Cpu al 100%

Muy buenas, tengo un sistema win 7 sp1 de 64 bits con consumo de cpu al 100% aun sin hacer nada, adjunto los analisis del farbar.Addition.txt (32,3 KB) FRST.txt (119,1 KB)

Buenas @lapcsos.

Para revisar tu máquina correctamente, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 30/4/20
Hora del análisis: 11:14
Archivo de registro: f9ced5bc-8aec-11ea-89bc-0090f5a1fde5.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.889
Versión del paquete de actualización: 1.0.23208
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: BANGHO-PC\BANGHO

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 254177
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 23 min, 49 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-30-2020
# Duration: 00:01:10
# OS:       Windows 7 Ultimate
# Scanned:  31802
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [7366 octets] - [21/04/2020 14:37:34]
AdwCleaner[S01].txt - [7427 octets] - [21/04/2020 22:38:59]
AdwCleaner[C01].txt - [6543 octets] - [21/04/2020 22:55:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by BANGHO (Administrator) on 30/04/2020 at 10:20:43,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 18 

Failed to delete: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8R713KON (Temporary Internet Files Folder) 
Failed to delete: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P69E185F (Temporary Internet Files Folder) 
Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Program Files (x86)\Mozilla Firefox\searchplugins\safeguard-secure-search.xml (File) 
Successfully deleted: C:\Program Files (x86)\GUTB0C0.tmp (File) 
Successfully deleted: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6995A7RI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\BANGHO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X05UZSJA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6995A7RI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8R713KON (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P69E185F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X05UZSJA (Temporary Internet Files Folder) 



Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/04/2020 at 10:43:29,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-04-2020
Ejecutado por BANGHO (administrador) sobre BANGHO-PC (Bangho M7x0K) (30-04-2020 11:56:05)
Ejecutado desde C:\Users\BANGHO\Desktop
Perfiles cargados: BANGHO (Perfiles disponibles: BANGHO)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Idioma: Español (España, internacional)
Internet Explorer Versión 11 (Navegador predeterminado: Chrome)
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Windows\SysWOW64\Rezip.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe
(Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <7>
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-446854848-2789266872-518623571-1000\...\MountPoints2: G - G:\iLinker.exe
HKU\S-1-5-21-446854848-2789266872-518623571-1000\...\MountPoints2: {86934cef-abe0-11e2-8eb0-0090f5a1fde5} - F:\iLinker.exe
HKU\S-1-5-21-446854848-2789266872-518623571-1000\...\MountPoints2: {e08acbdb-beba-11e2-b568-0090f5a1fde5} - F:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {02A12A87-8668-4E8F-811A-6FEEA78560CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {360C7F7A-5CA1-410D-9F7B-6D5FE2DFC066} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {3997CD36-01C5-4D32-B530-91E9E77362AA} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> Ningún archivo <==== ATENCIÓN
Task: {54C50B30-2D9E-45ED-A1BA-140CFBF162C9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate
Task: {54C50B30-2D9E-45ED-A1BA-140CFBF162C9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate -noappraiser
Task: {7E034E8E-592D-4146-8E35-2732EBF6A922} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EFFC46F-AC8F-4835-A205-69F221018F69} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(3): %windir%\system32\rundll32.exe -> appraiser.dll,DailyGatedCheck
Task: {7EFFC46F-AC8F-4835-A205-69F221018F69} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(4): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy
Task: {8A80E689-3547-4F3E-93FB-4EE529C80809} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3808BC0-4C2A-405E-B8C6-AC8E23ECC7EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc -> Google Inc.)
Task: {A8C9E554-3836-4D14-B93B-42793F1F2A11} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> Ningún archivo <==== ATENCIÓN
Task: {B0DFD57A-5098-4F87-8D75-7C96F07F8841} - System32\Tasks\{8F9AB1F4-0634-40A3-A81A-D8D0EAB794B2} => C:\Windows\system32\pcalua.exe -a C:\Users\BANGHO\Downloads\01_WLAN\8191SE\Setup.exe -d C:\Users\BANGHO\Downloads\01_WLAN\8191SE
Task: {C3A1ABD1-B2BC-492A-ABAB-E5794E9C5FF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-21] (Adobe Inc. -> Adobe)
Task: {C971F6A2-7F32-4DA3-A157-8F882750872C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 190.211.167.34 190.211.167.35 8.8.8.8
Tcpip\..\Interfaces\{24A85088-0C90-4C7E-ADCA-6AD72F4427EA}: [DhcpNameServer] 10.0.0.2
Tcpip\..\Interfaces\{3B826952-9D7C-4CEA-8271-A1789319044F}: [DhcpNameServer] 190.211.167.34 190.211.167.35 8.8.8.8
Tcpip\..\Interfaces\{4D8936B7-C227-4906-9F9E-4D3AE6C95741}: [DhcpNameServer] 190.211.167.34 190.211.167.35 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-446854848-2789266872-518623571-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com.ar/
HKU\S-1-5-21-446854848-2789266872-518623571-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-446854848-2789266872-518623571-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-446854848-2789266872-518623571-1000 -> {B5D23074-DD28-425F-BE46-351465B6D9C9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-04-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-04-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
DPF: HKLM-x32 {83202D14-0AF7-493D-BBD8-53194FE0BFDB} hxxps://wsec06.bancogalicia.com.ar/Content/Components/GaliciaEnroll/GalCryptoComponents1020.cab
DPF: HKLM-x32 {D37BB1D6-A878-4721-9A64-77E6C9D44865} hxxps://wsec06.bancogalicia.com.ar/Content/Components/GaliciaCryptoClient/GalCryptoComponents1020.cab
DPF: HKLM-x32 {EA2267D1-FC6B-4268-A2B7-0B556F9BA2A7} hxxps://wsec06.bancogalicia.com.ar/scripts/components/GalVerifReq/GalVerifReq.CAB

