , 
PUP.Optional.SearchManager, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|OCILPNNAPNKMCDABAEOOBBAMLNIHEAEP, Sin acciones por parte del usuario, 430, 748794, , , , 
PUP.Optional.SearchManager, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|PILPLLOABDEDFMIALNFCHJOMJMPJCOEJ, Sin acciones por parte del usuario, 430, 183362, , , , 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{27052866-F0FF-47A2-8BC1-53C3760635C2}|PATH, Sin acciones por parte del usuario, 244, 308967, 1.0.21174, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Sin acciones por parte del usuario, 244, 182758, 1.0.21174, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, Sin acciones por parte del usuario, 244, 182758, 1.0.21174, , ame, 

Datos del registro: 2
PUP.Optional.WinYahoo, HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sin acciones por parte del usuario, 244, 293459, 1.0.21174, , ame, 
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Sin acciones por parte del usuario, 244, 293461, 1.0.21174, , ame, 

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 3
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}, Sin acciones por parte del usuario, 878, 453921, 1.0.21174, , ame, 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\086f356\d171951, Sin acciones por parte del usuario, 5598, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\086f356, Sin acciones por parte del usuario, 5598, 781622, 1.0.21174, , ame, 

Archivo: 26
PUP.Optional.WinYahoo, C:\WINDOWS\TASKS\Yahoo! Powered necid.job, Sin acciones por parte del usuario, 244, 308969, , , , 
PUP.Optional.WinYahoo, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered necid, Sin acciones por parte del usuario, 244, 308969, 1.0.21174, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\tesa.txt, Sin acciones por parte del usuario, 878, 453921, 1.0.21174, , ame, 
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\aowLC, Sin acciones por parte del usuario, 878, 453921, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\GtmfY, Sin acciones por parte del usuario, 878, 453921, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\hdat1, Sin acciones por parte del usuario, 878, 453921, , , , 
PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\hdat2, Sin acciones por parte del usuario, 878, 453921, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\086f356\713b70d.au3, Sin acciones por parte del usuario, 5598, 781622, 1.0.21174, , ame, 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\086f356\d171951\18-03-2020.log, Sin acciones por parte del usuario, 5598, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\086f356\d171951\40a6db6, Sin acciones por parte del usuario, 5598, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\086f356\heafcic.exe, Sin acciones por parte del usuario, 5598, 781622, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\086f356\pe.bin, Sin acciones por parte del usuario, 5598, 781622, , , , 
PUP.Optional.SearchManager, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 430, 440037, , , , 
PUP.Optional.SearchManager, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 430, 748794, , , , 
PUP.Optional.SearchManager, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 430, 183362, , , , 
HackTool.AutoKMS, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR2.EXE, Sin acciones por parte del usuario, 7683, 764226, 1.0.21174, 1FA2124FF765CFF657A40191, dds, 00642853
HackTool.AutoKMS, C:\PROGRAMDATA\KMSAUTOS\BIN\TUNMIRROR.EXE, Sin acciones por parte del usuario, 7683, 766387, 1.0.21174, , ame, 
HackTool.AutoKMS, C:\PROGRAMDATA\KMSAUTOS\BIN\KMSSS.EXE, Sin acciones por parte del usuario, 7683, 765160, 1.0.21174, 36542CA8C977CF56F7DD9CBC, dds, 00642853
HackTool.KMS, C:\USERS\BOLITA DE PELO\APPDATA\ROAMING\Microsoft\Windows\Recent\ACTIVADOR.lnk, Sin acciones por parte del usuario, 6122, 538530, , , , 
HackTool.KMS, C:\USERS\BOLITA DE PELO\DOWNLOADS\ACTIVADOR.RAR, Sin acciones por parte del usuario, 6122, 538530, 1.0.21174, , ame, 
HackTool.KMS, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\TEMP\RAR$EXA0.965\ACTIVADOR\KMSAUTO NET.EXE, Sin acciones por parte del usuario, 6122, 538530, 1.0.21174, , ame, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 285, 628563, 1.0.21174, , ame, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 285, 628563, 1.0.21174, , ame, 
Generic.Malware/Suspicious, C:\USERS\BOLITA DE PELO\APPDATA\ROAMING\Microsoft\Windows\Recent\2019.lnk, Sin acciones por parte del usuario, 0, 392686, , , , 
Generic.Malware/Suspicious, C:\USERS\BOLITA DE PELO\DOWNLOADS\2019.ZIP, Sin acciones por parte del usuario, 0, 392686, 1.0.21174, , shuriken, 
PUP.Optional.SearchManager.BITSRST, C:\USERS\BOLITA DE PELO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sin acciones por parte del usuario, 285, 626729, 1.0.21174, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)


# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build:    03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    03-22-2020
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  9
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [ Chromium (and derivatives) ] *****

Deleted       Search Manager - nahhmpbckpgdidfnmfkfgiflpjijilce
Deleted       Search Manager - pilplloabdedfmialnfchjomjmpjcoej

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2225 octets] - [22/03/2020 12:29:38]
AdwCleaner[S01].txt - [2286 octets] - [22/03/2020 12:36:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

No se si he puesto bien el informe como me ha dicho @Miguelgrado

Ya me comentan si tengo que seguir algun paso mas .

muchas gracias por la ayuda!!!

Miguelgrado · 22 Marzo, 2020 12:30

Segun informe de Malwarebytyess, pone que “sin acciones por el usuario”

Mandaste todo a cuarentena?

Mira si en historial de detecciones - elementos en cuarentena. esta ahi todo

Comentas y sobre todo muy importante, porque recuerda que no somos adivinos, es comentar tras cada paso que contestes, como va el problema que planteaste, pues si no no puedo saberlo

Demian_Orue · 22 Marzo, 2020 12:38

@Miguelgrado esta en cuarentena todo ,no veo opción de eliminar

estoy mirando en el historia y veo a la derecha 3 puntos y si le doy alli , me sale una opcion de borrar todo ( pero no se si borrara los archivos o el historial )

Luego se seguir los pasos que me han comentado , al reiniciar el ordenador no me salio la ventana de la foto que he dejado y tampoco me abrio la url que he puesto .

De momento el ordenador va bien.

