Eliminar PUP y troyano

Hola, buenas tardes a todos, escribo porque desde esta mañana he notado que mi Chrome me redirigía en mis búsquedas a búsquedas diferentes a las que estaba realizando. He instalado y analizado el ordenador con CCleaner, MBA, Spyhunter 5 (al ser de pago solo he podido analizar), ADW y alguna más de las aplicaciones que recomendáis en mensajes del foro a problemas similares. También he pasado varias veces, siguiendo las instrucciones, el programa ZHP, pero no sé por qué al analizar de nuevo vuelven a aparecer los mismos problemas. Parece que Google ya no redirige, pero cuando navego el MBA muestra bloqueos a dominios al abrir cualquier página: indica que tengo un troyano: yourjavascript .com en Chrome y un PUP: lauberyrietetechnology .com. No sé cómo solucionar el problema.

______ resultados ZHP ________________
~ ZHPCleaner v2019.8.4.116 by Nicolas Coolman (2019/08/04)
~ Run by Diana (Administrator)  (07/08/2019 14:16:24)
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\diana\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\diana\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 18362)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (21)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (6)
MOVIDO carpeta: C:\Users\diana\AppData\Local\Temp\WDDesktopIconOverlay_PrivateShare.ico    =>PUP.Optional.ADON
MOVIDO carpeta: C:\Users\diana\AppData\Local\Temp\WDDesktopIconOverlay_PublicShare.ico    =>PUP.Optional.ADON
MOVIDO carpeta: C:\Users\diana\AppData\Local\Temp\WDDesktopIconOverlay_Synced.ico    =>PUP.Optional.ADON
MOVIDO carpeta: C:\Users\diana\AppData\Local\Temp\WDDesktopIconOverlay_SyncedAndShared.ico    =>PUP.Optional.ADON
MOVIDO carpeta: C:\Users\diana\AppData\Local\Temp\WDDesktopIconOverlay_SyncFailed.ico    =>PUP.Optional.ADON
MOVIDO carpeta: C:\Users\diana\AppData\Local\Temp\WDDesktopIconOverlay_Syncing.ico    =>PUP.Optional.ADON


---\\  Registro ( Claves, Valores, Datos) (1)
BORRADOS clave^: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet []  =>HackTool.WinActivator


---\\  Resumen de elementos en su estación de trabajo (2)
https://www.nicolascoolman.com/fr/adware-adon/  =>PUP.Optional.ADON
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/  =>HackTool.WinActivator


---\\ Limpieza adicional. (6)
~ Clave de registro Tracing borrados (6)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ El sistema ha sido reiniciado.


---\\ STATISTIQUES
~ Items escaneado : 1903
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 6/13
~ Ahorro de espacio (bytes) : 0


~ End of clean in 00h00mn09s

---\\  Reporte (2)
ZHPCleaner-[S]-07082019-14_13_15.txt
ZHPCleaner-[R]-07082019-14_16_33.txt

Hola, y bienvenido.

Pega el reporte de Malwarebytes para revisarlo.

Saludos.

Buenas tardes, muchísimas gracias por la bienvenida y por contestar tan rápido.

Pego el informe de Malwarebytes, pero no encuentra nada, dice que está todo limpio…

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/8/19
Hora del análisis: 15:33
Archivo de registro: 01ae12cc-b918-11e9-a139-4cedfb0f4dd4.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11898
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.267)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-HFM2SG8A\Diana

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 276314
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 38 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

ahora sigue los siguientes pasos detalladamente por favor.

1) Ejecuta y actualiza Malwarebytes’ Anti-Malware.

• Para instalar las ultimas definiciones ( actualizaciones ) de virus realiza click en el boton azul “ actual ” de la ventana principal .
• Para instalar las ultimas actualizaciones del programa y corregir otros errores ve a y click en >>

Si tienes mas duda tienes el Manual Malwarebytes , para que sepas usarlo y configurarlo.

• Realiza un Análisis Personalizado, haciendo click en la sección “ Analizar ” y seguidamente haciendo click “ Analisis personalizado ” en y luego click en “ Configurar análisis .
• Marcaras las unidades y seguidamente las siguientes casillas:

1. Analizar objetos en memoria
2. Analizar configuracion de inicio y registro
3. Analizar dentro de los archivos
4. Analisis en busca de rootkits

• Pulsar en “Eliminar Seleccionados” para enviarlo a la cuarentena y Reinicias el sistema.
• Para acceder posteriormente al informe del análisis : Informes >> Registro de análisis >> Pulsar en >> Exportar >> Copiar al Portapapeles , y lo pegas en tu respuesta

2) Descarga Adwcleaner en el escritorio. y ejecutalo.

• Desactiva tu antivirus Como deshabilitar temporalmente un antivirus y cualquier programa de seguridad.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona “Ejecutar como Administrador.”)
• Pulsar en el botón Analizar Ahora, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Iniciar Reparacion.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Si no encuentra nada, pulsamos “Omitir Reparación”
• El log lo encontramos en la pestaña “Informes”, volviendo a abrir el programa, si es necesario o en"C:\AdwCleaner\Logs\AdwCleaner[C0].txt"

Puedes mirar su manual >> Manual de Adwcleaner

3) Descarga Ccleaner . Aqui tienes manual para que sepas configurar y usarlo.