FireFox:
========
FF DefaultProfile: 3eesvpio.default
FF ProfilePath: C:\Users\BANGHO\AppData\Roaming\Mozilla\Firefox\Profiles\3eesvpio.default [2020-04-28]
FF ProfilePath: C:\Users\BANGHO\AppData\Roaming\Mozilla\Firefox\Profiles\2qfw1o0i.default-release [2020-04-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-05-02] [Heredado] [no firmado]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => no encontrado
FF HKU\S-1-5-21-446854848-2789266872-518623571-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2020-04-28] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-04-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-04-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2020-04-28] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.) [Archivo no firmado]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [Ningún archivo]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-06-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Ningún archivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2006-10-07] (RealNetworks, Inc. -> RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2006-10-07] (RealNetworks, Inc.) [Archivo no firmado]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-446854848-2789266872-518623571-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\BANGHO\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-28] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\BANGHO\AppData\Local\Google\Chrome\User Data\Default [2020-04-30]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Documentos) - C:\Users\BANGHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-21]
CHR Extension: (IBM Security Rapport) - C:\Users\BANGHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2020-04-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\BANGHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\BANGHO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-28]
CHR HKU\S-1-5-21-446854848-2789266872-518623571-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S2 Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [949760 2009-08-07] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [81920 2012-05-18] (Firebird Project) [Archivo no firmado]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [2785280 2012-05-18] (Firebird Project) [Archivo no firmado]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Archivo no firmado]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Archivo no firmado]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Archivo no firmado]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-30] (Malwarebytes Inc -> Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Archivo no firmado]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3001632 2019-10-06] (IBM -> IBM Corp.)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [Archivo no firmado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5352960 2009-08-07] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
S3 massfilter; C:\Windows\System32\DRIVERS\massfilter.sys [11776 2010-10-01] (MBB Incorporated) [Archivo no firmado]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [429112 2019-10-06] (IBM -> IBM Corp.)
R1 RapportCerberus_1950099; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys [1466824 2020-04-25] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [542112 2019-10-06] (IBM -> IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [395384 2019-10-06] (IBM -> IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [445240 2019-10-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [560568 2019-10-06] (IBM -> IBM Corp.)
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [123520 2010-10-01] (ZTE Incorporated) [Archivo no firmado]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [123520 2010-10-01] (ZTE Incorporated) [Archivo no firmado]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [123520 2010-10-01] (ZTE Incorporated) [Archivo no firmado]
S2 eamonm; system32\DRIVERS\eamonm.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-30 11:56 - 2020-04-30 11:59 - 000019910 _____ C:\Users\BANGHO\Desktop\FRST.txt
2020-04-30 11:42 - 2020-04-30 11:42 - 000001539 _____ C:\Users\BANGHO\Desktop\mbam.txt
2020-04-30 11:12 - 2020-04-30 11:12 - 000000000 ____D C:\Users\BANGHO\AppData\Local\mbam
2020-04-30 11:11 - 2020-04-30 11:11 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-04-30 11:11 - 2020-04-30 11:11 - 000001948 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-30 11:11 - 2020-04-30 11:11 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-04-30 11:11 - 2020-04-30 11:11 - 000000000 ____D C:\Users\BANGHO\AppData\Local\mbamtray
2020-04-30 11:10 - 2020-04-30 11:09 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-04-30 11:09 - 2020-04-30 11:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-30 11:06 - 2020-04-30 11:06 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-30 11:04 - 2020-04-30 11:04 - 001928352 _____ (Malwarebytes) C:\Users\BANGHO\Downloads\MBSetup-0009996.0009996-consumer.exe
2020-04-30 10:43 - 2020-04-30 10:43 - 000003924 _____ C:\Users\BANGHO\Desktop\JRT.txt
2020-04-30 10:05 - 2020-04-30 10:06 - 001790024 _____ (Malwarebytes) C:\Users\BANGHO\Downloads\JRT.exe
2020-04-29 09:52 - 2020-04-29 09:57 - 000033117 _____ C:\Users\BANGHO\Downloads\Addition.txt
2020-04-29 09:43 - 2020-04-30 11:57 - 000000000 ____D C:\FRST
2020-04-29 09:43 - 2020-04-29 09:57 - 000121996 _____ C:\Users\BANGHO\Downloads\FRST.txt
2020-04-29 09:39 - 2020-04-29 09:39 - 002283008 _____ (Farbar) C:\Users\BANGHO\Desktop\FRST64.exe
2020-04-28 13:25 - 2020-04-28 13:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-28 13:23 - 2020-04-28 13:30 - 000000000 ____D C:\Users\BANGHO\AppData\LocalLow\Mozilla
2020-04-28 13:21 - 2020-04-28 13:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-28 13:21 - 2020-04-28 13:21 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-28 13:21 - 2020-04-28 13:21 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-04-28 13:21 - 2020-04-28 13:21 - 000000924 _____ C:\ProgramData\Desktop\Firefox.lnk
2020-04-28 13:05 - 2020-04-28 13:05 - 000001031 _____ C:\Users\BANGHO\Desktop\PhotoScape.lnk
2020-04-28 13:05 - 2020-04-28 13:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2020-04-28 13:04 - 2020-04-28 13:05 - 000000000 ____D C:\Program Files (x86)\PhotoScape
2020-04-28 12:58 - 2020-04-28 12:58 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2020-04-28 12:53 - 2020-04-28 12:53 - 000000000 ____D C:\Users\BANGHO\AppData\Roaming\Sun
2020-04-28 12:46 - 2020-04-28 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-04-28 12:46 - 2020-04-28 12:45 - 000129088 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2020-04-28 12:45 - 2020-04-28 12:45 - 000000000 ____D C:\ProgramData\Oracle
2020-04-28 12:44 - 2020-04-28 12:44 - 000000000 ____D C:\Users\BANGHO\AppData\LocalLow\Sun
2020-04-28 12:44 - 2020-04-28 12:44 - 000000000 ____D C:\Program Files\Java
2020-04-28 12:43 - 2020-04-28 12:43 - 000000000 ____D C:\Users\BANGHO\AppData\Local\ElevatedDiagnostics
2020-04-28 12:41 - 2019-12-30 23:40 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-04-28 12:41 - 2019-12-30 23:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-28 12:34 - 2020-04-28 12:34 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-28 12:34 - 2020-04-28 12:34 - 000002812 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-28 11:35 - 2020-04-28 11:35 - 000001847 _____ C:\Users\BANGHO\Desktop\Start Zoom.lnk
2020-04-28 11:31 - 2020-04-28 11:31 - 000000000 ____D C:\Users\BANGHO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2020-04-28 11:30 - 2020-04-28 11:32 - 000000000 ____D C:\Users\BANGHO\AppData\Roaming\Zoom
2020-04-28 11:13 - 2019-07-13 05:14 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2020-04-28 10:55 - 2020-04-28 10:56 - 011908008 _____ (Zoom Video Communications, Inc.) C:\Users\BANGHO\Downloads\ZoomInstaller.exe
2020-04-25 17:38 - 2020-04-25 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2020-04-25 17:35 - 2020-04-25 17:35 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2020-04-25 17:35 - 2020-04-25 17:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2020-04-25 17:34 - 2017-04-27 19:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2020-04-25 17:34 - 2017-04-12 10:05 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2020-04-25 17:10 - 2015-12-16 15:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2020-04-25 17:10 - 2015-12-16 15:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2020-04-25 17:10 - 2015-12-16 15:53 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2020-04-25 17:10 - 2015-12-16 15:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2020-04-25 17:10 - 2015-12-16 15:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2020-04-25 17:10 - 2015-12-16 15:48 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2020-04-25 11:29 - 2017-11-17 01:23 - 003222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-04-25 11:29 - 2017-11-14 22:27 - 000395968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-04-25 11:29 - 2017-11-14 21:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-04-25 11:29 - 2017-11-14 00:57 - 025731072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-04-25 11:29 - 2017-11-14 00:43 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-04-25 11:29 - 2017-11-14 00:43 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2020-04-25 11:29 - 2017-11-14 00:32 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-04-25 11:29 - 2017-11-14 00:31 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2020-04-25 11:29 - 2017-11-14 00:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2020-04-25 11:29 - 2017-11-14 00:30 - 000577024 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-04-25 11:29 - 2017-11-14 00:30 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2020-04-25 11:29 - 2017-11-14 00:30 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-04-25 11:29 - 2017-11-14 00:25 - 005925888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-04-25 11:29 - 2017-11-14 00:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-04-25 11:29 - 2017-11-14 00:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2020-04-25 11:29 - 2017-11-14 00:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2020-04-25 11:29 - 2017-11-14 00:20 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-04-25 11:29 - 2017-11-14 00:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-04-25 11:29 - 2017-11-14 00:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2020-04-25 11:29 - 2017-11-14 00:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2020-04-25 11:29 - 2017-11-14 00:15 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2020-04-25 11:29 - 2017-11-14 00:12 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2020-04-25 11:29 - 2017-11-14 00:06 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2020-04-25 11:29 - 2017-11-14 00:06 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2020-04-25 11:29 - 2017-11-14 00:05 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2020-04-25 11:29 - 2017-11-14 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2020-04-25 11:29 - 2017-11-14 00:02 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-04-25 11:29 - 2017-11-14 00:00 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-04-25 11:29 - 2017-11-13 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2020-04-25 11:29 - 2017-11-13 23:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-04-25 11:29 - 2017-11-13 23:48 - 015267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-04-25 11:29 - 2017-11-13 23:48 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-04-25 11:29 - 2017-11-13 23:48 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-04-25 11:29 - 2017-11-13 23:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2020-04-25 11:29 - 2017-11-13 23:46 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-04-25 11:29 - 2017-11-13 23:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-04-25 11:29 - 2017-11-13 23:27 - 001544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-04-25 11:29 - 2017-11-13 23:16 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-04-25 11:29 - 2017-11-13 22:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-04-25 11:29 - 2017-11-13 22:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2020-04-25 11:29 - 2017-11-13 22:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-04-25 11:29 - 2017-11-13 22:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-04-25 11:29 - 2017-11-13 22:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-04-25 11:29 - 2017-11-13 21:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-04-25 11:29 - 2017-11-13 21:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-04-25 11:29 - 2017-11-07 17:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-04-25 11:29 - 2017-11-07 17:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2020-04-25 11:29 - 2017-11-07 17:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2020-04-25 11:29 - 2017-11-07 17:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2020-04-25 11:29 - 2017-11-07 17:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-04-25 11:29 - 2017-11-07 17:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-04-25 11:29 - 2017-11-07 17:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2020-04-25 11:29 - 2017-11-07 17:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2020-04-25 11:29 - 2017-11-07 17:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-04-25 11:29 - 2017-11-07 17:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-04-25 11:29 - 2017-11-07 17:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2020-04-25 11:29 - 2017-11-07 17:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2020-04-25 11:29 - 2017-11-07 17:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2020-04-25 11:29 - 2017-11-07 17:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2020-04-25 11:29 - 2017-11-07 17:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-04-25 11:29 - 2017-11-07 17:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2020-04-25 11:29 - 2017-11-07 17:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2020-04-25 11:29 - 2017-11-07 17:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-04-25 11:29 - 2017-11-07 17:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-04-25 11:29 - 2017-11-07 17:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-04-25 11:29 - 2017-11-07 17:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2020-04-25 11:29 - 2017-11-07 17:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-04-25 11:29 - 2017-11-07 17:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-04-25 11:29 - 2017-11-07 16:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-04-25 11:29 - 2017-10-16 20:07 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-04-25 11:29 - 2017-10-16 18:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-04-25 11:29 - 2017-10-11 21:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-04-25 11:29 - 2017-10-11 21:55 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-04-25 11:29 - 2017-10-11 21:55 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2020-04-25 11:29 - 2017-10-11 21:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-04-25 11:29 - 2017-10-11 21:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-04-25 11:29 - 2017-10-11 21:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2020-04-25 11:29 - 2017-09-07 10:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2020-04-25 11:29 - 2017-08-15 12:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-04-25 11:29 - 2017-08-15 12:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2020-04-25 11:29 - 2017-08-15 12:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-04-25 11:29 - 2017-08-14 14:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2020-04-25 11:29 - 2017-08-14 14:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2020-04-25 11:29 - 2017-08-13 18:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2020-04-25 11:29 - 2017-08-11 03:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-04-25 11:29 - 2017-07-21 11:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2020-04-25 11:29 - 2017-07-21 11:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2020-04-25 11:29 - 2017-07-07 12:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2020-04-25 11:29 - 2017-07-07 12:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2020-04-25 11:29 - 2017-07-01 10:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-04-25 11:29 - 2017-05-30 01:56 - 001895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-04-25 11:29 - 2017-05-12 13:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-04-25 11:29 - 2017-05-12 12:58 - 001648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-04-25 11:29 - 2017-05-12 12:58 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-04-25 11:29 - 2017-05-10 12:29 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2020-04-25 11:29 - 2017-05-10 12:29 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2020-04-25 11:29 - 2017-05-10 12:29 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2020-04-25 11:29 - 2017-05-10 12:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2020-04-25 11:29 - 2017-05-10 12:14 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-04-25 11:29 - 2017-05-10 12:13 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2020-04-25 11:29 - 2017-05-10 12:13 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-04-25 11:29 - 2017-05-10 12:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-04-25 11:29 - 2017-05-10 12:13 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2020-04-25 11:29 - 2017-05-10 12:13 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2020-04-25 11:29 - 2017-05-10 12:13 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2020-04-25 11:29 - 2017-05-10 12:12 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2020-04-25 11:29 - 2017-05-10 12:00 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2020-04-25 11:29 - 2017-05-10 12:00 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2020-04-25 11:29 - 2017-05-10 12:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2020-04-25 11:29 - 2017-01-11 15:01 - 001887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-04-25 11:29 - 2016-11-09 13:33 - 003244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-04-25 11:29 - 2016-11-09 13:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-04-25 11:29 - 2016-10-07 12:32 - 003649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2020-04-25 11:29 - 2016-10-07 12:12 - 002291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2020-04-25 11:29 - 2016-09-15 11:56 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2020-04-25 11:29 - 2016-08-22 13:19 - 001386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-04-25 11:29 - 2016-08-06 12:31 - 002023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-04-25 11:29 - 2016-08-06 12:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-04-25 11:29 - 2016-03-23 19:40 - 003181568 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-04-25 11:29 - 2016-03-23 19:40 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2020-04-25 11:28 - 2017-11-07 13:31 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2020-04-25 11:28 - 2017-11-04 12:31 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2020-04-25 11:28 - 2017-11-04 12:31 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2020-04-25 11:28 - 2017-11-04 12:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2020-04-25 11:28 - 2017-11-04 12:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2020-04-25 11:28 - 2017-11-02 13:55 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-04-25 11:28 - 2017-11-02 13:55 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-04-25 