Miguelgrado · 22 Marzo, 2020 15:09

Si abres desde pantalla inicial abajo…historial de detecciones, ves cuarentena.

Ahi si marcas todo y das a borrar, eliminas todo definitivamente, pero una vez en cuarentena ya no son una amenaza

Si esta todo ahi, vamos a ver que no quede nada

Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.
Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?
Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Si.
En la nueva ventana que se abre, presiona el botón Analizar y espera a que concluya el análisis.
Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Demian_Orue · 25 Marzo, 2020 11:05

buenos dias @Miguelgrado pego informe en varias partes :

Parte 1

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 22-03-2020
Ejecutado por Bolita de pelo (administrador) sobre DESKTOP-UI0O3VK (22-03-2020 19:40:12)
Ejecutado desde C:\Users\Bolita de pelo\Downloads
Perfiles cargados: Bolita de pelo (Perfiles disponibles: defaultuser0 & Bolita de pelo)
Platform: Windows 10 Pro Versión 1903 18362.720 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.81.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\NisSrv.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Run: [Chromium] => "c:\users\bolita de pelo\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Run: [49e55ceb] => C:\ProgramData\Intel\Wireless\27475d3\fidhfda.exe C:\ProgramData\Intel\Wireless\27475d3\5fca0de.au3
HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Run: [f355585f] => C:\ProgramData\Intel\Wireless\086f356\heafcic.exe C:\ProgramData\Intel\Wireless\086f356\713b70d.au3
HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Run: [] =>  [X]
HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22256824 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-18] (Google LLC -> Google LLC)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {27052866-F0FF-47A2-8BC1-53C3760635C2} - System32\Tasks\Yahoo! Powered necid => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\tesa.txt" "68747470733a2f2f7275647564756c752e636f6d" "//B" "//E:jscript" "--IsErIk" <==== ATENCIÓN
Task: {2871A940-5585-411A-88C8-19AA6074AB79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3FF789F9-44F1-4037-896B-625C87521619} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8098B129-9957-439C-A9C4-6F2D03B77815} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8E3BC601-C306-402C-86BC-43CDC53D330E} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {A8C7DCA0-EA7A-40C7-B365-F7D2802061BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-15] (Google Inc -> Google Inc.)
Task: {B053D11E-BB74-477D-8620-9F6248B75CF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-15] (Google Inc -> Google Inc.)
Task: {C5334FF9-EDF8-440C-BEA9-D844E3E16A94} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {C6E8742B-A774-49A7-916D-16BDD4CDF8B3} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D6DC9ABF-8E24-48CF-ADE3-A87F3D7F1119} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1038944701-3973403851-1073104603-1001 => C:\Users\Bolita de pelo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [2687608 2019-08-07] () [Archivo no firmado]

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\Yahoo! Powered necid.job => C:\WINDOWS\system32\wscript.ex C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\tesa.txt <==== ATENCIÓN

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70d72620-a1e0-45ff-a478-41b7e388758e}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_kmplyins_17_47&param1=1&param2=f%3D1%26b%3DIE%26cc%3Des%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytD0EyC0B0Azy0DyBzzyC0EtAyCtA0AtN0D0Tzu0StBtCyDyEtN1L2XzuyEtFtCyBtFtCtFyDtBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StCtByBzztAyD0CtCtGtB0CtByDtGzy0BzytAtGyEzytBzztGtD0A0C0FyC0D0D0F0BzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1RyCtC1QtByD1OyCtGtCtA1TyCtGyE1O1S1PtGzytBtAyEtGtDyD1T1Q1S1R1OtB1QtByE1O2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCtCyDyCtDtAzytC%26cr%3D245353168%26a%3Dwbf_kmplyins_17_47%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://es.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_kmplyins_17_47&param1=1&param2=f%3D1%26b%3DIE%26cc%3Des%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuzytD0EyC0B0Azy0DyBzzyC0EtAyCtA0AtN0D0Tzu0StBtCyDyEtN1L2XzuyEtFtCyBtFtCtFyDtBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StCtByBzztAyD0CtCtGtB0CtByDtGzy0BzytAtGyEzytBzztGtD0A0C0FyC0D0D0F0BzztCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1RyCtC1QtByD1OyCtGtCtA1TyCtGyE1O1S1PtGzytBtAyEtGtDyD1T1Q1S1R1OtB1QtByE1O2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCtCyDyCtDtAzytC%26cr%3D245353168%26a%3Dwbf_kmplyins_17_47%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1038944701-3973403851-1073104603-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [Archivo no firmado]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1038944701-3973403851-1073104603-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Bolita de pelo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default [2020-03-22]
CHR Notifications: Default -> hxxps://private-show.live
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Presentaciones) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documentos) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-15]
CHR Extension: (YouTube) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-15]
CHR Extension: (Hojas de cálculo) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Search Manager) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2020-03-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Search Manager) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2020-03-22]
CHR Extension: (Gmail) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Bolita de pelo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-20]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [ocilpnnapnkmcdabaeoobbamlniheaep]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ocilpnnapnkmcdabaeoobbamlniheaep]
CHR HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