Instalalo y ejecútalo. En la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine > clic en ejecutar limpiador. Clic en la pestaña Registro > clic en buscar problemas esperas que termine > clic en Reparar Seleccionadas y haces una copia de seguridad.

Pega los reportes de Malwarebytes, AdwCleaner y comentas como va el problema.

NOTA IMPORTANTE

Por Favor, mientras estemos desinfectando tu maquina o terminando de hacerlo :

• No realices pasos/acciones que NOSOTROS no te hayamos indicado
• No descargues NADA de Internet y/o conectes dispositivos externos a tu equipo.
• No instales NADA(programas/software/complementos/extensiones del navegador…)
• No ejecutes otros programas de seguridad (Antivirus, Antimalware, ANTINADA…)
• No realices por tu cuenta otros procedimientos.
• Usa tu equipo EXCLUSIVAMENTE para desinfectarlo siguiendo nuestras indicaciones.

Muy Importante Coloca el reporte pedido por el usuario que lo asiste como se muestra en la siguiente imagen:

report.png703×272 3.73 KB

Saludos

Hola de nuevo, Facundo

He seguido tus instrucciones y pego aquí los reportes. Por ahora siguen saliendo los mismos avisos… . Muchas gracias de antemano.

REPORTE DE MALWAREBYTES

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 6/8/19
Hora del análisis: 20:57
Archivo de registro: fcf7b770-b87b-11e9-a1ec-4cedfb0f4dd4.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11888
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.885)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-HFM2SG8A\Diana

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 274734
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 42 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

REPORTE DE ADW

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-08-07.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-07-2019
# Duration: 00:00:01
# OS:       Windows 10 Home
# Cleaned:  15
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.ASUSGiftBox
Deleted       Preinstalled.ASUSHello
Deleted       Preinstalled.ASUSLiveUpdate
Not Deleted   Preinstalled.ASUSSplendid


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1430 octets] - [06/08/2019 19:56:33]
AdwCleaner[S01].txt - [1491 octets] - [07/08/2019 21:47:19]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Hola, realizaste mal el paso de Malwarebytes… era un Análisis personalizado, no el de Amenazas… repite paso a paso como indico abajo.

Ejecuta Malwarebytes >> Analizar >> Análisis Personalizado >> click en Configurar Análisis >> Marca todas las casillas de la parte izquierda, incluida la de Rootkit >> Marca todas las unidades >> click en Analizar ahora. Termina y me pegas el reporte.

Hola de nuevo, disculpa, porque copié el reporte del análisis que no era. Perdón… ahí va el bueno.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/8/19
Hora del análisis: 19:03
Archivo de registro: 3e9148cc-b935-11e9-aba3-4cedfb0f4dd4.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11900
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.267)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-HFM2SG8A\Diana

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 687974
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 2 hr, 37 min, 18 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
Generic.Malware/Suspicious, C:\USERS\DIANA\DOCUMENTS\PROGRAMAS\KMSAUTO NET\KMSAUTO NET.EXE, En cuarentena, [0], [392686],1.0.11900
Generic.Malware/Suspicious, C:\USERS\DIANA\DOCUMENTS\PROGRAMAS\KMSAUTO NET.ZIP, En cuarentena, [0], [392686],1.0.11900

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Siguen apareciendo los avisos? Deseas un analisis a mas profundidad para ver si no tienes algo mas?

Hola Facundo, sí, me siguen saliendo los mismos avisos que comenté al inicio. ¿Qué podría hacer?

Realiza un escaneo con ESET Online Scanner , leyendo su [manual (Manual de Eset Online Scanner ), y con Kaspersky Virus Removal Tool (Manual de Kaspersky Virus Removal Tool ) y me pegas sus reporte, dentro del manual encontraras donde buscar su reporte.

Buenos días,

Pego los reportes, el de Kaspersky no he sabido copiarlo, por lo que lo subo en foto. Uno de los mensajes parece que ha dejado de aparecer, el de laubeyrietechnology. El de yourjavascript parece que continúa…

08/08/2019 18:53:26
Archivos explorados: 495965
Archivos infectados: 4
Amenazas eliminadas: 2
Tiempo total de exploración 00:58:39
Estado de la exploración: Finalizado
C:\Program Files\AVG\Antivirus\setup\aswOfferTool.exe	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Program Files\AVG\Antivirus\setup\offertool_x64_ais-c1a.vpx	Win32/Bundled.Toolbar.Google.D aplicación potencialmente no segura	error al eliminando (Acceso denegado)

C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00057e	JS/Adware.Revizer.E aplicación	eliminado

C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0007fc	JS/Adware.Revizer.E aplicación	eliminado

KVRT.png1375×352 15.7 KB

Hola @galateadelasesferas y con permiso.

Los problemas que comentas SON SIEMPRE con TU navegador Chrome únicamente…??

Y dinos también SI tienes ese navegador(Chrome) con la opción de “Sincronización” activada.??

Saludos.

Hola Javier, gracias por tu mensaje.

He comprobado utilizando el Firefox y me sale el mismo mensaje. El de yourjavascript. Y sí, tengo lo de la sincronización activado.

Un saludo.

Hola.