11:28 - 2017-11-02 13:55 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-04-25 11:28 - 2017-11-02 13:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-04-25 11:28 - 2017-11-02 12:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-04-25 11:28 - 2017-11-02 12:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-04-25 11:28 - 2017-11-02 12:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-04-25 11:28 - 2017-11-02 11:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-04-25 11:28 - 2017-10-17 23:06 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2020-04-25 11:28 - 2017-10-17 23:06 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2020-04-25 11:28 - 2017-10-17 23:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2020-04-25 11:28 - 2017-10-17 23:06 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2020-04-25 11:28 - 2017-10-17 23:06 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2020-04-25 11:28 - 2017-10-17 23:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2020-04-25 11:28 - 2017-10-17 23:06 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2020-04-25 11:28 - 2017-10-16 20:04 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-04-25 11:28 - 2017-10-16 19:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-04-25 11:28 - 2017-10-11 21:58 - 000382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2020-04-25 11:28 - 2017-10-11 21:55 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-04-25 11:28 - 2017-10-11 21:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2020-04-25 11:28 - 2017-10-11 21:39 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-04-25 11:28 - 2017-10-11 21:38 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-04-25 11:28 - 2017-10-11 21:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-04-25 11:28 - 2017-10-11 21:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-04-25 11:28 - 2017-10-11 21:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-04-25 11:28 - 2017-10-11 21:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-04-25 11:28 - 2017-10-11 21:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-04-25 11:28 - 2017-10-11 21:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-04-25 11:28 - 2017-10-11 21:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2020-04-25 11:28 - 2017-10-11 21:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-04-25 11:28 - 2017-10-11 21:20 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2020-04-25 11:28 - 2017-10-11 21:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2020-04-25 11:28 - 2017-09-13 12:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-04-25 11:28 - 2017-09-13 12:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2020-04-25 11:28 - 2017-09-13 12:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2020-04-25 11:28 - 2017-09-13 12:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2020-04-25 11:28 - 2017-09-13 12:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2020-04-25 11:28 - 2017-09-13 12:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2020-04-25 11:28 - 2017-09-13 12:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-04-25 11:28 - 2017-09-13 12:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2020-04-25 11:28 - 2017-09-13 12:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2020-04-25 11:28 - 2017-09-13 12:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2020-04-25 11:28 - 2017-09-13 12:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2020-04-25 11:28 - 2017-09-13 12:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2020-04-25 11:28 - 2017-09-08 12:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-04-25 11:28 - 2017-09-08 12:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-04-25 11:28 - 2017-09-08 11:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2020-04-25 11:28 - 2017-09-08 11:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2020-04-25 11:28 - 2017-09-07 12:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2020-04-25 11:28 - 2017-09-07 12:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2020-04-25 11:28 - 2017-08-19 12:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2020-04-25 11:28 - 2017-08-19 12:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2020-04-25 11:28 - 2017-08-16 12:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2020-04-25 11:28 - 2017-08-16 12:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2020-04-25 11:28 - 2017-08-15 12:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2020-04-25 11:28 - 2017-08-14 14:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2020-04-25 11:28 - 2017-08-14 14:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2020-04-25 11:28 - 2017-08-13 18:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2020-04-25 11:28 - 2017-08-13 18:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2020-04-25 11:28 - 2017-08-11 03:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2020-04-25 11:28 - 2017-08-11 03:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2020-04-25 11:28 - 2017-08-11 03:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-04-25 11:28 - 2017-08-11 03:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2020-04-25 11:28 - 2017-08-11 03:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2020-04-25 11:28 - 2017-08-11 03:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2020-04-25 11:28 - 2017-08-11 03:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2020-04-25 11:28 - 2017-08-11 03:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2020-04-25 11:28 - 2017-08-11 03:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2020-04-25 11:28 - 2017-08-11 03:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-04-25 11:28 - 2017-08-11 03:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2020-04-25 11:28 - 2017-08-11 03:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2020-04-25 11:28 - 2017-08-11 03:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2020-04-25 11:28 - 2017-08-11 03:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2020-04-25 11:28 - 2017-08-11 03:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2020-04-25 11:28 - 2017-08-11 03:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2020-04-25 11:28 - 2017-08-11 03:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2020-04-25 11:28 - 2017-08-11 03:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2020-04-25 11:28 - 2017-08-11 03:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2020-04-25 11:28 - 2017-08-11 03:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2020-04-25 11:28 - 2017-08-11 03:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-04-25 11:28 - 2017-08-11 02:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2020-04-25 11:28 - 2017-07-29 11:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2020-04-25 11:28 - 2017-07-14 12:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-04-25 11:28 - 2017-07-14 12:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-04-25 11:28 - 2017-07-14 12:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-04-25 11:28 - 2017-07-14 11:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-04-25 11:28 - 2017-07-14 11:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-04-25 11:28 - 2017-07-14 11:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-04-25 11:28 - 2017-07-08 12:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2020-04-25 11:28 - 2017-07-07 12:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2020-04-25 11:28 - 2017-07-01 10:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2020-04-25 11:28 - 2017-07-01 10:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2020-04-25 11:28 - 2017-06-15 17:23 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-04-25 11:28 - 2017-06-12 19:49 - 001363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2020-04-25 11:28 - 2017-06-12 19:49 - 000594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2020-04-25 11:28 - 2017-06-12 19:49 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2020-04-25 11:28 - 2017-06-12 19:49 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2020-04-25 11:28 - 2017-06-12 19:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2020-04-25 11:28 - 2017-06-12 19:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2020-04-25 11:28 - 2017-06-12 19:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2020-04-25 11:28 - 2017-06-12 19:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2020-04-25 11:28 - 2017-06-12 19:14 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2020-04-25 11:28 - 2017-06-12 19:14 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2020-04-25 11:28 - 2017-06-12 19:14 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2020-04-25 11:28 - 2017-06-12 19:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2020-04-25 11:28 - 2017-06-12 19:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2020-04-25 11:28 - 2017-06-12 19:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2020-04-25 11:28 - 2017-06-02 05:10 - 000733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2020-04-25 11:28 - 2017-05-30 01:56 - 000377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2020-04-25 11:28 - 2017-05-30 01:56 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-04-25 11:28 - 2017-05-16 12:35 - 000986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-04-25 11:28 - 2017-05-16 12:35 - 000265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-04-25 11:28 - 2017-05-16 12:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-04-25 11:28 - 2017-05-10 12:33 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2020-04-25 11:28 - 2017-05-10 12:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2020-04-25 11:28 - 2017-05-10 12:00 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2020-04-25 11:28 - 2017-04-21 12:34 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2020-04-25 11:28 - 2017-04-21 12:15 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2020-04-25 11:28 - 2017-04-17 12:37 - 000876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-04-25 11:28 - 2017-04-17 12:12 - 000581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-04-25 11:28 - 2017-04-04 11:53 - 000496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-04-25 11:28 - 2017-03-30 12:03 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2020-04-25 11:28 - 2017-03-30 11:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2020-04-25 11:28 - 2017-03-10 13:32 - 001389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2020-04-25 11:28 - 2017-03-10 13:32 - 000300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2020-04-25 11:28 - 2017-03-10 13:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2020-04-25 11:28 - 2017-03-10 13:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2020-04-25 11:28 - 2017-03-10 12:57 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2020-04-25 11:28 - 2017-03-10 12:55 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2020-04-25 11:28 - 2017-03-10 12:55 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2020-04-25 11:28 - 2017-03-07 13:30 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-04-25 11:28 - 2017-03-07 13:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-04-25 11:28 - 2017-03-07 11:05 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-04-25 11:28 - 2017-03-03 22:27 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2020-04-25 11:28 - 2017-03-03 22:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2020-04-25 11:28 - 2017-02-09 13:32 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-04-25 11:28 - 2017-02-09 13:32 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-04-25 11:28 - 2017-02-09 13:32 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2020-04-25 11:28 - 2017-02-09 13:31 - 000625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2020-04-25 11:28 - 2017-02-09 13:31 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2020-04-25 11:28 - 2017-02-09 13:14 - 000481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2020-04-25 11:28 - 2017-02-09 13:14 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2020-04-25 11:28 - 2017-02-09 13:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2020-04-25 11:28 - 2017-02-09 12:51 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2020-04-25 11:28 - 2017-01-13 15:00 - 000976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-04-25 11:28 - 2017-01-13 15:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2020-04-25 11:28 - 2017-01-13 14:45 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-04-25 11:28 - 2017-01-13 14:45 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2020-04-25 11:28 - 2017-01-11 14:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-04-25 11:28 - 2016-11-21 15:12 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2020-04-25 11:28 - 2016-11-20 13:19 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2020-04-25 11:28 - 2016-11-10 13:32 - 001009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-04-25 11:28 - 2016-11-10 13:19 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-04-25 11:28 - 2016-11-09 13:41 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2020-04-25 11:28 - 2016-11-09 13:33 - 001941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2020-04-25 11:28 - 2016-11-09 13:33 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2020-04-25 11:28 - 2016-11-09 13:33 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-04-25 11:28 - 2016-11-09 13:33 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-04-25 11:28 - 2016-11-09 13:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2020-04-25 11:28 - 2016-11-09 13:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2020-04-25 11:28 - 2016-11-09 13:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-04-25 11:28 - 2016-11-09 13:02 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2020-04-25 11:28 - 2016-11-09 12:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2020-04-25 11:28 - 2016-10-11 12:32 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2020-04-25 11:28 - 2016-10-11 12:31 - 001148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2020-04-25 11:28 - 2016-10-11 12:31 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2020-04-25 11:28 - 2016-10-11 12:31 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2020-04-25 11:28 - 2016-10-11 12:31 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2020-04-25 11:28 - 2016-10-11 12:31 - 000132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2020-04-25 11:28 - 2016-10-11 12:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2020-04-25 11:28 - 2016-10-11 12:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2020-04-25 11:28 - 2016-10-11 12:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2020-04-25 11:28 - 2016-10-11 12:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2020-04-25 11:28 - 2016-10-11 11:55 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2020-04-25 11:28 - 2016-10-11 10:33 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2020-04-25 11:28 - 2016-10-11 10:18 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2020-04-25 11:28 - 2016-10-11 10:17 - 000419648 _____ C:\Windows\system32\locale.nls
2020-04-25 11:28 - 2016-10-11 10:06 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2020-04-25 11:28 - 2016-10-05 11:54 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2020-04-25 11:28 - 2016-09-12 18:08 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2020-04-25 11:28 - 2016-09-12 17:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2020-04-25 11:28 - 2016-09-08 17:34 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2020-04-25 11:28 - 2016-09-08 17:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2020-04-25 11:28 - 2016-09-08 17:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2020-04-25 11:28 - 2016-09-08 17:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2020-04-25 11:28 - 2016-09-08 11:55 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2020-04-25 11:28 - 2016-09-08 11:55 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2020-04-25 11:28 - 2016-08-12 13:26 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2020-04-25 11:28 - 2016-08-06 12:31 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-04-25 11:28 - 2016-08-06 12:31 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-04-25 11:28 - 2016-08-06 12:31 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-04-25 11:28 - 2016-08-06 12:31 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-04-25 11:28 - 2016-08-06 12:31 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-04-25 11:28 - 2016-08-06 12:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-04-25 11:28 - 2016-08-06 12:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-04-25 11:28 - 2016-08-06 12:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-04-25 11:28 - 2016-08-06 12:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-04-25 11:28 - 2016-08-06 12:01 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-04-25 11:28 - 2016-08-06 12:01 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-04-25 11:28 - 2016-08-06 11:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-04-25 11:28 - 2016-08-06 11:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-04-25 11:28 - 2016-08-06 11:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-04-25 11:27 - 2017-11-07 13:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2020-04-25 11:27 - 2017-07-21 11:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2020-04-25 11:27 - 2017-07-21 11:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2020-04-25 11:27 - 2017-01-11 15:01 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2020-04-25 11:27 - 2017-01-11 14:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2020-04-25 11:01 - 2019-02-21 01:10 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-04-25 11:01 - 2019-02-21 01:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2020-04-25 11:01 - 2019-02-21 01:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2020-04-25 11:01 - 2019-02-21 01:08 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-04-25 11:01 - 2019-02-21 01:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 01:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:59 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-04-25 11:01 - 2019-02-21 00:58 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2020-04-25 11:01 - 2019-02-21 00:58 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2020-04-25 11:01 - 2019-02-21 00:56 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:56 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2020-04-25 11:01 - 2019-02-21 00:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-04-25 11:01 - 2019-02-21 00:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2020-04-25 11:01 - 2019-02-21 00:41 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2020-04-25 11:01 - 2019-02-21 00:39 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2020-04-25 11:01 - 2019-02-21 00:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-04-25 11:01 - 2019-02-21 00:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2020-04-25 11:01 - 2019-02-21 00:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2020-04-25 11:01 - 2019-02-21 00:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-04-25 11:01 - 2019-02-21 00:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2020-04-25 11:01 - 2019-02-21 00:36 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-04-25 11:01 - 2019-02-21 00:36 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-04-25 11:01 - 2019-02-21 00:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-04-25 11:01 - 2019-02-21 00:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-04-25 11:01 - 2019-02-21 00:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-04-25 11:01 - 2019-02-21 00:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-04-25 11:01 - 2019-02-21 00:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-04-25 11:01 - 2019-02-21 00:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-04-25 11:01 - 2019-02-21 00:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2020-04-25 11:01 - 2019-02-21 00:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2020-04-25 11:01 - 2019-02-21 00:34 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2020-04-25 11:01 - 2019-02-21 00:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2020-04-25 11:01 - 2019-02-21 00:34 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2020-04-25 11:01 - 2019-02-21 00:34 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2020-04-25 11:01 - 2019-02-21 00:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2020-04-25 11:01 - 2019-02-21 00:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2020-04-25 11:01 - 2019-02-10 13:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2020-04-25 11:01 - 2019-02-10 13:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2020-04-25 11:01 - 2019-02-10 13:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2020-04-25 11:01 - 2019-02-10 13:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2020-04-25 11:01 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2020-04-25 11:01 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2020-04-25 11:01 - 2019-02-10 13:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2020-04-25 11:01 - 2019-02-10 13:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2020-04-25 11:01 - 2019-02-10 13:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-04-25 11:01 - 2019-02-10 13:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2020-04-25 11:01 - 2019-02-10 13:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2020-04-25 11:01 - 2019-02-10 13:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-04-25 11:01 - 2019-02-10 13:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-04-25 11:01 - 2019-02-10 13:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2020-04-25 11:01 - 2019-02-10 13:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-04-25 11:01 - 2019-02-10 13:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2020-04-25 11:01 - 2019-02-10 13:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2020-04-25 11:01 - 2019-02-10 13:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2020-04-25 11:01 - 2019-02-10 13:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-04-25 11:01 - 2019-02-10 12:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-04-25 11:01 - 2019-02-10 12:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2020-04-25 11:01 - 2018-11-17 23:43 - 000249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2020-04-25 11:00 - 2019-02-21 01:12 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-04-25 11:00 - 2019-02-21 01:10 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-04-25 11:00 - 2019-02-21 01:09 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-04-25 11:00 - 2019-02-21 01:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2020-04-25 11:00 - 2019-02-21 01:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2020-04-25 11:00 - 2019-02-21 01:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2020-04-25 11:00 - 2019-02-21 01:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2020-04-25 11:00 - 2019-02-21 01:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2020-04-25 11:00 - 2019-02-21 01:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2020-04-25 11:00 - 2019-02-21 00:56 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2020-04-25 11:00 - 2019-02-21 00:56 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2020-04-25 11:00 - 2019-02-21 00:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2020-04-25 11:00 - 2019-02-21 00:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2020-04-25 11:00 - 2019-02-21 00:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2020-04-25 11:00 - 2019-02-10 13:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-04-25 11:00 - 2019-02-10 13:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2020-04-25 11:00 - 2019-02-10 13:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2020-04-25 11:00 - 2019-02-10 13:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-04-25 11:00 - 2019-02-10 13:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2020-04-25 11:00 - 2019-02-10 13:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2020-04-25 11:00 - 2019-02-10 13:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2020-04-25 11:00 - 2019-02-10 13:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-04-25 11:00 - 2019-02-10 13:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-04-25 11:00 - 2019-02-10 13:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2020-04-25 11:00 - 2019-02-10 12:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2020-04-25 11:00 - 2019-02-10 12:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2020-04-25 11:00 - 2019-02-10 12:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-04-25 11:00 - 2018-11-17 23:56 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-04-25 11:00 - 2018-11-17 23:44 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-04-25 11:00 - 2018-11-17 23:43 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2020-04-25 11:00 - 2018-11-17 23:43 - 000297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2020-04-25 10:56 - 2016-05-12 12:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2020-04-25 10:55 - 2016-07-07 12:08 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2020-04-25 10:54 - 2016-03-16 15:50 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2020-04-25 10:54 - 2016-03-16 15:28 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2020-04-25 10:54 - 2016-03-16 15:28 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2020-04-25 10:36 - 2016-05-11 14:02 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-04-25 10:36 - 2016-05-11 14:02 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2020-04-25 10:36 - 2016-05-11 14:02 - 000296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2020-04-25 10:36 - 2016-05-11 12:19 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-04-25 10:36 - 2016-05-11 12:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2020-04-25 10:36 - 2016-05-11 12:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2020-04-25 10:36 - 2016-03-09 15:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2020-04-25 10:36 - 2016-03-09 15:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2020-04-25 10:35 - 2016-08-29 12:04 - 003229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-04-25 10:35 - 2016-08-29 11:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-04-25 10:34 - 2016-05-12 14:15 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2020-04-25 10:34 - 2016-05-12 14:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-04-25 10:34 - 2016-05-12 14:14 - 000793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2020-04-25 10:34 - 2016-05-12 14:14 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2020-04-25 10:34 - 2016-05-12 14:14 - 000373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2020-04-25 10:34 - 2016-05-12 14:14 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-04-25 10:34 - 2016-05-12 14:14 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2020-04-25 10:34 - 2016-05-12 14:14 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2020-04-25 10:34 - 2016-05-12 12:18 - 000591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2020-04-25 10:34 - 2016-05-12 12:18 - 000274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2020-04-25 10:34 - 2016-05-12 12:18 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-04-25 10:34 - 2016-05-12 12:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2020-04-25 10:34 - 2016-05-12 12:18 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2020-04-25 10:34 - 2016-05-12 12:06 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2020-04-25 10:34 - 2016-05-12 11:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2020-04-25 10:34 - 2016-05-12 11:57 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2020-04-25 10:34 - 2016-04-14 10:49 - 000603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2020-04-25 10:34 - 2016-04-14 10:21 - 000647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2020-04-25 10:33 - 2016-03-09 16:00 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2020-04-25 10:33 - 2016-03-09 15:40 - 000316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2020-04-25 10:24 - 2020-04-25 10:24 - 000001912 _____ C:\Windows\epplauncher.mif
2020-04-25 10:14 - 2020-04-25 10:14 - 000002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2020-04-25 10:14 - 2020-04-25 10:14 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2020-04-25 10:13 - 2020-04-25 10:14 - 000000000 ____D C:\Program Files\Microsoft Security Client
2020-04-25 10:05 - 2018-03-15 16:30 - 015083200 _____ (Microsoft Corporation) C:\Users\BANGHO\Downloads\mseinstall 64.exe
2020-04-25 10:04 - 2016-01-20 21:51 - 000073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2020-04-25 10:04 - 2015-07-09 14:58 - 001632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-04-25 10:04 - 2015-07-09 14:58 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2020-04-25 10:04 - 2015-07-09 14:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2020-04-25 10:04 - 2015-07-09 14:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2020-04-25 10:02 - 2015-07-22 21:02 - 000879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2020-04-25 10:02 - 2015-07-22 14:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2020-04-25 09:59 - 2016-02-05 15:56 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-04-25 09:59 - 2016-02-05 15:54 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2020-04-25 09:59 - 2016-02-05 14:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-04-25 09:59 - 2015-06-03 17:21 - 000451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2020-04-25 09:58 - 2016-02-09 06:55 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2020-04-25 09:58 - 2016-02-04 22:19 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2020-04-25 09:58 - 2016-02-04 15:41 - 000296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2020-04-25 09:58 - 2016-02-03 15:07 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2020-04-25 09:58 - 2015-10-29 14:50 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-04-25 09:58 - 2015-10-29 14:50 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2020-04-25 09:58 - 2015-10-29 14:50 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2020-04-25 09:58 - 2015-10-29 14:50 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2020-04-25 09:58 - 2015-10-29 14:50 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-04-25 09:58 - 2015-10-29 14:49 - 000295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-04-25 09:58 - 2015-10-29 14:49 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2020-04-25 08:24 - 2015-12-11 15:57 - 001164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-04-25 08:24 - 2015-12-08 18:53 - 000509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2020-04-25 08:24 - 2015-12-08 16:07 - 000624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2020-04-25 08:24 - 2015-11-16 17:17 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-04-25 08:24 - 2015-11-13 20:09 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2020-04-25 08:24 - 2015-11-13 20:09 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2020-04-25 08:24 - 2015-11-13 20:08 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2020-04-25 08:24 - 2015-11-13 19:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2020-04-25 08:24 - 2015-11-13 19:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2020-04-25 08:24 - 2015-11-13 19:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2020-04-25 08:24 - 2015-11-05 16:05 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2020-04-25 08:24 - 2015-11-05 16:02 - 000014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2020-04-25 08:24 - 2015-11-05 06:53 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2020-04-25 08:23 - 2015-10-13 01:57 - 000950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-04-25 08:22 - 2015-12-08 18:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-04-25 08:22 - 2015-12-08 18:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2020-04-25 08:22 - 2015-12-08 18:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2020-04-25 08:22 - 2015-12-08 18:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2020-04-25 08:22 - 2015-12-08 18:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2020-04-25 08:22 - 2015-12-08 18:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2020-04-25 08:22 - 2015-12-08 18:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2020-04-25 08:22 - 2015-12-08 18:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2020-04-25 08:22 - 2015-12-08 18:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2020-04-25 08:22 - 2015-12-08 18:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 002777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 001955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 001575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 001393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 001307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 001232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 001160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 001026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 000978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2020-04-25 08:22 - 2015-12-08 16:07 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2020-04-25 08:22 - 2015-12-08 16:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2020-04-25 08:22 - 2015-12-08 16:06 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2020-04-25 08:22 - 2015-12-08 15:54 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2020-04-25 08:22 - 2015-12-08 15:12 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2020-04-25 08:22 - 2015-12-08 15:11 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2020-04-25 08:07 - 2016-01-22 03:18 - 000961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-04-25 08:07 - 2016-01-22 03:18 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2020-04-25 08:07 - 2016-01-22 03:04 - 000642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-04-25 08:07 - 2016-01-22 03:04 - 000535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2020-04-24 18:07 - 2020-04-24 18:08 - 000000000 ____D C:\bdd2992e1e363bdb1ebd4a122c50
2020-04-24 17:40 - 2015-11-03 16:04 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2020-04-24 17:40 - 2015-11-03 15:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2020-04-24 05:43 - 2020-04-24 05:43 - 000000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2020-04-24 05:43 - 2020-04-24 05:43 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2020-04-23 13:02 - 2020-04-23 13:02 - 000000000 ____D C:\Users\BANGHO\Documents\Simply Super Software
2020-04-23 12:24 - 2020-04-24 08:15 - 000000000 ____D C:\Program Files (x86)\Trojan Remover
2020-04-23 12:08 - 2020-04-23 12:11 - 012054352 _____ (Simply Super Software ) C:\Users\BANGHO\Downloads\trjsetup.exe
2020-04-21 23:57 - 2020-04-25 09:48 - 000000000 ____D C:\Users\BANGHO\AppData\Roaming\ZHP
2020-04-21 23:57 - 2020-04-21 23:57 - 000000000 ____D C:\Users\BANGHO\AppData\Local\ZHP
2020-04-21 23:52 - 2020-04-21 23:52 - 003299200 _____ (Nicolas Coolman) C:\Users\BANGHO\Downloads\ZHPCleaner.exe
2020-04-21 14:33 - 2020-04-21 22:52 - 000000000 ____D C:\AdwCleaner
2020-04-21 13:35 - 2020-04-21 15:09 - 008196784 _____ (Malwarebytes) C:\Users\BANGHO\Downloads\adwcleaner_8.0.4.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-30 11:04 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2020-04-30 10:11 - 2013-04-20 00:19 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-30 10:11 - 2013-04-20 00:19 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-30 10:11 - 2013-04-20 00:19 - 000002181 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-30 09:53 - 2009-07-14 01:45 - 000016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-30 09:53 - 2009-07-14 01:45 - 000016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-30 09:45 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-29 09:19 - 2013-04-20 00:15 - 000000000 ____D C:\Users\BANGHO\AppData\Local\Adobe
2020-04-28 13:44 - 2009-07-14 06:31 - 001014476 _____ C:\Windows\system32\perfh00A.dat
2020-04-28 13:44 - 2009-07-14 06:31 - 000248904 _____ C:\Windows\system32\perfc00A.dat
2020-04-28 13:44 - 2009-07-14 02:13 - 000006248 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-28 13:24 - 2015-07-09 11:46 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-04-28 13:24 - 2013-04-20 00:34 - 000000000 ____D C:\ProgramData\Mozilla
2020-04-28 13:23 - 2013-04-20 00:34 - 000000000 ____D C:\Users\BANGHO\AppData\Roaming\Mozilla
2020-04-28 13:21 - 2015-07-09 11:47 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-28 13:13 - 2013-04-22 22:05 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-04-28 13:13 - 2013-04-22 22:05 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-04-28 13:13 - 2013-04-22 22:05 - 000000000 ____D C:\Windows\system32\Macromed
2020-04-28 13:07 - 2013-04-21 09:00 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-28 12:35 - 2013-04-18 20:24 - 000000000 ____D C:\Windows\Panther
2020-04-28 12:35 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\ModemLogs
2020-04-28 12:34 - 2013-04-19 22:42 - 000000000 ____D C:\Program Files\CCleaner
2020-04-28 12:33 - 2013-04-19 22:43 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-28 12:33 - 2013-04-19 22:43 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-28 12:33 - 2013-04-19 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-28 09:29 - 2009-07-14 02:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD
2020-04-28 09:29 - 2009-07-14 01:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2020-04-28 07:20 - 2009-07-14 01:45 - 000409768 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-25 22:05 - 2009-07-14 02:32 - 000000000 ____D C:\Program Files\DVD Maker
2020-04-25 22:05 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2020-04-25 22:05 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2020-04-25 22:05 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\Setup
2020-04-25 22:05 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\migwiz
2020-04-25 22:04 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-04-25 22:03 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-04-25 22:03 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\system32\Dism
2020-04-25 20:08 - 2013-07-12 03:01 - 000000000 ____D C:\Windows\system32\MRT
2020-04-25 19:56 - 2013-04-20 14:58 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-04-25 18:17 - 2009-07-14 00:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-04-25 07:16 - 2015-08-26 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Seguridad Terminal
2020-04-25 07:11 - 2009-07-14 02:08 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-04-24 07:22 - 2013-04-19 23:11 - 000000000 ____D C:\ProgramData\Temp
2020-04-21 23:05 - 2013-04-19 23:21 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-21 23:05 - 2013-04-19 23:21 - 000003344 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-21 23:03 - 2013-04-19 22:29 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-21 15:40 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\tracing
2020-04-21 13:41 - 2013-04-22 22:06 - 000004320 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-01 20:49 - 2013-04-20 09:31 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)


LastRegBack: 2016-03-11 15:10
==================== Final de FRST.txt ========================
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-04-2020
Ejecutado por BANGHO (30-04-2020 12:04:54)
Ejecutado desde C:\Users\BANGHO\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2013-04-19 03:33:51)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-446854848-2789266872-518623571-500 - Administrator - Disabled)
BANGHO (S-1-5-21-446854848-2789266872-518623571-1000 - Administrator - Enabled) => C:\Users\BANGHO
Invitado (S-1-5-21-446854848-2789266872-518623571-501 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

1400 (HKLM-x32\...\{22DD005D-0EF1-4E3E-92F8-49D89E31479A}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
1400_Help (HKLM-x32\...\{6FBE200D-1F00-40B7-BF48-FEB265AADE94}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (HKLM-x32\...\{6A3C2391-BCE2-4D28-A336-73B953B4502F}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.363 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (HKLM-x32\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
ATI Catalyst Install Manager (HKLM\...\{4B312AD8-ABCF-1D1B-F6A7-F8EA5CE3BA4C}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
AVEO USB2.0 PC Camera(E2WVTM2N90829) (HKLM-x32\...\{8C8D2898-652B-4C39-BC26-C80CA58D98E1}) (Version: 1.0.2.6 - AVEO)
BisonCam (HKLM-x32\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.96.1728.10.4 - BisonCam)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
ccc-core-static (HKLM-x32\...\{649C6544-192F-8FCD-5C09-84E66F479BC0}) (Version: 2009.0721.1107.18080 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Firebird 2.1.5.18496 (Win32) (HKLM-x32\...\FBDBServer_2_1_is1) (Version: 2.1.5.18496 - Firebird Project)
Firebird/InterBase(r) ODBC driver 2.0.1.152 (HKLM-x32\...\Firebird ODBC Driver_is1) (Version: 2.0.1.152 - Firebird Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet 2540 series Ayuda (HKLM-x32\...\{97B017B2-40F3-4308-91EA-F3A881859248}) (Version: 30.0.0 - Hewlett Packard)
HP Deskjet 2540 series Software básico del dispositivo (HKLM\...\{5594F501-CF3C-4D34-9CDF-15FC2DEF7752}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.10.5 - JMicron Technology Corp.)
JMicron JMB38X Flash Media Controller (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.8 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Mobile Drivers Installation 5.1.0 (HKLM\...\{581F6FB0-46E6-42DA-98CC-ABB001386520}) (Version: 5.1.0 - Motorola Inc.)
Mozilla Firefox 75.0 (x64 es-AR) (HKLM\...\Mozilla Firefox 75.0 (x64 es-AR)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 Lite 8.3.2.1b (HKLM-x32\...\Nero8Lite_is1) (Version: 8.3.2.1b - Updatepack.nl)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1950.120 - Trusteer) Hidden
Real Alternative 1.51 (HKLM-x32\...\RealAlt_is1) (Version: 1.51 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.01.0092 - REALTEK Semiconductor Corp.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.3.0 - Synaptics Incorporated)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trusteer Seguridad Terminal (HKLM-x32\...\Rapport_msi) (Version: 3.5.1950.120 - Trusteer)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
WebCam Installer (HKLM-x32\...\{29477E33-08A1-4440-BBCB-ED868797B5BA}) (Version: 1.00f - WebCam)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Zoom (HKU\S-1-5-21-446854848-2789266872-518623571-1000\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> Ningún archivo
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> Ningún archivo
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2009-07-21] (Advanced Micro Devices, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2007-09-21] () [Archivo no firmado]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-09-21] () [Archivo no firmado]

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2013-04-19 22:28 - 2007-09-21 10:00 - 000043008 _____ () [Archivo no firmado] C:\Program Files (x86)\WinRAR\rarext64.dll
2009-07-21 11:01 - 2009-07-21 11:01 - 000871936 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2009-07-21 11:01 - 2009-07-21 11:01 - 000003584 _____ (Advanced Micro Devices, Inc.) [Archivo no firmado] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2013-09-25 15:28 - 2012-05-18 11:24 - 000450560 _____ (Firebird Project) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\fbclient.dll
2009-09-20 12:36 - 2009-09-20 12:36 - 000249344 _____ (Hewlett-Packard Co.) [Archivo no firmado] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 12:24 - 2009-09-20 12:24 - 000213504 _____ (Hewlett-Packard Co.) [Archivo no firmado] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 12:24 - 2009-09-20 12:24 - 000133120 _____ (Hewlett-Packard Co.) [Archivo no firmado] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2010-10-22 13:08 - 2010-10-22 13:08 - 001039360 _____ (Hewlett-Packard Co.) [Archivo no firmado] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [Archivo no firmado] c:\windows\system32\hpzipm12.dll
2013-09-25 15:28 - 2012-05-18 11:16 - 001339392 _____ (IBM Corporation and others) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\icudt30.dll
2013-09-25 15:28 - 2012-05-18 11:15 - 000675840 _____ (IBM Corporation and others) [Archivo no firmado] C:\Program Files (x86)\Firebird\Firebird_2_1\bin\icuuc30.dll

==================== Alternate Data Streams (Lista blanca) ========

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-446854848-2789266872-518623571-1000\...\bancogalicia.com.ar -> hxxps://wsec06.bancogalicia.com.ar

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2009-07-13 23:34 - 2013-08-26 21:38 - 000000864 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-446854848-2789266872-518623571-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 190.211.167.34 - 190.211.167.35
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BisonHK => C:\Program Files (x86)\BisonCam\BisonHK.exe
MSCONFIG\startupreg: GSMEjector => C:\Program Files (x86)\PERSONAL\GSM\GSMCliEjector.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{F8E2DD33-C007-420E-99AA-AB5CE79D7334}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{5E267AA2-BB43-4818-92D8-E0809FB5B456}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{DD8B4E6C-EF03-4F45-8A52-382FAAA0A270}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{5DEA8F9E-5504-44BE-8D8A-36CD1AC57994}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{74ABD5CF-BE84-4B96-967F-86FB3B041787}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{0D2DC40A-CF36-453A-B6A7-005A10FC657F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{6916CB13-FD06-491A-9B03-EEADF4FE08E2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{7A9719BF-AA41-4966-B190-DCEA4890DE3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{37DFF8F4-912F-4474-9C77-5CABE4C98644}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{2CDBFF11-AE48-4275-BFA5-4D70033E18D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{D74AE02D-C8E9-44B4-9381-F315AD35CA0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{84BBFEEE-A5B4-4E29-B908-F7D6F348292A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{5EF16D40-AA8B-4DE3-BBB1-B7CA11FAE529}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [Archivo no firmado]
FirewallRules: [{8B31FE4E-D6FA-4092-A296-334A4353C6D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [Archivo no firmado]
FirewallRules: [{D99DF709-1463-4773-A092-D6EB26B7DB0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [Archivo no firmado]
FirewallRules: [{190AEEE1-E94A-4EF1-97BE-F469EF97222F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{4D42969F-B554-4C6A-A890-EAFF38025444}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{A5F86585-B32F-4F57-90E1-C71EF68B73C9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{A64C06CC-915F-42AB-B126-0FF6A2B75D31}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [Archivo no firmado]
FirewallRules: [{2FB38600-C80D-4916-B9F1-80D5AA6ABE51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [Archivo no firmado]
FirewallRules: [{BFDEDCAE-CBFB-42BB-95F2-DACA43112024}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{962BB9CE-DDED-450A-866D-8B798FB3B56A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{26122299-76EA-4E5F-BF07-AE4677E34887}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{0FD7C384-4369-41C0-AC3E-E1BCC1A13969}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [{BCEC114F-1E3E-4996-ABD7-E90E480CAFB9}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7DB7509D-5C59-4CF8-97D1-F860A1CA04F1}] => (Allow) LPort=5357
FirewallRules: [{2B42178F-E7B5-4722-AB1C-1BCA9BF93875}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F712E194-8576-4380-882F-D5636195349C}] => (Allow) C:\Users\BANGHO\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BE8196EF-D410-4631-BCC9-95A7791D3310}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{66DD5EB7-DAB0-4A67-9780-A900F12AF642}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CBF80F1D-0CEE-4DE1-96F2-FD1282DBFBBB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

25-04-2020 21:50:57 Windows Update
28-04-2020 09:35:06 Windows Update
28-04-2020 11:18:48 Windows Update
28-04-2020 13:39:14 Windows Update
30-04-2020 10:20:45 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/30/2020 11:17:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 4.0.0.638, marca de tiempo: 0x5ea214c5
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5e8272e4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219d05
Id. del proceso con errores: 0x7bc
Hora de inicio de la aplicación con errores: 0x01d61ef938cdb04f
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Id. del informe: 4689b0db-8aed-11ea-9393-0090f5a1fde5

Error: (04/28/2020 01:44:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.

Error: (04/28/2020 01:44:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/28/2020 01:44:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/28/2020 12:35:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.

Error: (04/28/2020 12:35:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/28/2020 12:35:22 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Las cadenas de rendimiento del valor del Registro de rendimiento están dañadas al procesar el proveedor de contador de extensión Performance. El valor BaseIndex del Registro de rendimiento es el primer valor DWORD, el valor LastCounter es el segundo valor DWORD y el valor LastHelp es el tercer valor DWORD de la sección de datos.

Error: (04/28/2020 11:50:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Error al descargar las cadenas del contador de rendimiento para el servicio WmiApRpl (WmiApRpl). El primer valor DWORD de la sección de datos contiene el código de error.


Errores del sistema:
=============
Error: (04/30/2020 10:24:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Ati External Event Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/30/2020 09:57:13 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Antimalware de Microsoft ha encontrado un error al intentar actualizar las firmas.

	Nueva versión de firma: 

	Versión de firma anterior: 1.313.2499.0

	Origen de actualización: Servidor de Microsoft Update

	Etapa de actualización: Buscar

	Ruta de origen: Default URL

	Tipo de firma: Antivirus

	Tipo de actualización: Completa

	Usuario: NT AUTHORITY\SYSTEM

	Versión de motor actual: 

	Versión de motor anterior: 1.1.16900.4

	Código del error: 0x80070422

	Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él.

Error: (04/30/2020 09:45:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eamonm no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/29/2020 09:13:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {752073A1-23F2-4396-85F0-8FDB879ED0ED} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/29/2020 09:07:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eamonm no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (04/28/2020 01:44:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Instalador de módulos de Windows se cerró con el siguiente error: 
La unidad no puede encontrar un área o pista específica en el disco.

Error: (04/28/2020 01:44:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Windows Update no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (04/28/2020 01:33:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eamonm no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


Windows Defender:
===================================
Date: 2013-08-24 14:53:40.447
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x80070002
Descripción de error:El sistema no puede encontrar el archivo especificado. 
Versión de firma:0.0.0.0
Versión de motor:0.0.0.0

==================== Información de la memoria =========================== 

BIOS: Phoenix Technologies LTD 4.06 02/25/2010
Placa base: Bangho M7x0K
Procesador: AMD Athlon(tm) Processor TF-20
Porcentaje de memoria en uso: 81%
RAM física total: 3838.11 MB
RAM física disponible: 708.94 MB
Virtual total: 7674.36 MB
Virtual disponible: 4533.45 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:129.15 GB) (Free:77.42 GB) NTFS
Drive d: (Nuevo vol) (Fixed) (Total:97.39 GB) (Free:65.6 GB) NTFS

\\?\Volume{bd586302-a8a0-11e2-84fe-806e6f6e6963}\ (System) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS
\\?\Volume{bd586303-a8a0-11e2-84fe-806e6f6e6963}\ (Recovery) (Fixed) (Total:5.86 GB) (Free:1.58 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: BA733082)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=5.9 GB) - (Type=27)
Partition 3: (Not Active) - (Size=129.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=97.4 GB) - (Type=0F Extended)

==================== Final de Addition.txt =======================

Hasta el momento de terminar de pasar las herramientas, continua consumiendo al 100% por momentos.

Hola.

La version de Windows 7 Ultimate es la que venia originalmente en esa maquina…??

Ese equipo tiene aproximadamente 11 años…??

Y el disco duro de 250Gb es el original de la maquina…??

Usas “Microsoft Security Essentials” como antivirus…??

Que otros antivirus tuviste en ese equipo y como los has desinstalado…??

Ademas quiero que sigas estos pasos :

  • Descarga Hard Disk Sentinel Professional Trial v5.50 (ZIP) :arrow_right: desde aquí (y guárdalo en tu escritorio).
  • Descomprime el fichero zip en una carpeta y ejecútalo.
  • Adjunta en tu próxima respuesta una captura de pantalla, donde se aprecie la pantalla principal de este programa, es decir, abre el programa y captura la primera pantalla que te dé. No des clic en ninguna opción dentro de él.
  • Si NO puedes hacer la instalación desde el modo normal de windows hazlo desde el modo seguro. :face_with_raised_eyebrow:

Para subir una imagen sigue estos pasos :arrow_right: Como Insertar una imagen.

Saludos.

Buenas, a todas las preguntas si, y lo del antivirus cuando llego a mis manos no tenia ninguno puesto, hago el examen y te envío el resultado. De igual manera ya había hecho un examen con el victoria hdd o ssd y no me arrojo resultados negativos, probare con esta herramienta.

Esta vez te estoy haciendo trabajar de mas Javier, jajaj, Saludos!!!

Bien, pues ahora sigue estos pasos :

:white_check_mark: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descarga la herramienta :arrow_right: ComboFix y guárdala en el escritorio. :arrow_left: Muy Importante.

:o: Nota :o: Antes de ejecutar ComboFix asegurarse de :

:white_check_mark: Cerrar TODOS los programas y/o ventanas abiertas. :negative_squared_cross_mark:

:white_check_mark: Si está utilizando Windows Vista o Windows 7/8. Haga click derecho sobre el archivo ComboFix.exe y seleccionar Ejecutar como Administrador. :negative_squared_cross_mark:

PASO 1:

  • Ejecutar el archivo ComboFix.exe
  • Aceptar los términos de licencia.
  • Si ComboFix avisa que hay una versión nueva del programa deberás descargala.
  • Si ComboFix pide instalar la Consola de Recuperación (Recovery Console) hay que instalarla.

PASO 2:

  • Copiar y pegar el reporte que ComboFix generó. Si no aparece lo encontraras en C:\ComboFix.txt
  • Comentar cómo sigue su sistema, en relación al problema planteado.

Importante :

  • Mientras esté trabajando ComboFix no ejecutar ningún software hasta que termine.
  • No reiniciar su PC, ComboFix lo hará de ser necesario.
  • Mientras ComboFix esté trabajando, no mover el mouse ya que pararía su proceso.

Saludos.

ComboFix 19-11-04.01 - BANGHO 02/05/2020  20:10:01.1.1 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.54.3082.18.3838.2683 [GMT -3:00]
Running from: c:\users\BANGHO\Downloads\ComboFix.exe
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
	/wow section - STAGE 3
.
.
(((((((((((((((((((((((((   Files Created from 2020-04-02 to 2020-05-02  )))))))))))))))))))))))))))))))
.
.
2020-05-02 23:43 . 2020-05-02 23:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2020-05-01 19:51 . 2020-05-01 19:51	--------	d-----w-	c:\users\BANGHO\AppData\Roaming\Hard Disk Sentinel
2020-05-01 19:32 . 2020-05-02 22:42	--------	d-----w-	c:\program files (x86)\Hard Disk Sentinel
2020-05-01 19:27 . 2020-04-25 13:23	14743880	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D2AC7987-5386-4B76-ADE0-767549019DDB}\mpengine.dll
2020-04-30 14:12 . 2020-04-30 14:12	--------	d-----w-	c:\users\BANGHO\AppData\Local\mbam
2020-04-30 14:10 . 2020-04-30 14:09	153312	----a-w-	c:\windows\system32\drivers\mbae64.sys
2020-04-30 14:09 . 2020-04-30 14:09	--------	d-----w-	c:\programdata\Malwarebytes
2020-04-30 14:06 . 2020-04-30 14:06	--------	d-----w-	c:\program files\Malwarebytes
2020-04-30 12:57 . 2020-04-25 13:23	14743880	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2020-04-29 12:43 . 2020-04-30 15:08	--------	d-----w-	C:\FRST
2020-04-28 16:25 . 2020-04-28 16:28	--------	d-----w-	c:\program files\Mozilla Firefox
2020-04-28 16:21 . 2020-04-28 16:33	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2020-04-28 16:04 . 2020-04-28 16:05	--------	d-----w-	c:\program files (x86)\PhotoScape
2020-04-28 15:58 . 2020-04-28 15:58	--------	d-----w-	c:\windows\SysWow64\Adobe
2020-04-28 15:56 . 2020-04-28 15:56	--------	d-----w-	c:\program files (x86)\Common Files\Java
2020-04-28 15:46 . 2020-04-28 15:46	--------	d-----w-	c:\program files (x86)\Common Files\Oracle
2020-04-28 15:46 . 2020-04-28 15:45	129088	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2020-04-28 15:45 . 2020-04-28 15:45	--------	d-----w-	c:\programdata\Oracle
2020-04-28 15:44 . 2020-04-28 15:44	--------	d-----w-	c:\program files\Java
2020-04-28 15:43 . 2020-04-28 15:43	--------	d-----w-	c:\users\BANGHO\AppData\Local\ElevatedDiagnostics
2020-04-28 15:41 . 2019-12-31 02:40	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2020-04-28 15:41 . 2019-12-31 02:32	142336	----a-w-	c:\windows\system32\poqexec.exe
2020-04-28 14:30 . 2020-04-28 14:32	--------	d-----w-	c:\users\BANGHO\AppData\Roaming\Zoom
2020-04-28 14:13 . 2019-07-13 08:14	334848	----a-w-	c:\windows\system32\sipnotify.exe
2020-04-25 20:35 . 2020-04-25 20:35	--------	d-----w-	c:\program files\Microsoft Silverlight
2020-04-25 20:35 . 2020-04-25 20:35	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2020-04-25 20:34 . 2017-04-27 22:50	3550208	----a-w-	c:\windows\SysWow64\D3DCompiler_47.dll
2020-04-25 20:34 . 2017-04-12 13:05	4296704	----a-w-	c:\windows\system32\D3DCompiler_47.dll
2020-04-25 20:10 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZEL.DLL
2020-04-25 20:10 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZE.DLL
2020-04-25 20:10 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\kbdgeoqw.dll
2020-04-25 20:10 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\kbdgeoqw.dll
2020-04-25 20:10 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\KBDAZEL.DLL
2020-04-25 14:28 . 2017-08-13 21:30	1401344	----a-w-	c:\windows\SysWow64\mmc.exe
2020-04-25 14:27 . 2017-11-07 16:13	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2020-04-25 14:27 . 2017-10-18 03:24	25600	----a-w-	c:\windows\system32\drivers\es-ES\usbport.sys.mui
2020-04-25 14:27 . 2017-07-21 14:26	282624	----a-w-	c:\windows\SysWow64\mstext40.dll
2020-04-25 14:27 . 2017-07-21 14:26	409600	----a-w-	c:\windows\SysWow64\msexch40.dll
2020-04-25 14:27 . 2017-01-11 18:01	2048	----a-w-	c:\windows\system32\msxml3r.dll
2020-04-25 14:27 . 2017-01-11 17:43	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2020-04-25 14:00 . 2019-02-21 03:39	338432	----a-w-	c:\windows\system32\conhost.exe
2020-04-25 13:56 . 2016-05-12 15:18	90624	----a-w-	c:\windows\SysWow64\olepro32.dll
2020-04-25 13:55 . 2016-07-07 15:08	46080	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2020-04-25 13:54 . 2016-03-16 18:50	156672	----a-w-	c:\windows\system32\mtxoci.dll
2020-04-25 13:54 . 2016-03-16 18:28	111616	----a-w-	c:\windows\SysWow64\mtxoci.dll
2020-04-25 13:54 . 2016-03-16 18:28	176128	----a-w-	c:\windows\SysWow64\msorcl32.dll
2020-04-25 13:54 . 2016-03-16 18:27	286720	----a-w-	c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2020-04-25 13:35 . 2016-08-29 15:04	3229696	----a-w-	c:\windows\explorer.exe
2020-04-25 13:35 . 2016-08-29 14:55	2972672	----a-w-	c:\windows\SysWow64\explorer.exe
2020-04-25 13:33 . 2016-03-09 19:00	396800	----a-w-	c:\windows\system32\webio.dll
2020-04-25 13:33 . 2016-03-09 18:40	316416	----a-w-	c:\windows\SysWow64\webio.dll
2020-04-25 13:26 . 2020-04-25 13:25	1094320	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2020-04-25 13:26 . 2020-04-25 13:26	1094320	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{17D7F4D8-EE8D-466E-82BD-EADB5E8A85A4}\gapaengine.dll
2020-04-25 13:14 . 2020-04-25 13:14	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2020-04-25 13:13 . 2020-04-25 13:14	--------	d-----w-	c:\program files\Microsoft Security Client
2020-04-25 13:04 . 2016-01-21 00:51	73664	----a-w-	c:\windows\system32\drivers\disk.sys
2020-04-25 13:04 . 2015-07-09 17:58	1632256	----a-w-	c:\windows\system32\dwmcore.dll
2020-04-25 13:04 . 2015-07-09 17:42	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2020-04-25 13:04 . 2015-07-09 17:58	82944	----a-w-	c:\windows\system32\dwmapi.dll
2020-04-25 13:04 . 2015-07-09 17:42	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2020-04-25 13:02 . 2015-07-23 00:02	879104	----a-w-	c:\windows\system32\tdh.dll
2020-04-25 13:02 . 2015-07-22 17:53	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2020-04-25 12:59 . 2016-02-05 18:56	20480	----a-w-	c:\windows\system32\tbs.dll
2020-04-25 12:59 . 2015-06-03 20:22	257864	----a-w-	c:\windows\SysWow64\wbem\Win32_Tpm.dll
2020-04-25 12:59 . 2015-06-03 20:21	451080	----a-w-	c:\windows\system32\fveapi.dll
2020-04-25 12:59 . 2015-06-03 20:21	312600	----a-w-	c:\windows\system32\wbem\Win32_Tpm.dll
2020-04-25 12:59 . 2016-02-05 20:23	8192	----a-w-	c:\windows\system32\drivers\es-ES\tpm.sys.mui
2020-04-25 12:59 . 2016-02-05 18:54	109568	----a-w-	c:\windows\system32\fveapibase.dll
2020-04-25 12:59 . 2016-02-05 17:33	15360	----a-w-	c:\windows\SysWow64\tbs.dll
2020-04-25 12:58 . 2016-02-03 18:07	91648	----a-w-	c:\windows\system32\drivers\USBSTOR.SYS
2020-04-25 12:58 . 2016-02-05 01:19	381440	----a-w-	c:\windows\system32\mfds.dll
2020-04-25 12:58 . 2016-02-04 18:41	296448	----a-w-	c:\windows\SysWow64\mfds.dll
2020-04-25 12:58 . 2015-10-29 17:50	342016	----a-w-	c:\windows\system32\apphelp.dll
2020-04-25 12:58 . 2015-10-29 17:50	72192	----a-w-	c:\windows\system32\aelupsvc.dll
2020-04-25 12:58 . 2015-10-29 17:49	295936	----a-w-	c:\windows\SysWow64\apphelp.dll
2020-04-25 12:58 . 2015-10-29 17:50	6656	----a-w-	c:\windows\system32\shimeng.dll
2020-04-25 12:58 . 2015-10-29 17:50	5120	----a-w-	c:\windows\SysWow64\shimeng.dll
2020-04-25 12:58 . 2015-10-29 17:50	23552	----a-w-	c:\windows\system32\sdbinst.exe
2020-04-25 12:58 . 2015-10-29 17:49	20992	----a-w-	c:\windows\SysWow64\sdbinst.exe
2020-04-25 12:58 . 2016-02-09 09:55	30720	----a-w-	c:\windows\system32\seclogon.dll
2020-04-25 12:47 . 2020-04-25 12:46	14743880	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C69E7010-2179-4552-8C3F-92215A12959D}\mpengine.dll
2020-04-25 11:23 . 2015-10-13 04:57	950720	----a-w-	c:\windows\system32\drivers\ndis.sys
2020-04-25 11:07 . 2016-01-22 06:18	961024	----a-w-	c:\windows\system32\CPFilters.dll
2020-04-25 11:07 . 2016-01-22 06:18	723968	----a-w-	c:\windows\system32\EncDec.dll
2020-04-25 11:07 . 2016-01-22 06:04	642048	----a-w-	c:\windows\SysWow64\CPFilters.dll
2020-04-25 11:07 . 2016-01-22 06:04	535040	----a-w-	c:\windows\SysWow64\EncDec.dll
2020-04-24 21:07 . 2020-04-24 21:08	--------	d-----w-	C:\bdd2992e1e363bdb1ebd4a122c50
2020-04-24 20:40 . 2015-11-03 19:04	241664	----a-w-	c:\windows\system32\els.dll
2020-04-24 20:40 . 2015-11-03 18:55	179712	----a-w-	c:\windows\SysWow64\els.dll
2020-04-24 10:22 . 2020-04-24 10:22	--------	d-----w-	c:\programdata\Licenses
2020-04-23 15:24 . 2020-04-24 11:15	--------	d-----w-	c:\program files (x86)\Trojan Remover
2020-04-22 02:57 . 2020-04-22 02:57	--------	d-----w-	c:\users\BANGHO\AppData\Local\ZHP
2020-04-22 02:57 . 2020-04-25 12:48	--------	d-----w-	c:\users\BANGHO\AppData\Roaming\ZHP
2020-04-21 17:33 . 2020-04-22 01:52	--------	d-----w-	C:\AdwCleaner
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-04-28 16:13 . 2013-04-23 01:05	842296	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2020-04-28 16:13 . 2013-04-23 01:05	175160	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2020-04-25 22:56 . 2013-04-20 17:58	121542864	-c--a-w-	c:\windows\system32\MRT.exe
2020-04-01 23:49 . 2013-04-20 12:31	744808	------w-	c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2019-12-11 646160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys;c:\windows\SYSNATIVE\DRIVERS\dmvsc.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys;c:\windows\SYSNATIVE\DRIVERS\massfilter.sys [x]
R3 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Inspección de red de Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 RapportHades64;RapportHades64;c:\windows\System32\Drivers\RapportHades64.sys;c:\windows\SYSNATIVE\Drivers\RapportHades64.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 RapportAegle64;RapportAegle64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [x]
S1 RapportCerberus_1950099;RapportCerberus_1950099;c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys;c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 Rezip;Rezip;c:\windows\SysWOW64\Rezip.exe;c:\windows\SysWOW64\Rezip.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2020-03-05 22:10	328240	----a-w-	c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com.ar/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: bancogalicia.com.ar\wsec06
TCP: DhcpNameServer = 190.211.167.34 190.211.167.35 8.8.8.8
DPF: {83202D14-0AF7-493D-BBD8-53194FE0BFDB} - hxxps://wsec06.bancogalicia.com.ar/Content/Components/GaliciaEnroll/GalCryptoComponents1020.cab
DPF: {D37BB1D6-A878-4721-9A64-77E6C9D44865} - hxxps://wsec06.bancogalicia.com.ar/Content/Components/GaliciaCryptoClient/GalCryptoComponents1020.cab
DPF: {EA2267D1-FC6B-4268-A2B7-0B556F9BA2A7} - hxxps://wsec06.bancogalicia.com.ar/scripts/components/GalVerifReq/GalVerifReq.CAB
FF - ProfilePath - c:\users\BANGHO\AppData\Roaming\Mozilla\Firefox\Profiles\2qfw1o0i.default-release\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM_Wow6432Node-ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-446854848-2789266872-518623571-1000\Software\Microsoft\SystemCertificates\My*Ä*fr*MpConfý;ú
7]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_363_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_363_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_363_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_32_0_0_363_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_363.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.32"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_363.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_363.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_32_0_0_363.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2020-05-02  20:53:34
ComboFix-quarantined-files.txt  2020-05-02 23:53
.
Pre-Run: 82.094.956.544 bytes libres
Post-Run: 81.665.662.976 bytes libres
.
- - End Of File - - 0C59D5E7A998FD98C4505E61157B5679
A36C5E4F47E84449FF07ED3517B43A31

Después de unas hs. de uso se experimenta una leve mejoría aunque aun me marca cpu al 100% por momentos.

Bien y ahora sigue estos pasos :

:one: Abre el Notepad (Bloc de notas) :

  • En Windows XP Ve a Inicio >> Selecciona Ejecutar >> Escribe dentro Notepad.
  • En Windows Vista y/o Windows 7/8 Ve a Inicio >> Todos los programas >> Accesorios >> Selecciona Ejecutar >> Escribe dentro Notepad.

:two: Ahora copia y pega la información, del interior del siguiente recuadro, dentro del Notepad.

KillAll::
ClearJavaCache::
RegLock::
[HKEY_USERS\S-1-5-21-446854848-2789266872-518623571-1000\Software\Microsoft\SystemCertificates\My*Ä*fr*MpConfý;ú
7]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

:three: Guarda este archivo con el nombre CFScript.txt dentro del Escritorio.

:four: Arrastra y suelta el archivo CFScript.txt dentro del archivo ComboFix.exe como muestra la animación de aquí abajo. Esto activara ComboFix nuevamente.

CFScript

Súbenos el nuevo informe de ComboFix para poder revisarlo.

Saludos.

ComboFix 19-11-04.01 - BANGHO 06/05/2020   9:27.2.1 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.54.3082.18.3838.2130 [GMT -3:00]
Running from: c:\users\BANGHO\Desktop\ComboFix.exe
Command switches used :: c:\users\BANGHO\Desktop\CFScript.txt
AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Microsoft Security Essentials *Disabled/Updated* {71A27EC9-3DA6-45FC-60A7-004F623C6189}
SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Microsoft Security Essentials *Disabled/Updated* {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
	/wow section - STAGE 47
El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.
El sistema no puede encontrar el archivo LockedB.
El sistema no puede encontrar el archivo lockedB.
El sistema no puede encontrar el archivo LockedB.
grep: temp2401: No such file or directory
El sistema no puede encontrar el archivo LockedB.
Acceso denegado.
.
.
(((((((((((((((((((((((((   Files Created from 2020-04-06 to 2020-05-06  )))))))))))))))))))))))))))))))
.
.
2020-05-06 13:39 . 2020-05-06 13:39	0	---ha-w-	c:\users\BANGHO\AppData\Local\BITA8CC.tmp
2020-05-06 13:32 . 2020-05-06 13:32	--------	d-----w-	c:\users\Default\AppData\Local\temp
2020-05-06 13:00 . 2020-04-27 14:00	14835816	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{942B44BC-4233-4A82-B2E2-1B77E88B665F}\mpengine.dll
2020-05-06 12:53 . 2020-04-27 14:00	14835816	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2020-05-03 00:27 . 2020-05-03 00:28	--------	d-----w-	c:\program files\WinRAR
2020-05-01 19:51 . 2020-05-01 19:51	--------	d-----w-	c:\users\BANGHO\AppData\Roaming\Hard Disk Sentinel
2020-05-01 19:32 . 2020-05-02 22:42	--------	d-----w-	c:\program files (x86)\Hard Disk Sentinel
2020-04-30 14:12 . 2020-04-30 14:12	--------	d-----w-	c:\users\BANGHO\AppData\Local\mbam
2020-04-30 14:10 . 2020-04-30 14:09	153312	----a-w-	c:\windows\system32\drivers\mbae64.sys
2020-04-30 14:09 . 2020-04-30 14:09	--------	d-----w-	c:\programdata\Malwarebytes
2020-04-30 14:06 . 2020-04-30 14:06	--------	d-----w-	c:\program files\Malwarebytes
2020-04-29 12:43 . 2020-04-30 15:08	--------	d-----w-	C:\FRST
2020-04-28 16:25 . 2020-04-28 16:28	--------	d-----w-	c:\program files\Mozilla Firefox
2020-04-28 16:21 . 2020-04-28 16:33	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2020-04-28 16:04 . 2020-04-28 16:05	--------	d-----w-	c:\program files (x86)\PhotoScape
2020-04-28 15:58 . 2020-04-28 15:58	--------	d-----w-	c:\windows\SysWow64\Adobe
2020-04-28 15:56 . 2020-04-28 15:56	--------	d-----w-	c:\program files (x86)\Common Files\Java
2020-04-28 15:46 . 2020-04-28 15:46	--------	d-----w-	c:\program files (x86)\Common Files\Oracle
2020-04-28 15:46 . 2020-04-28 15:45	129088	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2020-04-28 15:45 . 2020-04-28 15:45	--------	d-----w-	c:\programdata\Oracle
2020-04-28 15:44 . 2020-04-28 15:44	--------	d-----w-	c:\program files\Java
2020-04-28 15:43 . 2020-04-28 15:43	--------	d-----w-	c:\users\BANGHO\AppData\Local\ElevatedDiagnostics
2020-04-28 15:41 . 2019-12-31 02:40	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2020-04-28 15:41 . 2019-12-31 02:32	142336	----a-w-	c:\windows\system32\poqexec.exe
2020-04-28 14:30 . 2020-04-28 14:32	--------	d-----w-	c:\users\BANGHO\AppData\Roaming\Zoom
2020-04-28 14:13 . 2019-07-13 08:14	334848	----a-w-	c:\windows\system32\sipnotify.exe
2020-04-25 20:35 . 2020-04-25 20:35	--------	d-----w-	c:\program files\Microsoft Silverlight
2020-04-25 20:35 . 2020-04-25 20:35	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2020-04-25 20:34 . 2017-04-27 22:50	3550208	----a-w-	c:\windows\SysWow64\D3DCompiler_47.dll
2020-04-25 20:34 . 2017-04-12 13:05	4296704	----a-w-	c:\windows\system32\D3DCompiler_47.dll
2020-04-25 20:10 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZEL.DLL
2020-04-25 20:10 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZE.DLL
2020-04-25 20:10 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\kbdgeoqw.dll
2020-04-25 20:10 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\kbdgeoqw.dll
2020-04-25 20:10 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\KBDAZEL.DLL
2020-04-25 14:28 . 2017-08-13 21:30	1401344	----a-w-	c:\windows\SysWow64\mmc.exe
2020-04-25 14:27 . 2017-11-07 16:13	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2020-04-25 14:27 . 2017-10-18 03:24	25600	----a-w-	c:\windows\system32\drivers\es-ES\usbport.sys.mui
2020-04-25 14:27 . 2017-07-21 14:26	282624	----a-w-	c:\windows\SysWow64\mstext40.dll
2020-04-25 14:27 . 2017-07-21 14:26	409600	----a-w-	c:\windows\SysWow64\msexch40.dll
2020-04-25 14:27 . 2017-01-11 18:01	2048	----a-w-	c:\windows\system32\msxml3r.dll
2020-04-25 14:27 . 2017-01-11 17:43	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2020-04-25 14:00 . 2019-02-21 03:39	338432	----a-w-	c:\windows\system32\conhost.exe
2020-04-25 13:56 . 2016-05-12 15:18	90624	----a-w-	c:\windows\SysWow64\olepro32.dll
2020-04-25 13:55 . 2016-07-07 15:08	46080	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2020-04-25 13:54 . 2016-03-16 18:50	156672	----a-w-	c:\windows\system32\mtxoci.dll
2020-04-25 13:54 . 2016-03-16 18:28	111616	----a-w-	c:\windows\SysWow64\mtxoci.dll
2020-04-25 13:54 . 2016-03-16 18:28	176128	----a-w-	c:\windows\SysWow64\msorcl32.dll
2020-04-25 13:54 . 2016-03-16 18:27	286720	----a-w-	c:\program files (x86)\Common Files\System\Ole DB\msdaora.dll
2020-04-25 13:35 . 2016-08-29 15:04	3229696	----a-w-	c:\windows\explorer.exe
2020-04-25 13:35 . 2016-08-29 14:55	2972672	----a-w-	c:\windows\SysWow64\explorer.exe
2020-04-25 13:33 . 2016-03-09 19:00	396800	----a-w-	c:\windows\system32\webio.dll
2020-04-25 13:33 . 2016-03-09 18:40	316416	----a-w-	c:\windows\SysWow64\webio.dll
2020-04-25 13:26 . 2020-04-25 13:25	1094320	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2020-04-25 13:26 . 2020-04-25 13:26	1094320	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{17D7F4D8-EE8D-466E-82BD-EADB5E8A85A4}\gapaengine.dll
2020-04-25 13:14 . 2020-04-25 13:14	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2020-04-25 13:13 . 2020-04-25 13:14	--------	d-----w-	c:\program files\Microsoft Security Client
2020-04-25 13:04 . 2016-01-21 00:51	73664	----a-w-	c:\windows\system32\drivers\disk.sys
2020-04-25 13:04 . 2015-07-09 17:58	1632256	----a-w-	c:\windows\system32\dwmcore.dll
2020-04-25 13:04 . 2015-07-09 17:42	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2020-04-25 13:04 . 2015-07-09 17:58	82944	----a-w-	c:\windows\system32\dwmapi.dll
2020-04-25 13:04 . 2015-07-09 17:42	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2020-04-25 13:02 . 2015-07-23 00:02	879104	----a-w-	c:\windows\system32\tdh.dll
2020-04-25 13:02 . 2015-07-22 17:53	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2020-04-25 12:59 . 2016-02-05 18:56	20480	----a-w-	c:\windows\system32\tbs.dll
2020-04-25 12:59 . 2015-06-03 20:22	257864	----a-w-	c:\windows\SysWow64\wbem\Win32_Tpm.dll
2020-04-25 12:59 . 2015-06-03 20:21	451080	----a-w-	c:\windows\system32\fveapi.dll
2020-04-25 12:59 . 2015-06-03 20:21	312600	----a-w-	c:\windows\system32\wbem\Win32_Tpm.dll
2020-04-25 12:59 . 2016-02-05 20:23	8192	----a-w-	c:\windows\system32\drivers\es-ES\tpm.sys.mui
2020-04-25 12:59 . 2016-02-05 18:54	109568	----a-w-	c:\windows\system32\fveapibase.dll
2020-04-25 12:59 . 2016-02-05 17:33	15360	----a-w-	c:\windows\SysWow64\tbs.dll
2020-04-25 12:58 . 2016-02-03 18:07	91648	----a-w-	c:\windows\system32\drivers\USBSTOR.SYS
2020-04-25 12:58 . 2016-02-05 01:19	381440	----a-w-	c:\windows\system32\mfds.dll
2020-04-25 12:58 . 2016-02-04 18:41	296448	----a-w-	c:\windows\SysWow64\mfds.dll
2020-04-25 12:58 . 2015-10-29 17:50	342016	----a-w-	c:\windows\system32\apphelp.dll
2020-04-25 12:58 . 2015-10-29 17:50	72192	----a-w-	c:\windows\system32\aelupsvc.dll
2020-04-25 12:58 . 2015-10-29 17:49	295936	----a-w-	c:\windows\SysWow64\apphelp.dll
2020-04-25 12:58 . 2015-10-29 17:50	6656	----a-w-	c:\windows\system32\shimeng.dll
2020-04-25 12:58 . 2015-10-29 17:50	5120	----a-w-	c:\windows\SysWow64\shimeng.dll
2020-04-25 12:58 . 2015-10-29 17:50	23552	----a-w-	c:\windows\system32\sdbinst.exe
2020-04-25 12:58 . 2015-10-29 17:49	20992	----a-w-	c:\windows\SysWow64\sdbinst.exe
2020-04-25 12:58 . 2016-02-09 09:55	30720	----a-w-	c:\windows\system32\seclogon.dll
2020-04-25 12:47 . 2020-04-25 12:46	14743880	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C69E7010-2179-4552-8C3F-92215A12959D}\mpengine.dll
2020-04-25 11:23 . 2015-10-13 04:57	950720	----a-w-	c:\windows\system32\drivers\ndis.sys
2020-04-25 11:07 . 2016-01-22 06:18	961024	----a-w-	c:\windows\system32\CPFilters.dll
2020-04-25 11:07 . 2016-01-22 06:18	723968	----a-w-	c:\windows\system32\EncDec.dll
2020-04-25 11:07 . 2016-01-22 06:04	642048	----a-w-	c:\windows\SysWow64\CPFilters.dll
2020-04-25 11:07 . 2016-01-22 06:04	535040	----a-w-	c:\windows\SysWow64\EncDec.dll
2020-04-24 21:07 . 2020-04-24 21:08	--------	d-----w-	C:\bdd2992e1e363bdb1ebd4a122c50
2020-04-24 20:40 . 2015-11-03 19:04	241664	----a-w-	c:\windows\system32\els.dll
2020-04-24 20:40 . 2015-11-03 18:55	179712	----a-w-	c:\windows\SysWow64\els.dll
2020-04-24 10:22 . 2020-04-24 10:22	--------	d-----w-	c:\programdata\Licenses
2020-04-23 15:24 . 2020-04-24 11:15	--------	d-----w-	c:\program files (x86)\Trojan Remover
2020-04-22 02:57 . 2020-04-22 02:57	--------	d-----w-	c:\users\BANGHO\AppData\Local\ZHP
2020-04-22 02:57 . 2020-04-25 12:48	--------	d-----w-	c:\users\BANGHO\AppData\Roaming\ZHP
2020-04-21 17:33 . 2020-04-22 01:52	--------	d-----w-	C:\AdwCleaner
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-04-28 16:13 . 2013-04-23 01:05	842296	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2020-04-28 16:13 . 2013-04-23 01:05	175160	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2020-04-25 22:56 . 2013-04-20 17:58	121542864	-c--a-w-	c:\windows\system32\MRT.exe
2020-04-01 23:49 . 2013-04-20 12:31	744808	------w-	c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2019-12-11 646160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys;c:\windows\SYSNATIVE\DRIVERS\dmvsc.sys [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe;c:\program files (x86)\Google\Chrome\Application\81.0.4044.129\elevation_service.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys;c:\windows\SYSNATIVE\DRIVERS\massfilter.sys [x]
R3 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe;c:\program files\Malwarebytes\Anti-Malware\MBAMService.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Inspección de red de Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 RapportHades64;RapportHades64;c:\windows\System32\Drivers\RapportHades64.sys;c:\windows\SYSNATIVE\Drivers\RapportHades64.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S1 RapportAegle64;RapportAegle64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [x]
S1 RapportCerberus_1950099;RapportCerberus_1950099;c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys;c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbguard.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 Rezip;Rezip;c:\windows\SysWOW64\Rezip.exe;c:\windows\SysWOW64\Rezip.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe;c:\program files (x86)\Firebird\Firebird_2_1\bin\fbserver.exe [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys;c:\windows\SYSNATIVE\DRIVERS\JME.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2020-03-05 22:10	328240	----a-w-	c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-11-14 1353680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com.ar/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
Trusted Zone: bancogalicia.com.ar\wsec06
TCP: DhcpNameServer = 190.211.167.34 190.211.167.35 8.8.8.8
DPF: {83202D14-0AF7-493D-BBD8-53194FE0BFDB} - hxxps://wsec06.bancogalicia.com.ar/Content/Components/GaliciaEnroll/GalCryptoComponents1020.cab
DPF: {D37BB1D6-A878-4721-9A64-77E6C9D44865} - hxxps://wsec06.bancogalicia.com.ar/Content/Components/GaliciaCryptoClient/GalCryptoComponents1020.cab
DPF: {EA2267D1-FC6B-4268-A2B7-0B556F9BA2A7} - hxxps://wsec06.bancogalicia.com.ar/scripts/components/GalVerifReq/GalVerifReq.CAB
FF - ProfilePath - c:\users\BANGHO\AppData\Roaming\Mozilla\Firefox\Profiles\2qfw1o0i.default-release\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-446854848-2789266872-518623571-1000\Software\Microsoft\SystemCertificates\My*Ä*fr*MpConfý;ú
7]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_363_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_32_0_0_363_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
.
**************************************************************************
.
Completion time: 2020-05-06  10:50:41 - machine was rebooted
ComboFix-quarantined-files.txt  2020-05-06 13:50
ComboFix2.txt  2020-05-02 23:53
.
Pre-Run: 83.060.293.632 bytes libres
Post-Run: 82.190.151.680 bytes libres
.
- - End Of File - - 6132F2727EA9848773BF15F7F1FFA9D2
A36C5E4F47E84449FF07ED3517B43A31

Muy buenas!! alguna idea sobre como seguir?

Hola.

Como sigue tu problema…??

Sigue igual dando 100%

Hola.

Bien vamos a realizar una revisión más :arrow_right: Manual de HitmanPro y cuando termines REINICIAS el equipo y nos pones el informe para valorarlo.

Saludos.

Saludos, podes dar de baja sin solución al hilo, porque al momento de la respuesta ya no tenia mas conmigo el equipo había que devolverlo, gracias de todos modos!!

Perfecto @lapcsos, entonces solo queda dar el tema por acabado.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Terminado.

Saludos, Javier.