"ESProtectionDriver" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet001\Services\ESProtectionDriver => C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-03-22] (Malwarebytes Corporation -> Malwarebytes) <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
"MBAMChameleon" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet001\Services\MBAMChameleon => \SystemRoot\System32\Drivers\MbamChameleon.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
"MBAMFarflt" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet001\Services\MBAMFarflt => system32\DRIVERS\farflt.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
"MBAMProtection" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet001\Services\MBAMProtection => \??\C:\WINDOWS\system32\DRIVERS\mbam.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
"MBAMSwissArmy" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet001\Services\MBAMSwissArmy => \SystemRoot\System32\Drivers\mbamswissarmy.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)
"MBAMWebProtection" => servicio no pudo ser desbloqueado. <==== ATENCIÓN
HKLM\SYSTEM\ControlSet001\Services\MBAMWebProtection => \SystemRoot\system32\DRIVERS\mwac.sys <==== ATENCIÓN (Rootkit!/Servicio bloqueado)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe [508008 2019-09-18] (Advanced Micro Devices, Inc. -> AMD)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-22] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MsMpEng.exe [103168 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atikmdag.sys [55249512 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atikmpag.sys [595048 2019-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-09-04] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2019-03-19] (Microsoft Windows -> Marvell)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-03-22 19:31 - 2020-03-22 19:32 - 000047648 _____ C:\Users\Bolita de pelo\Downloads\Addition.txt
2020-03-22 19:30 - 2020-03-22 19:40 - 000019138 _____ C:\Users\Bolita de pelo\Downloads\FRST.txt
2020-03-22 19:30 - 2020-03-22 19:40 - 000000000 ____D C:\FRST
2020-03-22 19:29 - 2020-03-22 19:29 - 002279936 _____ (Farbar) C:\Users\Bolita de pelo\Downloads\FRST64 (2).exe
2020-03-22 19:27 - 2020-03-22 19:27 - 002279936 _____ (Farbar) C:\Users\Bolita de pelo\Downloads\Sin confirmar 167845.crdownload
2020-03-22 19:26 - 2020-03-22 19:26 - 002279936 _____ (Farbar) C:\Users\Bolita de pelo\Downloads\Sin confirmar 124228.crdownload
2020-03-22 12:42 - 2020-03-22 12:43 - 000000000 ____D C:\Program Files\CCleaner
2020-03-22 12:42 - 2020-03-22 12:42 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-03-22 12:42 - 2020-03-22 12:42 - 000002906 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-03-22 12:42 - 2020-03-22 12:42 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-03-22 12:42 - 2020-03-22 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-22 12:41 - 2020-03-22 12:41 - 022195736 _____ (Piriform Software Ltd) C:\Users\Bolita de pelo\Downloads\ccsetup564.exe
2020-03-22 12:37 - 2020-03-22 12:56 - 000002310 _____ C:\Users\Bolita de pelo\Desktop\reporte-AdwCleaner[S00].txt
2020-03-22 12:28 - 2020-03-22 12:36 - 000000000 ____D C:\AdwCleaner
2020-03-22 12:27 - 2020-03-22 12:27 - 008199856 _____ (Malwarebytes) C:\Users\Bolita de pelo\Downloads\adwcleaner_8.0.3.exe
2020-03-22 12:27 - 2020-03-22 12:27 - 000011017 _____ C:\Users\Bolita de pelo\Desktop\reporte-malwarebytes.txt
2020-03-22 12:23 - 2020-03-22 12:23 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\mbam
2020-03-22 12:23 - 2020-03-22 12:23 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\cache
2020-03-22 12:22 - 2020-03-22 12:22 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-22 12:22 - 2020-03-22 12:22 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-22 12:22 - 2020-03-22 12:22 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-22 12:22 - 2020-03-22 12:22 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\mbamtray
2020-03-22 12:22 - 2020-03-22 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-22 12:22 - 2020-03-22 12:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-22 12:22 - 2020-03-22 12:22 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-22 12:21 - 2020-03-22 12:21 - 001957784 _____ (Malwarebytes) C:\Users\Bolita de pelo\Downloads\MBSetup.exe
2020-03-21 19:11 - 2020-03-22 09:59 - 000000988 _____ C:\Users\Bolita de pelo\Desktop\Nuevo documento de texto.txt
2020-03-20 11:49 - 2020-03-21 10:00 - 000000000 ____D C:\ProgramData\KMSAutoS
2020-03-20 11:47 - 2020-03-20 11:49 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\MSfree Inc
2020-03-20 11:46 - 2020-03-20 11:46 - 003552020 _____ C:\Users\Bolita de pelo\Downloads\ACTIVADOR.rar
2020-03-20 09:57 - 2020-03-20 09:57 - 000014975 _____ C:\Users\Bolita de pelo\Downloads\Office-Professional-Plus-2016-(ARCHIVO) (1).torrent
2020-03-20 09:55 - 2020-03-20 09:55 - 000014975 _____ C:\Users\Bolita de pelo\Downloads\Office-Professional-Plus-2016-(ARCHIVO).torrent
2020-03-20 09:43 - 2020-03-20 09:43 - 012966773 _____ C:\Users\Bolita de pelo\Downloads\2019.zip
2020-03-19 19:11 - 2020-03-19 19:30 - 000000000 ____D C:\ESD
2020-03-19 19:05 - 2020-03-19 19:05 - 019255000 _____ (Microsoft Corporation) C:\Users\Bolita de pelo\Downloads\MediaCreationTool1909.exe
2020-03-19 19:05 - 2020-03-19 19:05 - 000000000 ___HD C:\$Windows.~WS
2020-03-19 19:05 - 2020-03-19 19:05 - 000000000 ____D C:\$WINDOWS.~BT
2020-03-19 09:25 - 2020-03-20 12:19 - 000000000 ____D C:\Users\Bolita de pelo\Desktop\trabajo-wally
2020-03-18 17:51 - 2020-03-18 17:51 - 000012711 _____ C:\Users\Bolita de pelo\Downloads\LISTADO PARA INTRODUCIR EN BDP..xlsx
2020-03-18 17:48 - 2020-03-18 17:48 - 000010907 _____ C:\Users\Bolita de pelo\Downloads\LISTADO PARA INTRODUCIR EN BDP (1).xlsx
2020-03-18 17:47 - 2020-03-18 17:47 - 000010907 _____ C:\Users\Bolita de pelo\Downloads\LISTADO PARA INTRODUCIR EN BDP.xlsx
2020-03-18 12:02 - 2020-03-18 12:02 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\RadeonSettings
2020-03-18 10:41 - 2020-03-18 10:41 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-03-18 10:41 - 2020-03-18 10:41 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-03-18 10:41 - 2020-03-18 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2020-03-18 10:40 - 2019-09-18 18:00 - 001589352 _____ (AMD) C:\WINDOWS\system32\coinst_19.20.dll
2020-03-18 10:40 - 2019-09-18 18:00 - 001010704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-03-18 10:40 - 2019-09-18 18:00 - 001010704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-03-18 10:40 - 2019-09-18 18:00 - 000873648 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-18 10:40 - 2019-09-18 18:00 - 000873648 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-03-18 10:40 - 2019-09-18 18:00 - 000304232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-18 10:40 - 2019-09-18 18:00 - 000304232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-03-18 10:40 - 2019-09-18 18:00 - 000276072 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-18 10:40 - 2019-09-18 18:00 - 000276072 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-03-18 10:40 - 2019-09-18 18:00 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-03-18 10:40 - 2019-09-18 18:00 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-03-18 10:40 - 2019-09-18 17:59 - 001237096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-03-18 10:40 - 2019-09-18 17:59 - 000134760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-03-18 10:40 - 2019-09-18 17:59 - 000121448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-03-18 10:40 - 2019-09-18 17:32 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2020-03-18 10:40 - 2019-09-18 17:32 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2020-03-18 10:40 - 2019-09-18 17:32 - 000034488 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2020-03-17 20:19 - 2020-03-17 20:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-03-17 20:17 - 2020-03-22 19:23 - 000004238 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4529C964-F0A9-4C52-A9CD-2F83D8D293E7}
2020-03-17 20:17 - 2020-03-22 12:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-17 20:17 - 2020-03-21 08:53 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-17 20:17 - 2020-03-21 08:53 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-17 20:17 - 2020-03-17 20:17 - 000003272 _____ C:\WINDOWS\system32\Tasks\Yahoo! Powered necid
2020-03-17 20:17 - 2020-03-17 20:17 - 000002966 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper
2020-03-17 20:17 - 2020-03-17 20:17 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1038944701-3973403851-1073104603-1001
2020-03-17 20:17 - 2020-03-17 20:17 - 000000020 ___SH C:\Users\Bolita de pelo\ntuser.ini
2020-03-17 20:17 - 2020-03-17 20:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-03-17 20:16 - 2020-03-17 20:17 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2020-03-17 20:16 - 2020-03-17 20:17 - 000011433 _____ C:\WINDOWS\diagerr.xml
2020-03-17 20:15 - 2020-03-22 12:42 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-17 20:09 - 2020-03-17 20:17 - 000000000 ____D C:\Users\Bolita de pelo
2020-03-17 20:09 - 2020-03-17 20:12 - 000000000 ____D C:\Users\defaultuser0
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Reciente
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Plantillas
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Mis documentos
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Menú Inicio
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Impresoras
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Entorno de red
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis vídeos
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis imágenes
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mi música
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Datos de programa
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\Configuración local
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historial
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Datos de programa
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Archivos temporales de Internet
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Reciente
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Plantillas
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Mis documentos
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Menú Inicio
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Impresoras
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Entorno de red
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Documents\Mis vídeos
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Documents\Mis imágenes
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Documents\Mi música
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Datos de programa
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\Configuración local
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\AppData\Local\Historial
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\AppData\Local\Datos de programa
2020-03-17 20:09 - 2020-03-17 20:09 - 000000000 _SHDL C:\Users\Bolita de pelo\AppData\Local\Archivos temporales de Internet
2020-03-17 20:09 - 2020-03-17 19:54 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-03-17 20:09 - 2019-03-19 05:46 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-17 20:09 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Bolita de pelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-17 20:06 - 2020-03-22 15:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-17 20:06 - 2020-03-17 20:11 - 000442032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-17 20:05 - 2020-03-17 20:17 - 000000000 ____D C:\Windows.old
2020-03-17 20:02 - 2020-03-17 20:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2020-03-17 20:01 - 2020-03-17 20:02 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-03-17 20:01 - 2020-03-17 20:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-03-17 20:00 - 2020-03-17 20:00 - 000000000 ____D C:\ProgramData\USOShared
2020-03-17 20:00 - 2020-03-17 20:00 - 000000000 ____D C:\ProgramData\ssh
2020-03-17 19:56 - 2020-03-17 19:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 005502464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 004481536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-03-17 19:56 - 2020-03-17 19:56 - 004308480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-03-17 19:56 - 2020-03-17 19:56 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001541632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-03-17 19:56 - 2020-03-17 19:56 - 001510752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001272360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 001244944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000800568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2020-03-17 19:56 - 2020-03-17 19:56 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000744248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000737552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2020-03-17 19:56 - 2020-03-17 19:56 - 000633344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000420360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2020-03-17 19:56 - 2020-03-17 19:56 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000093104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2020-03-17 19:56 - 2020-03-17 19:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-03-17 19:56 - 2020-03-17 19:56 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecerts.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fvecerts.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2020-03-17 19:56 - 2020-03-17 19:56 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2020-03-17 19:56 - 2020-03-17 19:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2020-03-17 19:55 - 2020-03-17 19:55 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 007259648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 006436352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizimg.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005848840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 005013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004129648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 004048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002821120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 002773568 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-03-17 19:55 - 2020-03-17 19:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-17 19:55 - 2020-03-17 19:55 - 002743808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directml.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 002590208 _____ C:\WINDOWS\system32\dwmscene.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002369552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002230232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002158080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002132280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001972536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 001957008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001916744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001845408 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001788728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-03-17 19:55 - 2020-03-17 19:55 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001718584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001688064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001659192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001616784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001616696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001531656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001505320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