Bien… pues lo primero que debes hacer es desactivar la “sincronización” de cualquier navegador donde la uses y lo tengas activado(y de momento déjala sin activar) y una vez que lo hayas desactivado realiza estos pasos :

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar )

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

Hola Javierm este es el Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by Diana (11-08-2019 13:23:07)
Running from C:\Users\diana\Desktop
Windows 10 Home Version 1903 18362.267 (X64) (2019-08-06 19:11:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1644060488-1261626688-4119585121-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1644060488-1261626688-4119585121-503 - Limited - Disabled)
Diana (S-1-5-21-1644060488-1261626688-4119585121-1001 - Administrator - Enabled) => C:\Users\diana
Invitado (S-1-5-21-1644060488-1261626688-4119585121-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1644060488-1261626688-4119585121-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 31.1.10.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.1.10.0 - NVIDIA Corporation) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
ASUS Sync Drivers (HKLM\...\{086FE7AE-1622-4617-92B8-F54FAAB372D0}) (Version: 2.3.5715 - Screenovate Technologies Ltd.)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.6.2 - ICEpower a/s)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.6.3098 - AVG Technologies)
calibre (HKLM-x32\...\{71640766-157F-4DE8-B45F-69B76B0F5FCE}) (Version: 3.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.5.0.20723 - Foxit Software Inc.)
Galería de fotos (HKLM-x32\...\{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.4.10500.5526 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 24.20.100.6286 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.7.9.1027 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation)
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1644060488-1261626688-4119585121-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{4cadd82e-f9f2-4f69-bcfd-a0b929d8e6e2}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{F25C8769-16B6-4B19-BB0B-76F213829AC6}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Panel de control de NVIDIA 388.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.73 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
ScreenHunter 7.0 Free (HKLM-x32\...\ScreenHunter 7.0 Free_is1) (Version: 7.0.333 - Wisdom Software Inc.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WD Desktop App 1.5.0.87 (HKLM-x32\...\{2f9f5d2c-2da0-417e-bbff-8787105a70f2}) (Version: 1.5.0.87 - Western Digital Technologies, Inc.) Hidden
WD Desktop App 1.5.0.87 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 1.5.0.87 - Western Digital Technologies, Inc.) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.0.384 - Western Digital Technologies, Inc.)
WD Drive Agent (HKLM-x32\...\{10BD0B99-6C39-4246-85DA-E4AA34B7707E}) (Version: 1.1.0.25 - Western Digital Technologies, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
ZenAnywhere (HKLM\...\{854AE3FE-43FE-4F8E-A9A1-107F4B117BF3}) (Version: 4.5.29 - Orbweb Inc.) Hidden
ZenAnywhere (HKLM-x32\...\ZenAnywhere 4.5.29) (Version: 4.5.29 - Orbweb Inc.)

Packages:
=========
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.1.7.0_x64__qmba6cd70vzyy [2019-04-25] (ASUSTeK COMPUTER INC.)
ASUS Keyboard Hotkeys -> C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.10.0_x86__qmba6cd70vzyy [2018-09-19] (ASUSTeK COMPUTER INC.)
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.1.23.0_x64__dxp88312j1fgj [2019-06-14] (ICEpower)
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2002.0_x64__rz1tebttyb220 [2019-08-09] (Dolby Laboratories)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2018-08-09] (ASUSTeK COMPUTER INC.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2018-10-26] (Microsoft Platform Extensions)
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.11901.20176.0_x86__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_2.0.21.0_x64__qmba6cd70vzyy [2019-07-20] (ASUSTeK COMPUTER INC.)
PhotoDirector8 for ASUS -> C:\Program Files\WindowsApps\F5080380.PhotoDirector8forASUS_8.0.4020.0_x64__tfv7c950n6xcr [2018-08-09] (CyberLink  Corp.)
PowerDirector14 for ASUS -> C:\Program Files\WindowsApps\F5080380.PowerDirector14forASUS_14.0.5226.0_x64__tfv7c950n6xcr [2018-08-09] (CyberLink  Corp.)
SmartAudio 2 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio2_1.1.41.0_x86__qt57b6kdvhcfw [2019-01-29] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
WPS Office -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_10.2.5838.0_x86__924xes6e8q1tw [2019-03-05] (Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SSODL: WDFSMountNotificator-wdfsconnect2017 - {758E0C1D-D6DF-4945-94BF-0DAA2046B076} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {758E0C1D-D6DF-4945-94BF-0DAA2046B076} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {758E0C1D-D6DF-4945-94BF-0DAA2046B076} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {758E0C1D-D6DF-4945-94BF-0DAA2046B076} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed]
ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [  WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {2f14ea59-b6ad-32d6-b690-1cde278ea7d7} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [WDDesktopContextMenu] -> {2f14ea59-b6ad-32d6-b690-1cde278ea7d7} => C:/Program Files/WD Desktop App/kda.DLL [2018-04-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxDTCM.dll [2018-08-31] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Awesome Screenshot App.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=mfpiaehgjbbfednooihadalhehabhcjo
ShortcutWithArgument: C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Google Keep_ notas y listas.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\UNIR.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=mpcagfiabbofdemnmoclkjeejfcmajje
ShortcutWithArgument: C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh

==================== Loaded Modules (Whitelisted) ==============

2019-01-13 14:22 - 2016-04-26 16:10 - 000116908 _____ () [File not signed] C:\Program Files (x86)\ScreenHunter 7.0 Free\libgcc_s_dw2-1.dll
2018-12-03 22:19 - 2018-12-03 22:19 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\24673895.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\24673895.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1644060488-1261626688-4119585121-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2018-12-03 18:39 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Calibre2\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807822\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807842\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\diana\Documents\IMG_7356b.jpg
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863\Control Panel\Desktop\\Wallpaper -> C:\Users\diana\Documents\IMG_7356b.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{06A398D8-CC9F-4957-872F-D8BAE0EB1801}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20176.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3A9EE913-B9B1-476C-9479-C273BE6B23E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F2300D87-830C-4307-BD8F-2E4274398945}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{67303D09-8351-45CE-8A70-5F9F21D5BA0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC3CC6CA-9057-455C-A714-D60BEAF49C4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A814B5E9-BEC1-408C-B43C-2D606647B535}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B70BFA1F-D451-44C1-82A5-BF73F92784F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{620D75D1-6496-4439-9BDE-A08BF3A6AE9D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9FF8A74A-A324-4907-AB7C-904F6B158CAB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{7B870CC9-E32C-467C-B178-CAEBAF6B94BF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{64747960-099F-432E-9354-9416595E2DE2}] => (Allow) LPort=1900
FirewallRules: [{6AD70DE7-6050-4BD9-B628-134276CA4082}] => (Allow) LPort=2869
FirewallRules: [{D8700EC9-4035-44DD-87AA-9176003F5178}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08CDB30A-2E5F-4DD7-A6A1-775C2285C55A}] => (Allow) C:\Users\diana\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{0ED2844A-10C1-4400-9CFD-B73C78D7D5D4}] => (Allow) C:\Users\diana\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4780345E-B74A-4D39-9CD0-940609A6A691}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B84FA751-4D5D-4E37-BB0F-DE13D72987B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FD082239-CEB5-4717-955A-825FA2B52DE0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20176.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7DDFC57E-1B85-4C2A-88E6-B2F728BE0084}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-08-2019 14:15:17 ZHPcleaner

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2019 07:41:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (08/08/2019 07:41:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/08/2019 07:41:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (08/08/2019 07:41:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/07/2019 09:52:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (08/07/2019 09:52:50 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/07/2019 09:43:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (08/07/2019 04:52:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


System errors:
=============
Error: (08/11/2019 01:16:46 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Event-ID 8016

Error: (08/11/2019 01:16:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio GiftBox.Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (08/09/2019 09:54:22 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Event-ID 8016

Error: (08/09/2019 09:54:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio GiftBox.Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (08/08/2019 07:41:42 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Event-ID 8016

Error: (08/08/2019 07:41:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio GiftBox.Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (08/08/2019 07:40:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AvgWscReporter no pudo iniciarse debido al siguiente error: 
Acceso denegado.

Error: (08/08/2019 07:40:59 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Error en la llamada ScRegSetValueExW para DeleteFlag con el error siguiente: 
Se superó el número máximo de secretos que se pueden guardar en un único sistema.


CodeIntegrity:
===================================

Date: 2019-08-11 13:24:00.064
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.059
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.054
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.049
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.044
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.038
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.034
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 13:24:00.029
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. X580GD.306 07/23/2018
Motherboard: ASUSTeK COMPUTER INC. X580GD
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 60%
Total physical RAM: 8043.25 MB
Available physical RAM: 3141.2 MB
Total Virtual: 16235.25 MB
Available Virtual: 10565.91 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:85.9 GB) NTFS

\\?\Volume{54941ad4-221b-4f7c-9c18-b4fcbc6703cb}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.33 GB) NTFS
\\?\Volume{8afced21-072d-44a5-a7c9-4d58195ee687}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D80E2B1D)

Partition: GPT.

==================== End of Addition.txt ============================

El FRST.txt no me deja añadirlo porque me sale un mensaje indicando que excedo el número de caracteres del mensaje…

No sé si será muy lógico lo que voy a decir. Tengo un blog de fotografía y el mensaje de sitio web bloqueado por un troyano me sale al abrir mi blog. ¿Puede ser que el problema esté en la plantilla que estoy utilizando para el blog? Tras crear una copia del mismo y meter otra plantilla gratuita no me sale el cartel… Pongo el enlace, por si sirve para comprobaciones: https://dianagraciareguilon.blogspot.com/

Aunque también me ha salido después en alguna web más…

Hola.

Si el informe es muy extenso debes dividirlo y ponerlo en “trozos” y usar distintos mensajes/respuestas para ponerlos.