Demian_Orue · 25 Marzo, 2020 11:06

parte 2

2020-03-17 19:55 - 2020-03-17 19:55 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001482040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001412096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001396152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001387024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-03-17 19:55 - 2020-03-17 19:55 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001305608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 001297936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001283600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-03-17 19:55 - 2020-03-17 19:55 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001218632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001190912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001178816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001170960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001154448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001122816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001051448 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001047968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000983896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000960040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000957952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000929144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000904704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000904504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000891736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000888056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000857088 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-03-17 19:55 - 2020-03-17 19:55 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000828216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000827192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000824848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000816952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls
2020-03-17 19:55 - 2020-03-17 19:55 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2020-03-17 19:55 - 2020-03-17 19:55 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000805376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000792296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000784384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000776704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIsoCtnr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000759488 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000758800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000752792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000666640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000649016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000637440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000628400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000605896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbc32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000597816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000587064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000568120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000542288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000541480 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000524216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000502784 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000501232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-03-17 19:55 - 2020-03-17 19:55 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000494904 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000488056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000487576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-17 19:55 - 2020-03-17 19:55 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000454736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000453432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000450360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11on12.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000442704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000441072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-03-17 19:55 - 2020-03-17 19:55 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000416056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-03-17 19:55 - 2020-03-17 19:55 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000405632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000398728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000396088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000390456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000383984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000379840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webauthn.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000375504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000366416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000358944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secproc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000335448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000324616 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000320312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2020-03-17 19:55 - 2020-03-17 19:55 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000300392 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000293344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgmgr32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcomapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000285256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000283688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000283144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000274464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000267496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFMCP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000261016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000259984 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000259384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll

Demian_Orue · 25 Marzo, 2020 11:08

parte 3

2020-03-17 19:55 - 2020-03-17 19:55 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgmgr32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000230200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-03-17 19:55 - 2020-03-17 19:55 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000210400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000190256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-03-17 19:55 - 2020-03-17 19:55 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000181776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000179720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\twext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000176152 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeHelper.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000167136 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000162384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\devobj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Winlangdb.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000150536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000147184 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000145720 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000145208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000144376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000143808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000143160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000140496 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000138040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devobj.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000133944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000133464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47mrm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000132912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000132624 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ForceSync.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000125232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000120048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000116904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000100664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameChatTranscription.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000098104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\globinputhost.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000096032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000092624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000089616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000087048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000084496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-03-17 19:55 - 2020-03-17 19:55 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvvmtransport.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzautoupdate.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-03-17 19:55 - 2020-03-17 19:55 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmRes.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devrtl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000059221 _____ C:\WINDOWS\system32\srms.dat
2020-03-17 19:55 - 2020-03-17 19:55 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devrtl.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnppolicy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edpnotify.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000046632 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguageProfileCallback.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInput1_4.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-17 19:55 - 2020-03-17 19:55 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-17 19:55 - 2020-03-17 19:55 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2020-03-17 19:55 - 2020-03-17 19:55 - 000038912 _____ (Microsoft Corporation)

Demian_Orue · 25 Marzo, 2020 11:10

parte 4

C:\WINDOWS\SysWOW64\werdiagcontroller.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcicda.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000037904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000037392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInput1_4.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000030720 _____ C:\WINDOWS\system32\uwfservicingapi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Drivers\afunix.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciseq.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000020944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnlsres.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnlsres.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmsgapi.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
        2020-03-17 19:55 - 2020-03-17 19:55 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000016696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizres.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
        2020-03-17 19:55 - 2020-03-17 19:55 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
        2020-03-17 19:55 - 2020-03-17 19:55 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmplpxy.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011576 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxlibres.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchTM.exe
        2020-03-17 19:55 - 2020-03-17 19:55 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
        2020-03-17 19:55 - 2020-03-17 19:55 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
        2020-03-17 19:54 - 2020-03-17 19:54 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 007582752 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 006231200 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 004622280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
        2020-03-17 19:54 - 2020-03-17 19:54 - 004471296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 004009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003977216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003353088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003260928 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003184128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003143168 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002808832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 002656768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002552120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002522112 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002474496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002249216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002125904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 002071552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001884200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001823232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001762304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001744400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001717776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001635328 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
        2020-03-17 19:54 - 2020-03-17 19:54 - 001543168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
        2020-03-17 19:54 - 2020-03-17 19:54 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 001423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001383856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001372160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001337872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
        2020-03-17 19:54 - 2020-03-17 19:54 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001158656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001150240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
        2020-03-17 19:54 - 2020-03-17 19:54 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001084728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
        2020-03-17 19:54 - 2020-03-17 19:54 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000977688 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000977408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000945384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
        2020-03-17 19:54 - 2020-03-17 19:54 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
        2020-03-17 19:54 - 2020-03-17 19:54 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
        2020-03-17 19:54 - 2020-03-17 19:54 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000833616 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
        2020-03-17 19:54 - 2020-03-17 19:54 - 000826368 _____ (Microsoft Corporation)

Demian_Orue · 25 Marzo, 2020 11:11

parte 5

C:\WINDOWS\system32\printfilterpipelinesvc.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000804872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000732200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000728576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000722288 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000706760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000683008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000678928 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000656960 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11on12.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000642216 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000596008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
                2020-03-17 19:54 - 2020-03-17 19:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
                2020-03-17 19:54 - 2020-03-17 19:54 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000522384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
                2020-03-17 19:54 - 2020-03-17 19:54 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000449888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000429880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000425264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000369504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000355000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000342896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000338800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000296760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbaudio2.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000254776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000250896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ManageCI.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wosc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApproveChildRequest.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000237880 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000224056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000222520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Winlangdb.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000214032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000208696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000194064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000186672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47mrm.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000183608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000182288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000180232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000157752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000151568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000149504 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000141840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\globinputhost.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000117264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
                2020-03-17 19:54 - 2020-03-17 19:54 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000088488 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSystray.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000079376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uaspstor.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000066336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidspi.sys
                2020-03-17 19:54 - 2020-03-17 19:54 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
                2020-03-17 19:54 - 2020-03-17 19:54 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
                2020-03-17 19:54 - 2020-03-17 19:54 - 000059392 _____ (Microsoft Corporation) 
        C:\WINDOWS\system32\UserLanguageProfileCallback.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000056632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000055304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000053248 _____ C:\WINDOWS\system32\Drivers\UsbPmApi.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000052752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcicda.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000048256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000047616 _____ C:\WINDOWS\system32\UsbPmApi.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000037888 _____ C:\WINDOWS\system32\usocoreps.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
            2020-03-17 19:54 - 2020-03-17 19:54 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciseq.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000030008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000028936 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000023352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000019984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000019256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msisadrv.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000016912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
            2020-03-17 19:54 - 2020-03-17 19:54 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
            2020-03-17 19:54 - 2020-03-17 19:54 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
            2020-03-17 19:54 - 2020-03-17 19:54 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
            2020-03-17 19:49 - 2020-03-17 20:05 - 000000000 ____D C:\Program Files (x86)\MSBuild
            2020-03-17 19:49 - 2020-03-17 19:49 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
            2020-03-17 19:49 - 2020-03-17 19:49 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
            2020-03-17 19:49 - 2020-03-17 19:49 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
            2020-03-17 19:49 - 2020-03-17 19:49 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
            2020-03-17 19:49 - 2020-03-17 19:49 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
            2020-03-17 19:49 - 2020-03-17 19:49 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
            2020-03-17 19:49 - 2020-03-17 19:49 - 000000000 ____D C:\Program Files\Reference Assemblies
            2020-03-17 19:49 - 2020-03-17 19:49 - 000000000 ____D C:\Program Files\MSBuild
            2020-03-17 19:49 - 2020-03-17 19:49 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
            2020-03-17 19:47 - 2020-03-17 19:47 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
            2020-03-17 19:47 - 2020-03-17 19:47 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
            2020-03-15 17:41 - 2020-03-22 12:44 - 000000000 ___DC C:\WINDOWS\Panther
            2020-03-12 14:17 - 2020-03-12 14:20 - 000000000 ___HD C:\$GetCurrent
        ==================== Un mes (modificado) ==================