Cuando pueda analizar estos informes te podre dar mas indicaciones y pasos a realizar.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Ran by Diana (administrator) on LAPTOP-HFM2SG8A (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X580GD_N580GD) (11-08-2019 13:21:34)
Running from C:\Users\diana\Desktop
Loaded Profiles: Diana &  (Available Profiles: Diana)
Platform: Windows 10 Home Version 1903 18362.267 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSOptimization\ASUSOptimization.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsHidSrv64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsLdrSrv64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsMonStartupTask64.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\ATKOSD2.exe
(ASUSTeK COMPUTER INC.) C:\Program Files\WindowsApps\B9ECED6F.ASUSKeyboardHotkeys_1.0.10.0_x86__qmba6cd70vzyy\ATK Package\HControl.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\Common Files\AVG\Overseer\overseer.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc32.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_e042e413cfab025e\ICEsoundService64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\IntelCpHeciSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11901.20176.0_x86__8wekyb3d8bbwe\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelperBgt.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.866.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.263_none_5f1fc00458f64d76\TiWorker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Agent\WDDriveAgent.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Wisdom Software Inc. -> Wisdom Software Inc. ) C:\Program Files (x86)\ScreenHunter 7.0 Free\ScreenHunter7Free.exe

==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316848 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [56265192 2018-10-30] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [WDDriveAgent] => C:\Program Files (x86)\Western Digital\WD Drive Agent\WDDriveAgent.exe [2379552 2018-06-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807822\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807842\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-07] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 7.0 Free.lnk [2019-01-13]
ShortcutTarget: ScreenHunter 7.0 Free.lnk -> C:\Program Files (x86)\ScreenHunter 7.0 Free\ScreenHunter7Free.exe (Wisdom Software Inc. -> Wisdom Software Inc. )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00CA20F6-3467-4656-963B-79CCF7878F6E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {08D57DC1-E2CF-49EE-B557-A2531C58BA35} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C8EB8C9-0794-47E6-ACED-39775ADFAC60} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2081712 2019-08-08] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {172168E5-99FD-4C79-8A52-D048FC45923E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3817D64D-23BF-4B2D-9939-2268EAD6640B} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {566B19B2-B46E-4546-9165-3A23D1FBBDF6} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {62C3CC91-999D-4B49-A03F-32384358D318} - System32\Tasks\WD Discovery Service Task diana => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [67048 2018-10-30] (Western Digital Technologies, Inc. -> )
Task: {63550F11-8024-48EC-9DEE-4DA40A05FC1F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {6F7586A3-4FB2-4F29-A215-65DDEC668EA3} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
Task: {7E5720B6-13EF-43B7-961C-971F0C34F609} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7FBDEBF9-E871-4DA4-8B18-E7240E52952A} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1452992 2019-04-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {8EDCA5EC-3204-4CF2-A15D-2BE4AA064B76} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97F174F9-299C-4BFD-A602-D02276ECC030} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3987888 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {A60D5CE4-26E7-4D17-B75C-1C92B7C851FD} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\diana\Desktop\ESETOnlineScanner_ESL.exe [7986200 2019-08-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {AA261497-CC6E-4E0F-9B8D-711402B33B68} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEE50390-2C04-4D18-880A-8AB93879C2F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {B7F307FF-00E8-464D-A69D-4B8233D96F43} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BE6883C8-9586-466B-80C7-4EE78E706CC1} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BFDA082E-E5FC-45E4-B444-1D4FA8DF1A76} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C95921E9-EB66-4DEC-88E9-276F995A1169} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D8F1DF46-EF1E-4880-AF8F-414DDDD9CFC7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\diana\Desktop\ESETOnlineScanner_ESL.exe [7986200 2019-08-08] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {E0E9671B-65FE-455A-B61D-3377E8EBEFC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-09] (Google Inc -> Google Inc.)
Task: {E52D898F-5A76-4C1C-93DF-553546ECF67C} - System32\Tasks\Update Checker => C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSLiveUpdateAgent\UpdateChecker.exe [183232 2019-04-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {E84BFA05-1E32-4A27-B766-6BA5950BF48A} - System32\Tasks\Opera scheduled Autoupdate 1534416467 => C:\Users\diana\AppData\Local\Programs\Opera\launcher.exe
Task: {FBF00C3B-BEEB-4022-BE4F-8E19426471A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-09] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{18fa9228-7458-40f8-80bd-ffeb5bd22d99}: [DhcpNameServer] 10.10.27.1
Tcpip\..\Interfaces\{a5455239-7512-46ec-b565-184db66d1931}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-1644060488-1261626688-4119585121-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1644060488-1261626688-4119585121-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1644060488-1261626688-4119585121-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08112019131807863 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

FireFox:
========
FF DefaultProfile: lyf9yj7r.default
FF ProfilePath: C:\Users\diana\AppData\Roaming\Mozilla\Firefox\Profiles\lyf9yj7r.default [2019-08-09]
FF Homepage: Mozilla\Firefox\Profiles\lyf9yj7r.default -> www.google.com
FF Extension: (rainbow blur) - C:\Users\diana\AppData\Roaming\Mozilla\Firefox\Profiles\lyf9yj7r.default\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2019-08-06]
FF SearchPlugin: C:\Users\diana\AppData\Roaming\Mozilla\Firefox\Profiles\lyf9yj7r.default\searchplugins\bing-lavasoft-ff59.xml [2018-08-16]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vfl8qSV2F.ico
CHR Profile: C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default [2019-08-11]
CHR Extension: (Presentaciones) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-09]
CHR Extension: (YouTube) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2019-04-01]
CHR Extension: (Documentos) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-09]
CHR Extension: (Google Drive) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-08-09]
CHR Extension: (YouTube) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-09]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-08-09]
CHR Extension: (Hojas de cálculo) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-09]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-09]
CHR Extension: (Google Keep: notas y listas) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2019-08-07]
CHR Extension: (Gmail) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaphdclmlj [2019-04-01]
CHR Extension: (Extensión de Google Keep para Chrome) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2019-08-07]
CHR Extension: (Web IG Story) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpokmfekimfmecgdhjdbhidphhchlgml [2019-08-09]
CHR Extension: (Awesome Screenshot App) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpiaehgjbbfednooihadalhehabhcjo [2018-08-09]
CHR Extension: (UNIR) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcagfiabbofdemnmoclkjeejfcmajje [2019-04-01]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-09]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2019-08-06]
CHR Extension: (Picasa) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2018-08-09]
CHR Extension: (Gmail) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\diana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-06]
CHR Profile: C:\Users\diana\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsHidService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsHidSrv64.exe [171912 2018-01-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ASLDRService; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\AsLdrSrv64.exe [202120 2018-01-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSLiveUpdateAgent; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSLiveUpdateAgent\AsusLiveUpdateAgent.exe [265152 2019-04-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSOptimization\ASUSOptimization.exe [202176 2019-04-09] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSSystemAnalysis\AsusSystemAnalysis.exe [1452992 2019-04-09] (ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [519128 2019-04-09] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [415032 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6845400 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc32.exe [101200 2018-08-16] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1646120 2018-02-05] (Intel(R) pGFX -> Intel Corporation)
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\HfcDisableService.exe [1710736 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2788496 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [550568 2018-05-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 ICEsoundService; C:\WINDOWS\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_e042e413cfab025e\ICEsoundService64.exe [935088 2018-12-10] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [214672 2018-01-31] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265824 2018-04-17] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe [1969288 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [528160 2018-06-04] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 ZenAnywhere; C:\Program Files\Orbweb Inc\ZenAnywhere\ZenAnywhere.exe [154560 2017-12-29] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhere Updater; C:\Program Files\Orbweb Inc\ZenAnywhere\updater.exe [154560 2017-12-29] (Orbweb Taiwan Inc. -> Orbweb Inc.)
S3 ZenAnywhereNetworkService; C:\Program Files\Orbweb Inc\ZenAnywhere\bin\ZenAnywhereNetworkService.exe [67520 2017-04-07] (Orbweb Taiwan Inc. -> Orbweb Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848288 2018-04-17] (Intel Corporation -> Intel® Corporation)
S2 GiftBox.Service; "C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ASUSSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci.inf_amd64_1a7b8d181de74529\ASUSSystemAnalysis\ASUSSAIO.sys [32704 2019-04-09] (ASUSTek Computer Inc. -> )
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\atkwmiacpiio.inf_amd64_a5cf007e1dac78ef\atkwmiacpi64.sys [30600 2018-01-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [209304 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [263784 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [206624 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61736 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42552 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [168944 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112568 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [88208 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [477336 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [225864 2019-08-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [387736 2019-08-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2017-10-27] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [73680 2018-05-30] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31144 2017-11-23] (ASUSTeK Computer Inc. -> ASUS)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-09-26] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094800 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73360 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [198168 2018-04-19] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-08-06] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-11] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-11] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw06; C:\WINDOWS\System32\drivers\Netwtw06.sys [8743448 2018-04-26] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_20c0bba34ffd86ca\nvlddmkm.sys [17036560 2018-02-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RealWoW60; C:\WINDOWS\system32\DRIVERS\RealWoW60.sys [39432 2017-04-07] (Realtek Semiconductor Corp. -> Realtek semiconductor corp)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-10-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [451512 2019-03-31] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScrHIDDriver2; C:\WINDOWS\System32\drivers\ScrHIDDriver2.sys [58320 2018-05-30] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-11 13:21 - 2019-08-11 13:22 - 000037863 ____C C:\Users\diana\Desktop\FRST.txt
2019-08-11 13:20 - 2019-08-11 13:21 - 000000000 ____D C:\FRST
2019-08-11 13:20 - 2019-08-11 13:20 - 002097664 _____ (Farbar) C:\Users\diana\Desktop\FRST64.exe
2019-08-11 13:18 - 2019-08-11 13:19 - 001388432 _____ C:\Users\Public\VOIP.dat
2019-08-11 13:16 - 2019-08-11 13:16 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-11 13:16 - 2019-08-11 13:16 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-08-11 13:16 - 2019-08-11 13:16 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-08-11 13:16 - 2019-08-11 13:16 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-08-08 18:55 - 2019-08-08 19:33 - 000000000 ____D C:\KVRT_Data
2019-08-08 18:54 - 2019-08-08 18:55 - 167555368 _____ (AO Kaspersky Lab) C:\Users\diana\Desktop\KVRT.exe
2019-08-08 18:53 - 2019-08-09 14:12 - 000002972 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn
2019-08-08 18:53 - 2019-08-09 14:12 - 000002592 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime
2019-08-08 18:53 - 2019-08-08 18:53 - 000001496 ____C C:\Users\diana\Documents\eset.txt
2019-08-08 17:50 - 2019-08-09 12:20 - 000000648 ____C C:\Users\diana\Desktop\ESET Online Scanner.lnk
2019-08-08 17:50 - 2019-08-08 17:50 - 000000765 ____C C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-08-08 17:50 - 2019-08-08 17:50 - 000000000 ____D C:\Users\diana\AppData\Local\ESET
2019-08-08 17:49 - 2019-08-08 17:49 - 007986200 _____ (ESET spol. s r.o.) C:\Users\diana\Desktop\ESETOnlineScanner_ESL.exe
2019-08-07 21:48 - 2019-08-09 14:12 - 000003088 _____ C:\WINDOWS\System32\Tasks\Update Checker
2019-08-07 13:27 - 2019-08-07 15:33 - 000000000 ____D C:\Users\diana\AppData\Roaming\ZHP
2019-08-07 13:27 - 2019-08-07 14:08 - 000000877 ____C C:\Users\diana\Desktop\ZHPCleaner.lnk
2019-08-07 13:27 - 2019-08-07 13:27 - 003118464 _____ (Nicolas Coolman) C:\Users\diana\Desktop\ZHPCleaner.exe
2019-08-07 13:27 - 2019-08-07 13:27 - 000000000 ____D C:\Users\diana\AppData\Local\ZHP
2019-08-06 21:14 - 2019-08-09 22:03 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-06 21:13 - 2019-08-06 21:13 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-08-06 21:11 - 2019-08-11 13:16 - 000003746 _____ C:\WINDOWS\System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2019-08-06 21:11 - 2019-08-11 13:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-06 21:11 - 2019-08-09 21:57 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1644060488-1261626688-4119585121-1001
2019-08-06 21:11 - 2019-08-09 14:12 - 000003790 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-08-06 21:11 - 2019-08-09 14:12 - 000003612 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1534416467
2019-08-06 21:11 - 2019-08-09 14:12 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-08-06 21:11 - 2019-08-09 14:12 - 000003454 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-08-06 21:11 - 2019-08-09 14:12 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-08-06 21:11 - 2019-08-09 14:12 - 000003250 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-08-06 21:11 - 2019-08-09 14:12 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000003140 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-06 21:11 - 2019-08-09 14:12 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-08-06 21:11 - 2019-08-09 14:12 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-08-06 21:11 - 2019-08-09 14:12 - 000002420 _____ C:\WINDOWS\System32\Tasks\WD Discovery Service Task diana
2019-08-06 21:11 - 2019-08-09 14:12 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-08-06 21:11 - 2019-08-09 14:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-08-06 21:11 - 2019-08-06 21:11 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-08-06 21:11 - 2019-08-06 21:11 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-08-06 21:11 - 2019-08-06 21:11 - 000003482 _____ C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineUA
2019-08-06 21:11 - 2019-08-06 21:11 - 000003258 _____ C:\WINDOWS\System32\Tasks\AVGUpdateTaskMachineCore
2019-08-06 21:11 - 2019-08-06 21:11 - 000000020 ___SH C:\Users\diana\ntuser.ini
2019-08-06 21:11 - 2019-08-06 21:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-08-06 21:11 - 2019-08-06 21:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2019-08-06 21:11 - 2019-08-06 21:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2019-08-06 21:11 - 2019-07-20 00:29 - 000003108 _____ C:\WINDOWS\System32\Tasks\KMSAutoNet
2019-08-06 21:05 - 2019-08-06 21:05 - 000000000 ____D C:\ProgramData\USOShared
2019-08-06 21:05 - 2019-08-06 20:19 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-08-06 21:04 - 2018-08-31 02:07 - 000146344 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-08-06 21:04 - 2018-08-31 02:07 - 000121256 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-08-06 21:03 - 2019-08-09 15:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-06 21:03 - 2019-08-06 21:11 - 000000000 ____D C:\Windows.old
2019-08-06 21:03 - 2019-08-06 21:06 - 000389640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-06 21:03 - 2019-08-06 21:03 - 000000000 __SHD C:\IntelOptaneData
2019-08-06 21:02 - 2019-08-06 21:02 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WinSetupBoot.sys
2019-08-06 20:34 - 2019-08-06 21:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-08-06 20:32 - 2019-08-09 21:57 - 000002403 ____C C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-06 20:32 - 2019-08-06 21:11 - 000000000 ____D C:\Users\diana
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Reciente
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Plantillas
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Mis documentos
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Menú Inicio
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Impresoras
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Entorno de red
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Documents\Mis vídeos
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Documents\Mis imágenes
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Documents\Mi música
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Datos de programa
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\Configuración local
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\AppData\Local\Historial
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\AppData\Local\Datos de programa
2019-08-06 20:32 - 2019-08-06 20:32 - 000000000 _SHDL C:\Users\diana\AppData\Local\Archivos temporales de Internet
2019-08-06 20:30 - 2019-08-06 20:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-08-06 20:28 - 2019-08-06 20:28 - 000044295 _____ C:\Users\diana\Downloads\LuteroLaReforma_101_DivxTotal.avi.torrent
2019-08-06 20:28 - 2019-08-06 20:28 - 000043835 _____ C:\Users\diana\Downloads\LuteroLaReforma_102_DivxTotal.avi.torrent
2019-08-06 20:22 - 2019-08-06 20:22 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 019811328 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 008011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 007802224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 007758336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 007174656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 006218752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 005919744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 005500416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 005083352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 005014016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 004863488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 004481024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 004348408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 003837440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 003243080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002956984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-08-06 20:22 - 2019-08-06 20:22 - 002494232 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002398720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002314440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002235936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002216448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002175288 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002132520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 002072152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001866064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001788944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001555688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001510952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001505080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001493392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001297720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001273344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001273176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001248256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-08-06 20:22 - 2019-08-06 20:22 - 001244728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\opengl32.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001106288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001039872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-08-06 20:22 - 2019-08-06 20:22 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000800568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-08-06 20:22 - 2019-08-06 20:22 - 000744248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-08-06 20:22 - 2019-08-06 20:22 - 000743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000737552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-08-06 20:22 - 2019-08-06 20:22 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000682744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-08-06 20:22 - 2019-08-06 20:22 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000666280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-08-06 20:22 - 2019-08-06 20:22 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000537608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000516752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000463272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-08-06 20:22 - 2019-08-06 20:22 - 000420360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\provplatformdesktop.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000366184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000267528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000261016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityUxHost.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provplatformdesktop.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-08-06 20:22 - 2019-08-06 20:22 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-06 20:22 - 2019-08-06 20:22 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glu32.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000145936 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000093312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-06 20:22 - 2019-08-06 20:22 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000058825 _____ C:\WINDOWS\system32\srms.dat
2019-08-06 20:22 - 2019-08-06 20:22 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2019-08-06 20:22 - 2019-08-06 20:22 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-08-06 20:22 - 2019-08-06 20:22 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 014814208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 006515592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 006070920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 005753728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2019-08-06 20:21 - 2019-08-06 20:21 - 005087744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 004537344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 003915536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 003750912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 003735264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002989880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 002771752 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-08-06 20:21 - 2019-08-06 20:21 - 002697728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002586608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002490712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002306048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001912576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001893888 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001840968 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001815040 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001690624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001661544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001651848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001611416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001562640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001531992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001515008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001488384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001473488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001413120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001408000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001391624 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001366528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001334064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001304888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001283384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-08-06 20:21 - 2019-08-06 20:21 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001244672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001213456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001154960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001124864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001079296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001072144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001063944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 001007160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000928776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000913168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000888056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000821904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000800048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000777528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000774664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000773680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000772656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000769336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000679368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000673080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000667272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000588256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000568336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000531464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiagn.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000515448 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000511008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-06 20:21 - 2019-08-06 20:21 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000478800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-06 20:21 - 2019-08-06 20:21 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000457016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000451896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000450400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-08-06 20:21 - 2019-08-06 20:21 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DispBroker.Desktop.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000401416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000385808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000379192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webauthn.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000375512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000336928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000334728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000316216 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2019-08-06 20:21 - 2019-08-06 20:21 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000300384 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000284536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000283472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000279624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000268216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-06 20:21 - 2019-08-06 20:21 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000199176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000187920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000149512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000135000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000134760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000132912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000129848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000116184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000110080 _____ C:\WINDOWS\system32\ResBParser.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GraphicsCapture.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000106536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameChatTranscription.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000098592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000096032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000072816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzautoupdate.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000056008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2019-08-06 20:21 - 2019-08-06 20:21 - 000021544 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000020728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnlsres.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2019-08-06 20:21 - 2019-08-06 20:21 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-08-06 20:21 - 2019-08-06 20:21 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-08-06 20:21 - 2019-08-06 20:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 017785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 009927176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 007890792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 007832896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 007277568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 007251832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 006403072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 006227072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 006059520 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 004562920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 004470784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 004034048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 004008960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003590664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003372744 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003327256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003261440 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003141120 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003104768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 003084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002764040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 002698552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 002550792 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002449456 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002448384 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002321408 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002282496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002249216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002113536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 002032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001999648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001940952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001884200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001830416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001784832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001781248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001754232 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-06 20:20 - 2019-08-06 20:20 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001717800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001654520 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001633864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001608704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001480704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001437184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 001423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001395600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001366344 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-06 20:20 - 2019-08-06 20:20 - 001364480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001262864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 001180160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001084728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001068856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001065984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001042944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-08-06 20:20 - 2019-08-06 20:20 - 001020768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 001007120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000984376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000977688 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000940736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000910272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000889448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000879792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-08-06 20:20 - 2019-08-06 20:20 - 000876560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000818656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000811160 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-08-06 20:20 - 2019-08-06 20:20 - 000811160 _____ C:\WINDOWS\system32\locale.nls
2019-08-06 20:20 - 2019-08-06 20:20 - 000810512 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000751048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000728576 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000706760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000680760 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000674072 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000642208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000639608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000613392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000606112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000586760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000544576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000523704 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2019-08-06 20:20 - 2019-08-06 20:20 - 000466624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\webauthn.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000441352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000437776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000390456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000363624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000358944 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000343104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000339520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000283144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\directxdatabaseupdater.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000248088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000220680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgiadaptercache.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000214032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000205112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\regapi.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000202248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000199184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000194176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000182072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000180536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000180024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000162384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000161848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000157752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000146744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2019-08-06 20:20 - 2019-08-06 20:20 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000144376 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-08-06 20:20 - 2019-08-06 20:20 - 000139472 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2019-08-06 20:20 - 2019-08-06 20:20 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameChatTranscription.dll