        (Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

        2020-03-22 19:35 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
        2020-03-22 12:44 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
        2020-03-22 12:44 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
        2020-03-22 12:43 - 2019-09-08 10:32 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\D3DSCache
        2020-03-22 12:42 - 2019-03-19 12:59 - 000788560 _____ C:\WINDOWS\system32\perfh00A.dat
        2020-03-22 12:42 - 2019-03-19 12:59 - 000155850 _____ C:\WINDOWS\system32\perfc00A.dat
        2020-03-22 12:37 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
        2020-03-22 12:37 - 2017-06-15 21:40 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
        2020-03-22 12:22 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
        2020-03-22 09:10 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
        2020-03-22 09:10 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
        2020-03-21 21:53 - 2017-11-24 22:53 - 000000000 ____D C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}
        2020-03-20 10:33 - 2017-03-18 21:54 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Roaming\qBittorrent
        2020-03-20 09:55 - 2018-01-01 14:09 - 000000000 ____D C:\pelis
        2020-03-20 09:44 - 2018-02-19 01:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
        2020-03-18 16:42 - 2018-11-20 14:25 - 000000000 ____D C:\Program Files\rempl
        2020-03-18 11:57 - 2017-03-13 21:55 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\AMD
        2020-03-18 10:41 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
        2020-03-18 10:41 - 2017-06-15 21:41 - 000000000 ____D C:\ProgramData\Package Cache
        2020-03-18 10:41 - 2017-06-15 21:40 - 000000000 ____D C:\Program Files\AMD
        2020-03-18 10:41 - 2017-03-13 21:54 - 000000000 ____D C:\AMD
        2020-03-18 10:39 - 2018-07-03 13:12 - 000000000 ____D C:\ProgramData\Packages
        2020-03-18 10:39 - 2017-12-09 14:52 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\Packages
        2020-03-18 09:30 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
        2020-03-18 09:30 - 2018-03-31 19:51 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\PlaceholderTileLogoFolder
        2020-03-18 09:29 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
        2020-03-18 09:28 - 2017-03-15 21:02 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
        2020-03-18 09:28 - 2017-03-15 21:02 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
        2020-03-17 20:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
        2020-03-17 20:17 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
        2020-03-17 20:17 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
        2020-03-17 20:17 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
        2020-03-17 20:17 - 2017-12-09 23:58 - 000000000 ___RD C:\Users\Bolita de pelo\3D Objects
        2020-03-17 20:17 - 2017-03-13 21:22 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Local\ConnectedDevicesPlatform
        2020-03-17 20:17 - 2016-11-21 09:07 - 000000000 __RHD C:\Users\Public\AccountPictures
        2020-03-17 20:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
        2020-03-17 20:13 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
        2020-03-17 20:12 - 2017-06-15 21:47 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
        2020-03-17 20:10 - 2017-04-23 19:58 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
        2020-03-17 20:09 - 2017-12-09 14:53 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
        2020-03-17 20:09 - 2017-04-23 19:58 - 000000000 ____D C:\Users\Bolita de pelo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
        2020-03-17 20:05 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
        2020-03-17 20:05 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
        2020-03-17 20:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
        2020-03-17 20:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
        2020-03-17 20:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
        2020-03-17 20:05 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
        2020-03-17 20:05 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
        2020-03-17 20:05 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
        2020-03-17 20:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
        2020-03-17 20:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
        2020-03-17 20:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
        2020-03-17 20:05 - 2018-02-01 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
        2020-03-17 20:05 - 2017-10-15 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
        2020-03-17 20:05 - 2017-06-15 07:34 - 000000000 ____D C:\Program Files\UNP
        2020-03-17 20:05 - 2017-05-20 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
        2020-03-17 20:05 - 2017-05-20 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
        2020-03-17 20:05 - 2017-05-20 20:10 - 000000000 ____D C:\WINDOWS\SHELLNEW
        2020-03-17 20:05 - 2017-04-23 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
        2020-03-17 20:05 - 2017-04-23 16:16 - 000000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿq
        2020-03-17 20:05 - 2017-03-19 16:22 - 000000000 ____D 
C:\WINDOWS\system32\9077124fd4a471f3b1ad96..bin
    2020-03-17 20:05 - 2017-03-18 23:24 - 000000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
    2020-03-17 20:05 - 2017-03-18 23:24 - 000000000 ____D C:\WINDOWS\system32\ec2eb61dc56946cef57273..bin
    2020-03-17 20:05 - 2017-03-15 22:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
    2020-03-17 20:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2020-03-17 20:02 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Resources
    2020-03-17 20:02 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
    2020-03-17 20:02 - 2017-06-15 21:40 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
    2020-03-17 20:00 - 2019-03-19 13:01 - 000000000 ___SD C:\WINDOWS\system32\AppV
    2020-03-17 20:00 - 2019-03-19 13:01 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\DiagTrack
    2020-03-17 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
    2020-03-17 20:00 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
    2020-03-17 19:58 - 2019-03-19 13:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
    2020-03-17 19:58 - 2019-03-19 13:01 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MUI
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
    2020-03-17 19:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
    2020-03-17 10:35 - 2017-03-15 22:34 - 000000000 ____D C:\WINDOWS\system32\MRT
    2020-03-17 10:33 - 2017-03-15 22:34 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2020-03-12 14:23 - 2019-10-20 23:48 - 000000036 _____ C:\WINDOWS\progress.ini
    2020-03-12 14:20 - 2019-10-20 23:43 - 000000000 ____D C:\Windows10Upgrade

    ==================== Archivos en la raíz de algunos directorios ========

    2017-11-25 21:37 - 2017-11-25 21:37 - 000000046 _____ () C:\Users\Bolita de pelo\AppData\Roaming\WB.CFG
    2019-03-01 10:53 - 2019-03-01 10:53 - 000300544 _____ () C:\Users\Bolita de pelo\AppData\Local\GtmfY2.tmp
    2018-01-01 21:54 - 2018-01-31 21:53 - 000000052 _____ () C:\Users\Bolita de pelo\AppData\Local\GtmfYLyrkd
    2018-02-26 22:57 - 2018-02-26 22:57 - 000007597 _____ () C:\Users\Bolita de pelo\AppData\Local\Resmon.ResmonCfg

    ==================== SigCheck ============================

    (No existe una corrección automática para los archivos que no pasan la verificación.)

    ==================== Final de FRST.txt ========================

Demian_Orue · 25 Marzo, 2020 11:13

Resultado Addition

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 22-03-2020
Ejecutado por Bolita de pelo (22-03-2020 19:41:30)
Ejecutado desde C:\Users\Bolita de pelo\Downloads
Windows 10 Pro Versión 1903 18362.720 (X64) (2020-03-17 19:17:28)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1038944701-3973403851-1073104603-500 - Administrator - Disabled)
Bolita de pelo (S-1-5-21-1038944701-3973403851-1073104603-1001 - Administrator - Enabled) => C:\Users\Bolita de pelo
DefaultAccount (S-1-5-21-1038944701-3973403851-1073104603-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1038944701-3973403851-1073104603-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-1038944701-3973403851-1073104603-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1038944701-3973403851-1073104603-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

AMD Settings (HKLM\...\WUCCCApp) (Version: 2019.0816.1152.21357 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.120.5.1101 - BlueStack Systems, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Kodi (HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Kodi) (Version:  - XBMC-Foundation)
League of Legends (HKLM-x32\...\{62292933-30AF-4962-B6BB-59191D386D94}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
qBittorrent 3.3.16 (HKLM-x32\...\qBittorrent) (Version: 3.3.16 - The qBittorrent project)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Transmission 2.94 (d8e60ee44f) (x64) (HKLM\...\{F822870C-AD55-47D1-A705-21661A02386B}) (Version: 2.94.0 - Transmission Project)
Unity Web Player (HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\UnityWebPlayer) (Version: 5.3.8f2 - Unity Technologies ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-03-18] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.5.9.0_x86__kgqvnymyfvs32 [2020-03-18] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [2020-03-19] (king.com)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-13] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20583.0_x64__8wekyb3d8bbwe [2020-03-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.3002.0_x64__8wekyb3d8bbwe [2020-03-17] (Microsoft Studios)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-13] (Microsoft Corporation) [MS Ad]
Paradise Bay -> C:\Program Files\WindowsApps\king.com.ParadiseBay_3.9.0.0_x86__kgqvnymyfvs32 [2018-12-14] (king.com)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1038944701-3973403851-1073104603-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Bolita de pelo\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\amd64\FileCoAuthLib64.dll => Ningún archivo
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2019-06-28 17:32 - 2019-06-28 17:32 - 000017920 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-06-28 17:32 - 2019-06-28 17:32 - 003598336 _____ () [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-16 11:37 - 2019-08-16 11:37 - 000158208 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\WINDOWS\SYSTEM32\amdihk64.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000040960 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000031744 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000414208 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000025088 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000023552 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000516608 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 001441280 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-16 11:49 - 2019-08-16 11:49 - 005999104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 006413824 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 001141760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000339968 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 004143104 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 003840000 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000332800 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000113152 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000349184 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 080959488 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 005622272 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000463360 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 000190464 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-06-28 17:32 - 2019-06-28 17:32 - 002825216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000053760 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000059392 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000017408 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000330752 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000137216 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000090112 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000017920 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-06-28 17:33 - 2019-06-28 17:33 - 000136192 _____ (The Qt Company Ltd.) [Archivo no firmado] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2016-07-16 12:47 - 2017-11-25 22:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{2FF39AE5-22E2-4097-AD8E-0F17F7477F37}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [UDP Query User{9AE71325-ABA6-4A82-8068-F2FB7022BDA2}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [TCP Query User{9A0F7385-6C82-4CAB-A560-EB9AF36015A7}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [{54F8819A-F41F-4455-96DD-44FE9E5799A5}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{6AA1C773-D983-44B1-AC94-0379FFAD4C6F}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [TCP Query User{7B55B620-63A7-4234-840A-778914497865}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Archivo no firmado]
FirewallRules: [UDP Query User{F103994C-F7AE-4C13-A714-1E75FB435521}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [Archivo no firmado]
FirewallRules: [TCP Query User{4744F506-5DA5-46FC-83EE-B018007574C4}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [Archivo no firmado]
FirewallRules: [UDP Query User{BAB18F75-0CB6-4490-8991-9CA68D728FAA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [Archivo no firmado]
FirewallRules: [{738A5758-72BA-42A2-9B22-2E94A0CD8BB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

18-03-2020 10:39:46 Windows Update

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (03/22/2020 07:20:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Bolita de pelo\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/22/2020 12:39:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Bolita de pelo\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/22/2020 09:15:03 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 29256 y el tamaño necesario es 30464.

Error: (03/22/2020 09:10:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: notepad.exe, versión: 10.0.18362.693, marca de tiempo: 0x2a425e19
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x00000000
Identificador del proceso con errores: 0x1328
Hora de inicio de la aplicación con errores: 0x01d60021683b1107
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SysWOW64\notepad.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: b5b0d29e-d56a-4804-aab7-d0d4acee20c6
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/22/2020 09:10:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Bolita de pelo\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/21/2020 08:52:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: notepad.exe, versión: 10.0.18362.693, marca de tiempo: 0x2a425e19
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0x00000000
Desplazamiento de errores: 0x00000000
Identificador del proceso con errores: 0x8d4
Hora de inicio de la aplicación con errores: 0x01d5ff55b5aaaeb7
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SysWOW64\notepad.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: e7e318f0-2ed4-4158-9683-c4b46c918322
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (03/21/2020 08:52:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Users\Bolita de pelo\AppData\Local\chromium\Application\chrome.exe".
No se encontró el ensamblado dependiente 58.0.2988.0,language="&#x2a;",type="win32",version="58.0.2988.0".
Use sxstrace.exe para obtener un diagnóstico detallado.

Error: (03/20/2020 09:09:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: notepad.exe, versión: 10.0.18362.693, marca de tiempo: 0x2a425e19
Nombre del módulo con errores: notepad.exe, versión: 10.0.18362.693, marca de tiempo: 0x2a425e19
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000046f8
Identificador del proceso con errores: 0x534
Hora de inicio de la aplicación con errores: 0x01d5fef386bab439
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SysWOW64\notepad.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SysWOW64\notepad.exe
Identificador del informe: fc9aa0a3-0b43-402f-a7e2-a7ba0df36bc6
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


Errores del sistema:
=============
Error: (03/22/2020 12:44:28 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-UI0O3VK)
Description: No se puede iniciar un servidor DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Error 
"2147942767"
al iniciar este comando:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/22/2020 12:36:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Office Software Protection Platform se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/22/2020 12:36:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (03/21/2020 02:05:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/17/2020 08:10:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de lista de redes se cerró con el siguiente error: 
El dispositivo no está listo.

Error: (03/17/2020 08:10:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A47979D2-C419-11D9-A5B4-001185AD2B89} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (03/17/2020 08:09:09 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: El servicio Extensiones y notificaciones de impresora ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.

Error: (03/17/2020 08:08:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Servicio de lista de redes se cerró con el siguiente error: 
El dispositivo no está listo.


Windows Defender:
===================================
Date: 2020-03-22 12:44:11.973
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Users\Bolita de pelo\AppData\Local\Temp\Rar$EXa0.965\ACTIVADOR\KMSAuto Net.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-UI0O3VK\Bolita de pelo
Nombre de proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: AV: 1.311.1722.0, AS: 1.311.1722.0, NIS: 1.311.1722.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-21 10:00:12.010
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\ProgramData\KMSAutoS\KMSAuto Net.exe; file:_C:\WINDOWS\System32\Tasks\KMSAutoNet->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{924E9481-783F-4F5E-88ED-706F66B7EC3D}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet; rootcert:_648384A4DEE53D4C1C87E10D67CC99307CCC9C98; taskscheduler:_C:\WINDOWS\System32\Tasks\KMSAutoNet
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1660.0, AS: 1.311.1660.0, NIS: 1.311.1660.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-20 11:43:58.318
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Users\Bolita de pelo\Downloads\ACTIVADOR.rar; webfile:_C:\Users\Bolita de pelo\Downloads\ACTIVADOR.rar|about:internet|pid:1764,ProcessStart:132291719925387178
Origen de detección: Internet
Tipo de detección: FastPath
Origen de detección: Descargas y datos adjuntos
Usuario: DESKTOP-UI0O3VK\Bolita de pelo
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1596.0, AS: 1.311.1596.0, NIS: 1.311.1596.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-20 10:00:56.114
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\pelis\Office Professional Plus 2016 Espaniol\Activadores\KMSAuto Lite Portable v1.2.1\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-UI0O3VK\Bolita de pelo
Nombre de proceso: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
Versión de inteligencia de seguridad: AV: 1.311.1596.0, AS: 1.311.1596.0, NIS: 1.311.1596.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-20 10:00:55.462
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\pelis\Office Professional Plus 2016 Espaniol\Activadores\KMSAuto Lite Portable v1.2.1\KMSAuto.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-UI0O3VK\Bolita de pelo
Nombre de proceso: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
Versión de inteligencia de seguridad: AV: 1.311.1596.0, AS: 1.311.1596.0, NIS: 1.311.1596.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

CodeIntegrity:
===================================

Date: 2020-03-22 19:20:26.885
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-22 13:32:43.377
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-22 13:32:41.230
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-22 12:39:27.915
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-22 09:10:40.085
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-21 08:52:32.222
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-20 21:09:43.309
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2020-03-20 19:19:57.844
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. 0505 11/06/2009
Placa base: ASUSTeK Computer INC. P5E3 PRO
Procesador: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz
Porcentaje de memoria en uso: 37%
RAM física total: 8191.05 MB
RAM física disponible: 5141.37 MB
Virtual total: 10111.05 MB
Virtual disponible: 6047.54 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:222.56 GB) (Free:125.14 GB) NTFS

\\?\Volume{2924fcf7-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.16 GB) NTFS
\\?\Volume{2924fcf7-0000-0000-0000-60c337000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 2924FCF7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=528 MB) - (Type=27)

==================== Final de Addition.txt =======================

Miguelgrado · 25 Marzo, 2020 14:22

Lo primero, corta y pega Frst.exe en el Escritorio, pues indicaba muy remarcado que se debia ejecutar desde esa ubicacion.

Por otra, el uso de activadores ilegales, como ves, trae consecuencias

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

Para hacerlo descarga Delfix en tu escritorio.
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-1038944701-3973403851-1073104603-1001\...\Run: [] =>  [X]
Task: {27052866-F0FF-47A2-8BC1-53C3760635C2} - System32\Tasks\Yahoo! Powered necid => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\tesa.txt" "68747470733a2f2f7275647564756c752e636f6d" "//B" "//E:jscript" "--IsErIk" <==== ATENCIÓN
C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}
Task: {C5334FF9-EDF8-440C-BEA9-D844E3E16A94} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: C:\WINDOWS\Tasks\Yahoo! Powered necid.job => C:\WINDOWS\system32\wscript.ex C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}\tesa.txt <==== ATENCIÓN
C:\ProgramData\{01D2C4B1-8B90-4E77-0D56-D03597145BFB}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [ocilpnnapnkmcdabaeoobbamlniheaep]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
2019-03-01 10:53 - 2019-03-01 10:53 - 000300544 _____ () C:\Users\Bolita de pelo\AppData\Local\GtmfY2.tmp
2018-01-01 21:54 - 2018-01-31 21:53 - 000000052 _____ () C:\Users\Bolita de pelo\AppData\Local\GtmfYLyrkd


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

Ejecutas Frst.exe.
Presionas el botón Corregir y aguardas a que termine.
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema