Malware Fireappear.fun

Buenas tardes a todos y gracias por leer este post.

No puedo quitar “fireappear.fun”… ya le he pasado Malwarebytes 3.X que lo he descargado de aqui, y Malwarebytes AdwCleaner que lo he descargado de aqui tambien.

Si alguien puede ayudarme para quitar ese malware desde ya se lo agradeceria.

Muchas gracias.-

Hola @diego80

En tu próxima respuesta pega los reportes.

Salu2.

1 me gusta

Hola @SanMar

Que reportes??

Los reportes de los malwares que le pase a la pc??

Hola:

Mencionaste que ejecutaste Malwarebytes y AdwCleaner, esas Herramientas te dan reportes.

Te dejo los pasos para que sepas ejecutarlos con sus Manuales para que sepas guardar sus reportes y pegarlos en el Foro.

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos:

CCleaner

Lo ejecutas usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

1 me gusta
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    02-03-2019
# Duration: 00:00:18
# OS:       Windows 10 Pro
# Scanned:  31793
# Detected: 14


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.WiperSoft          C:\Program Files\WiperSoft
PUP.Optional.WiperSoft          C:\Users\diego\AppData\Roaming\WiperSoft

***** [ Files ] *****

PUP.Optional.WiperSoft          C:\Windows\System32\wiperrm.exe
PUP.Optional.WiperSoft          C:\Users\diego\Desktop\WiperSoft.lnk
PUP.Optional.WiperSoft          C:\Users\diego\Downloads\WIPERSOFT-INSTALLER.EXE

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.WiperSoft          C:\Windows\System32\Tasks\WiperSoft Startup

***** [ Registry ] *****

PUP.Optional.WiperSoft          HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1
PUP.Optional.WiperSoft          HKCU\Software\WiperSoft
PUP.Optional.WiperSoft          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3D2234F-ECBB-4145-8D60-684D763A427D} 
PUP.Optional.WiperSoft          HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiperSoft Startup

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             oadboiipflhobonjjffjbfekfjcgkhco

***** [ Chromium URLs ] *****

PUP.Optional.Legacy             Search Here
PUP.Optional.MySearch           Search Here
PUP.Optional.SofTonicAssistant  Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build:    01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    02-03-2019
# Duration: 00:00:13
# OS:       Windows 10 Pro
# Cleaned:  13
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files\WiperSoft
Deleted       C:\Users\diego\AppData\Roaming\WiperSoft

***** [ Files ] *****

Deleted       C:\Windows\System32\wiperrm.exe
Deleted       C:\Users\diego\Desktop\WiperSoft.lnk
Deleted       C:\Users\diego\Downloads\WIPERSOFT-INSTALLER.EXE

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\WiperSoft Startup

***** [ Registry ] *****

Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1
Deleted       HKCU\Software\WiperSoft
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3D2234F-ECBB-4145-8D60-684D763A427D} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiperSoft Startup

***** [ Chromium (and derivatives) ] *****

Deleted       oadboiipflhobonjjffjbfekfjcgkhco

***** [ Chromium URLs ] *****

Not Deleted   Search Here
Deleted       Search Here
Deleted       Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2149 octets] - [03/02/2019 00:20:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 3/2/19
Hora del análisis: 0:39
Archivo de registro: 5487620e-2765-11e9-b8cf-1c1b0da6b19c.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.527
Versión del paquete de actualización: 1.0.9092
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.523)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-HDS6QDP\diego

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 268476
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 min, 10 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2019 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/03/2019 12:15:01 AM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\diego\AppData\Local\Temp\Rar$EXa1692.8204\Microsoft Office 2016\OFFICE 2016\Office 2016 Profesional (64).exe (PID: 10936) [T-HEUR]
 * C:\Users\diego\AppData\Local\Temp\Rar$EXa1692.8204\Microsoft Office 2016\OFFICE 2016\Office 2016 Profesional (64).exe (PID: 9296) [T-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 02/03/2019 12:16:49 AM
Execution time: 0 hours(s), 1 minute(s), and 48 seconds(s)

Hola:

Dime donde te sigue apareciendo Fireappear.fun?

Realiza lo siguiente:

1.- Desactiva temporalmente su antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abriran dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

1 me gusta

En la parte inferior derecha me aparece… ya te paso informe de Ccleaner y FRST.

Muchas gracias por tu predisposicion.-

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by diego (03-02-2019 02:55:08)
Running from C:\Users\diego\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2019-01-15 14:44:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-554391025-2556448295-3555311632-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554391025-2556448295-3555311632-503 - Limited - Disabled)
diego (S-1-5-21-554391025-2556448295-3555311632-1001 - Administrator - Enabled) => C:\Users\diego
Invitado (S-1-5-21-554391025-2556448295-3555311632-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-554391025-2556448295-3555311632-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 4.3.0 - philandro Software GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-554391025-2556448295-3555311632-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
StockBase POS 2033 (HKLM-x32\...\{09526104-8C9D-4338-A761-0AAFBADE3BBE}) (Version: 2033.797 - EGA Futura) Hidden
StockBase POS 2033 (HKLM-x32\...\StockBase POS 2033) (Version: 2033.797 - EGA Futura)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version:  - winmoviemaker)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version:  - VideoWin)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoiper5 (HKLM-x32\...\Zoiper5) (Version: 5.2 - Securax LTD)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxDTCM.dll [2018-11-19] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B886A16-C2F3-4489-8AF7-93E5D89EF72D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-15] (Google Inc.)
Task: {3D044328-7A70-470B-B983-CB94ABDB53B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {45D271B6-9BCC-4690-9D59-FEBAA4F00CFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {5CFDF82D-1392-41EB-BB89-24DEE83EA66C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {695EAF11-CC8D-4CD3-A6BA-A9424917929E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-01-15] (Google Inc.)
Task: {83FA3B0E-0CF8-4421-8C5A-ED596C0464E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {AFC478D6-8EAA-48A6-AA26-0A12EF58CA6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-24] (Microsoft Corporation)
Task: {D9A4264A-E7E0-4B26-8B00-0544FCC8B1AC} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {DA164328-A2D0-47AC-B53D-2CF0392F5A43} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc

==================== Loaded Modules (Whitelisted) ==============

2019-01-15 12:29 - 2019-01-15 12:21 - 002126120 _____ () C:\Program Files (x86)\AnyDesk\AnyDesk.exe
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 ____N () C:\Windows\ShellExperiences\TileControl.dll
2019-01-15 22:06 - 2018-11-08 23:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-15 22:06 - 2019-01-01 03:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-29 19:18 - 2019-01-29 19:21 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-29 19:18 - 2019-01-29 19:21 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-15 12:37 - 2019-01-15 12:37 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-15 12:13 - 2018-12-12 02:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2019-01-15 12:13 - 2018-12-12 02:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-19 19:57 - 2018-11-19 19:57 - 000142440 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igdinfo64.dll
2019-01-23 15:13 - 2019-01-23 15:14 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-23 15:13 - 2019-01-23 15:13 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 13:31 - 2018-04-12 13:31 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2019-01-15 12:17 - 2019-01-15 12:18 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-23 15:13 - 2019-01-23 15:13 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-23 15:13 - 2019-01-23 15:13 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 021983232 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SmartPSS.exe
2018-06-19 04:33 - 2018-06-19 04:33 - 000110592 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DSMessageNotify.exe
2018-06-19 03:13 - 2018-06-19 03:13 - 000225280 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\PC-NVR.exe
2018-06-19 03:13 - 2018-06-19 03:13 - 011988992 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\Challenge.exe
2019-01-31 19:49 - 2019-01-31 19:57 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-31 19:49 - 2019-01-31 19:57 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-15 12:23 - 2019-01-15 12:35 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-16 04:16 - 2019-01-16 04:17 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-01-31 19:49 - 2019-01-31 19:53 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-31 19:49 - 2019-01-31 19:58 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-01-31 19:49 - 2019-01-31 19:53 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2019-01-15 12:23 - 2019-01-15 12:35 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-15 12:23 - 2019-01-15 12:35 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-15 12:23 - 2019-01-15 12:23 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-29 19:18 - 2019-01-29 19:18 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-30 10:22 - 2019-01-30 10:23 - 000282624 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2019-01-15 12:24 - 2019-01-15 12:25 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 06:47 - 2019-01-18 06:48 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-18 06:47 - 2019-01-18 06:48 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 13:31 - 2018-04-12 13:31 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2019-01-15 12:17 - 2019-01-15 12:18 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 06:47 - 2019-01-18 06:47 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-02-03 00:36 - 2018-11-21 11:07 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-02-03 00:36 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-12-10 07:09 - 2018-12-10 07:09 - 000103560 _____ () C:\Program Files\CCleaner\lang\lang-1034.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000196608 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\RTPDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000134144 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\MCL_FPTZ.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000364544 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSComponent.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 009121848 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\dhnetsdk.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001097728 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DSGui.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000512000 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\StreamParsermd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000282624 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\StreamConvertormd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000393216 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VAXPlayer.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000143360 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\IvsDrawer.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001269760 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\NetApp.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000262144 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\Common.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001286144 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSModel.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001060864 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSLogic.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000017920 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SPSSSecurity.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000487424 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\P2PDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000090112 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\CardReader.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000815104 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\UICommonModule.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000139264 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\H264Parser.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000573440 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\Inframd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000090112 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\HevcParser.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000012800 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTCDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000011776 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTSDll.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000352256 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\StreamPackagemd.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000950272 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTCStack.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000872448 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\VTSStack.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001622016 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\dhplay.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 002527288 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\avnetsdk.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000839680 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\StreamSvr.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000589824 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\NetFramework.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000294912 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\Stream.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 001163264 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\Infra.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000208896 _____ () c:\program files (x86)\smart professional surveillance system\smartpss\json.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000200704 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DeviceFunctionLogical.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000540672 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\AlarmHostUI.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 002154496 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\AttendanceUI.dll
2018-06-19 04:33 - 2018-06-19 04:33 - 000073728 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\Adaptor.dll
2018-11-19 19:57 - 2018-11-19 19:57 - 000120576 _____ () C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igdinfo32.dll
2018-06-19 03:13 - 2018-06-19 03:13 - 000634957 _____ () C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\dhplay.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-15 11:39 - 2019-01-15 11:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-554391025-2556448295-3555311632-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-554391025-2556448295-3555311632-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8EC6AC73-0E26-4188-8AF1-3ED47C9861A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [TCP Query User{22571058-4F1E-494D-A767-53F918278EAA}C:\users\diego\downloads\anydesk.exe] => (Allow) C:\users\diego\downloads\anydesk.exe ()
FirewallRules: [UDP Query User{A4BA470B-A887-45DC-9A5A-6D5A4DD1D924}C:\users\diego\downloads\anydesk.exe] => (Allow) C:\users\diego\downloads\anydesk.exe ()
FirewallRules: [TCP Query User{FDF363A9-B830-44E1-AA0B-20A737F48526}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [UDP Query User{F0F6ABA0-A520-4CAE-B861-4979AC1BCCEE}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [TCP Query User{B8FB99F3-6DDB-41B7-B15B-CB29B2C6C6D1}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe ()
FirewallRules: [UDP Query User{1FF8AC79-F613-48C8-92AB-B224135ADAB0}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe ()
FirewallRules: [{FECE5874-B34C-4D3D-9C4F-F9F5E8E78EAD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{BB0F33CF-94E7-4140-91A9-A20A90BBEC3C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [TCP Query User{032871F5-5B60-4BBF-8DC3-E486DCCFD5C8}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe ()
FirewallRules: [UDP Query User{7A91784E-6335-44E4-8FE6-5141268C06EB}C:\program files (x86)\zoiper5\zoiper5.exe] => (Allow) C:\program files (x86)\zoiper5\zoiper5.exe ()
FirewallRules: [{D854C099-9562-466E-B767-741A941F5FD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{A359D3BD-FE6C-411B-95D2-559BADD1C3BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{7C86BC51-7FB6-494E-A733-18916298FC3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{35CD4B2E-4B33-4A88-A649-7594EEB96F73}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{E8050099-BC33-460B-BACD-E00A417FEC53}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{08A40C1A-B6D4-4FA8-95CB-98A96975405C}] => (Allow) LPort=2869
FirewallRules: [{06F778BB-96D2-4C7E-9C5D-130B33FC8176}] => (Allow) LPort=1900
FirewallRules: [{416DBACD-F6B9-4EA0-8831-2E5684A9EE29}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{2A40D5CF-8DDD-488D-AF47-BFA90CF587BE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{C676C66F-DFAA-4D03-9BF9-6E9C20ACD70C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{2FCDC1A9-5510-4D10-AD11-AED2A739D009}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{D47BE2AF-1970-47B7-804A-93395AE56A5F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()
FirewallRules: [{BFFD0447-8208-402A-8F45-79F31C5CEC97}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe ()

==================== Restore Points =========================

02-02-2019 16:57:43 Punto de control programado

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2019 03:24:12 AM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-HDS6QDP)
Description: Product: Microsoft Office Outlook Connector -- The Microsoft Outlook Hotmail Connector requires Microsoft Office Outlook 2003, Microsoft Office Outlook 2007 or Microsoft Outlook 2010.

Error: (02/02/2019 03:23:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (01/21/2019 07:42:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x27f4
Hora de inicio de la aplicación con errores: 0x01d4b1da64f02dca
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: cc751500-25ca-4544-9c7d-43f0fff972ce
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (01/21/2019 07:41:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x1ec4
Hora de inicio de la aplicación con errores: 0x01d4b1da66ccf436
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: bc6e5373-3bbf-4a0b-bf0f-f25e0825753f
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (01/17/2019 06:26:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x1e64
Hora de inicio de la aplicación con errores: 0x01d4aeaabbd6600c
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 441b4022-eb87-45f6-a540-1df8939d8610
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (01/17/2019 05:24:08 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Producto: Update for Windows 10 for x64-based Systems (KB4023057) -- A later version of Update for Windows 10 for x64-based Systems (KB4023057) is already installed. Setup will now exit.

Error: (01/16/2019 09:42:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00044ae7
Identificador del proceso con errores: 0x20
Hora de inicio de la aplicación con errores: 0x01d4adfd2200efbd
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 92a4fc48-0da7-476f-8a62-0fae331c09b2
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (01/16/2019 04:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: POS.exe, versión: 19.0.1.0, marca de tiempo: 0x5bdf5cdc
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.471, marca de tiempo: 0xfe852bc4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0004446a
Identificador del proceso con errores: 0x1fec
Hora de inicio de la aplicación con errores: 0x01d4adcf4e9d9363
Ruta de acceso de la aplicación con errores: C:\StockBase_POS_2033.797\Win\POS.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: 6118db88-1d5d-4bff-8279-4291cc47f1df
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (02/03/2019 12:25:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/03/2019 12:24:21 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HDS6QDP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-HDS6QDP\diego con SID (S-1-5-21-554391025-2556448295-3555311632-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (02/03/2019 12:21:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (02/03/2019 12:21:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HECI Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (02/03/2019 12:21:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Remediation Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (02/03/2019 12:21:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) HD Graphics Control Panel Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (02/03/2019 12:21:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HDCP Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (02/03/2019 12:01:20 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HDS6QDP)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-HDS6QDP\diego con SID (S-1-5-21-554391025-2556448295-3555311632-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-01-29 15:42:14.718
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Program:Win32/Unwaders.C!ml&threatid=242874&enterprise=0
Nombre: Program:Win32/Unwaders.C!ml
Id.: 242874
Gravedad: Grave
Categoría: Software potencialmente no deseado
Ruta de acceso: file:_C:\Users\diego\Downloads\Ingles\descargar_gratis_curso_completo_de_ingles_bbc_engl.exe.rename; webfile:_C:\Users\diego\Downloads\Ingles\descargar_gratis_curso_completo_de_ingles_bbc_engl.exe.rename|http://static.134.1.203.116.clients.your-server.de/find/da7bb882277833dfd729e8175bbeb1a6/result-573980629.dl?source=direct&return_url=http{44F6950C-46A1-47A7-AC6D-9829DAF08351}A4.18.1901.7F4.18.1901.7Fwww.getgosoft.com4.18.1901.7Fgetgodm4.18.1901.7Fthankyou|pid:8832,ProcessStart:131930057646294309
Origen de detección: Internet
Tipo de detección: FastPath
Fuente de detección: Descargas y datos adjuntos
Usuario: DESKTOP-HDS6QDP\diego
Nombre de proceso: Unknown
Versión de firma: AV: 1.285.417.0, AS: 1.285.417.0, NIS: 1.285.417.0
Versión de motor: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-23 18:48:26.870
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {47A2C486-8C8F-49A1-8BD2-B38C9610FBDB}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-23 17:48:17.950
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {280F738B-39B8-4DE5-BBE3-07588E34FFFC}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-21 10:27:35.570
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {EF60BCE0-6B4B-42F6-9A79-FC50DFD52E01}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-01-21 09:21:53.272
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {DBA42451-1C75-4993-B035-D37B94A19C1F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz
Percentage of memory in use: 61%
Total physical RAM: 4009.43 MB
Available physical RAM: 1531.43 MB
Total Virtual: 5865.43 MB
Available Virtual: 2494.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.55 GB) (Free:769.13 GB) NTFS

\\?\Volume{ddc65ad1-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{ddc65ad1-0000-0000-0000-80c2e8000000}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DDC65AD1)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=483 MB) - (Type=27)

==================== End of Addition.txt ============================

PRIMERA PARTE

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by diego (administrator) on DESKTOP-HDS6QDP (03-02-2019 02:51:45)
Running from C:\Users\diego\Downloads
Loaded Profiles: diego (Available Profiles: diego)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Español (México)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\IntelCpHDCPSvc.exe
() C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\NisSrv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a9535cd18c90bc3\igfxEM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\SmartPSS.exe
() C:\Program Files (x86)\Smart Professional Surveillance System\SmartPSS\DSMessageNotify.exe
() C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\PC-NVR.exe
() C:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\Challenge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Users\diego\Downloads\adwcleaner_7.2.7.0.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-15] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{381a8f11-f00f-4a27-ba43-1645b8b82107}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-15] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com.ar/"
CHR Profile: C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default [2019-02-03]
CHR Extension: (Presentaciones) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-15]
CHR Extension: (Documentos) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-15]
CHR Extension: (Google Drive) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-15]
CHR Extension: (YouTube) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-15]
CHR Extension: (Adblock para Youtube™) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-01-15]
CHR Extension: (PicMonkey Extension) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhipmoghimfdldnocmopeoanjmoolofl [2019-01-15]
CHR Extension: (MobiTexter - SMS Texting from PC) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbkibbomfafoepkmjpgfinkmlgkgncgn [2019-01-15]
CHR Extension: (Hojas de cálculo) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-15]
CHR Extension: (Adlesse) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjmghhldchigdbaebhdeiaecihkdabdn [2019-01-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-15]
CHR Extension: (IE Tab) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-01-15]
CHR Extension: (Cisco Webex Extension) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-01-15]
CHR Extension: (Plugins) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcblfncjaclajmegihojiekebofjcen [2019-01-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-15]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2019-01-15]
CHR Extension: (Friends Visual Map) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojnfeeadkmdfgjanophbgeldmfddoekd [2019-01-15]
CHR Extension: (Gmail) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-15]
CHR Extension: (Chrome Media Router) - C:\Users\diego\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2126120 2019-01-15] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11013496 2019-01-28] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-14] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-24] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-24] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-02-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-02-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-02-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-02-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-02-03] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-11] (Realtek )
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [135824 2016-09-12] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46488 2019-01-24] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343032 2019-01-24] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 02:51 - 2019-02-03 02:53 - 000012593 _____ C:\Users\diego\Downloads\FRST.txt
2019-02-03 02:51 - 2019-02-03 02:51 - 000000000 ____D C:\FRST
2019-02-03 02:49 - 2019-02-03 02:49 - 002428928 _____ (Farbar) C:\Users\diego\Downloads\FRST64.exe
2019-02-03 02:46 - 2019-02-03 02:49 - 019341880 _____ (Piriform Software Ltd) C:\Users\diego\Downloads\ccsetup552.exe
2019-02-03 02:40 - 2019-02-03 02:40 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-02-03 02:40 - 2019-02-03 02:40 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-02-03 02:40 - 2019-02-03 02:40 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-02-03 02:40 - 2019-02-03 02:40 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-02-03 02:40 - 2019-02-03 02:40 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-02-03 00:39 - 2019-02-03 00:39 - 000000000 ____D C:\Users\diego\AppData\Local\mbam
2019-02-03 00:37 - 2019-02-03 00:37 - 000000000 ____D C:\Users\diego\AppData\Local\mbamtray
2019-02-03 00:36 - 2019-02-03 00:36 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-03 00:36 - 2019-02-03 00:36 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-03 00:36 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-03 00:27 - 2019-02-03 00:33 - 073180944 _____ (Malwarebytes ) C:\Users\diego\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.527-1.0.9082.exe
2019-02-03 00:19 - 2019-02-03 00:21 - 000000000 ____D C:\AdwCleaner
2019-02-03 00:19 - 2019-02-03 00:19 - 007316688 _____ (Malwarebytes) C:\Users\diego\Downloads\adwcleaner_7.2.7.0.exe
2019-02-03 00:15 - 2019-02-03 00:16 - 000002420 _____ C:\Users\diego\Desktop\Rkill.txt
2019-02-03 00:14 - 2019-02-03 00:14 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\diego\Downloads\iExplore.exe
2019-02-02 23:35 - 2019-02-02 23:35 - 000000000 ____D C:\Program Files\Microsoft Office
2019-02-02 23:34 - 2019-02-02 23:34 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-02-02 14:10 - 2019-02-02 14:10 - 003331618 _____ C:\Users\diego\Downloads\Microsoft Office 2016 64 y 32 bits.zip
2019-02-02 03:24 - 2019-02-02 03:24 - 000000000 ____D C:\WINDOWS\en
2019-02-02 03:23 - 2019-02-02 03:23 - 000000000 ____D C:\Program Files\Windows Live
2019-02-02 03:23 - 2019-02-02 03:23 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2019-02-02 03:21 - 2019-02-02 03:21 - 000000000 ____D C:\Program Files (x86)\Windows Movie Maker
2019-02-02 03:21 - 2019-02-02 03:21 - 000000000 ____D C:\Program Files (x86)\Windows Live
2019-02-02 03:10 - 2019-02-02 03:16 - 080860795 _____ (winmoviemaker ) C:\Users\diego\Downloads\windows-movie-maker-2016-multi.exe
2019-02-02 02:54 - 2019-02-02 03:00 - 000000000 ____D C:\Users\diego\Documents\XMovieMaker
2019-02-02 02:53 - 2019-02-02 03:21 - 000001000 _____ C:\Users\Public\Desktop\Windows Movie Maker.lnk
2019-02-02 02:53 - 2019-02-02 02:59 - 000000000 ____D C:\Users\diego\AppData\Roaming\xmoviemaker
2019-02-02 02:53 - 2019-02-02 02:53 - 000000000 ____D C:\Program Files\Windows Movie Maker
2019-02-02 02:36 - 2019-02-02 02:49 - 221305952 _____ (VideoWin ) C:\Users\diego\Downloads\windows-movie-maker-new-multi.exe
2019-02-02 02:31 - 2019-02-02 03:37 - 000000000 ____D C:\Users\diego\Downloads\REC
2019-01-31 16:00 - 2019-01-31 16:00 - 001979340 _____ C:\Users\diego\Downloads\user-sp-teclados-20-01-17_web.pdf
2019-01-31 15:06 - 2019-01-31 15:07 - 003755754 _____ C:\Users\diego\Downloads\Install-sp-a2k4-ng-web.pdf
2019-01-30 01:07 - 2019-01-30 01:07 - 000000022 _____ C:\Users\diego\Downloads\MEGA-RECOVERYKEY.txt
2019-01-29 15:28 - 2019-01-31 00:31 - 000000000 ____D C:\Users\diego\Downloads\Ingles
2019-01-26 03:20 - 2019-01-26 03:39 - 000000000 ____D C:\Users\diego\AppData\Roaming\Zoiper5
2019-01-26 03:20 - 2019-01-26 03:20 - 000001140 _____ C:\Users\Public\Desktop\Zoiper5.lnk
2019-01-26 03:20 - 2019-01-26 03:20 - 000000000 ____D C:\Users\diego\AppData\Local\CEF
2019-01-26 03:20 - 2019-01-26 03:20 - 000000000 ____D C:\Program Files (x86)\Zoiper5
2019-01-26 02:35 - 2019-01-26 02:35 - 000215905 _____ C:\Users\diego\Downloads\ANURA.pdf
2019-01-26 02:28 - 2019-01-26 02:41 - 140955560 _____ (Securax LTD) C:\Users\diego\Downloads\Zoiper5_Installer_v5.2.25.exe
2019-01-22 22:52 - 2019-01-23 03:10 - 000000000 ____D C:\Users\diego\Downloads\fotos nube
2019-01-22 14:30 - 2019-01-22 15:06 - 000000000 ____D C:\Users\diego\Downloads\imagen cuentas
2019-01-21 19:42 - 2019-01-21 19:42 - 001056649 _____ C:\Users\diego\Downloads\131.PDF
2019-01-21 13:36 - 2019-01-21 13:36 - 000612030 _____ C:\Users\diego\Downloads\2TEC242_Seguridad HTTPS.pdf
2019-01-21 05:13 - 2019-01-21 05:16 - 044885130 _____ C:\Users\diego\Downloads\Monitoreo Propaganda.zip
2019-01-21 01:50 - 2019-01-21 01:50 - 000000000 ____D C:\Users\diego\AppData\Local\PeerDistRepub
2019-01-21 01:19 - 2019-01-21 01:19 - 000000000 ____D C:\Users\diego\Downloads\Infotec
2019-01-21 00:53 - 2019-01-21 05:12 - 000000000 ____D C:\Users\diego\Downloads\onedrive
2019-01-20 00:40 - 2019-01-20 00:40 - 000301371 _____ C:\Users\diego\Downloads\PROGRAMACION MONITOREO POR G2K8.pdf
2019-01-20 00:40 - 2019-01-20 00:40 - 000245425 _____ C:\Users\diego\Downloads\MONITOREO CMR LINEA FIFA ALONSO.pdf
2019-01-20 00:22 - 2019-01-20 00:22 - 000000000 ____D C:\Users\diego\AppData\Local\D3DSCache
2019-01-19 18:39 - 2019-01-19 18:39 - 001056642 _____ C:\Users\diego\Downloads\119.PDF
2019-01-18 22:39 - 2019-01-18 22:39 - 000572626 _____ C:\Users\diego\Downloads\Vida San Juan Maria Vianney.pdf
2019-01-17 18:35 - 2019-01-17 18:35 - 001059827 _____ C:\Users\diego\Downloads\122.PDF
2019-01-17 18:21 - 2019-01-17 18:21 - 003820990 _____ C:\Users\diego\Downloads\A2K4-NG_Manual de Instalación.pdf
2019-01-17 16:07 - 2019-01-17 16:07 - 000000000 ____D C:\Users\diego\AppData\Local\OneDrive
2019-01-17 16:01 - 2019-01-23 16:02 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-17 16:01 - 2019-01-17 16:01 - 000002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-17 16:01 - 2019-01-17 16:01 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-17 16:01 - 2019-01-17 16:01 - 000000000 ____D C:\Program Files\CCleaner
2019-01-17 15:58 - 2019-01-17 16:00 - 019299120 _____ (Piriform Software Ltd) C:\Users\diego\Downloads\ccsetup551.exe
2019-01-17 03:11 - 2019-01-17 03:11 - 000001503 _____ C:\Users\diego\Desktop\PhotoshopCS6Portable - Acceso directo.lnk
2019-01-17 03:10 - 2019-01-17 03:11 - 000000000 ____D C:\Users\diego\Downloads\Nueva carpeta
2019-01-17 03:07 - 2019-01-17 03:07 - 000000040 ____H C:\5F7AB3C202A3
2019-01-17 03:07 - 2019-01-17 03:07 - 000000000 ____D C:\Users\diego\AppData\LocalLow\Adobe
2019-01-17 03:00 - 2019-01-17 03:01 - 095856558 _____ C:\Users\diego\Downloads\Photoshop Cs6 By AlexPlus.rar
2019-01-17 02:37 - 2019-01-17 02:44 - 077325164 _____ C:\Users\diego\Downloads\Photoshop cs6.rar
2019-01-16 21:42 - 2019-01-16 21:42 - 001056637 _____ C:\Users\diego\Downloads\136.PDF
2019-01-16 21:41 - 2019-01-16 21:41 - 001056630 _____ C:\Users\diego\Downloads\110.PDF
2019-01-16 21:41 - 2019-01-16 21:41 - 001056627 _____ C:\Users\diego\Downloads\137.PDF
2019-01-16 21:40 - 2019-01-16 21:40 - 001056634 _____ C:\Users\diego\Downloads\125.PDF
2019-01-16 19:52 - 2019-01-30 08:38 - 000000951 _____ C:\Users\diego\Desktop\Nuevo documento de texto.txt
2019-01-16 16:18 - 2019-01-16 16:19 - 000000000 ____D C:\Users\diego\AppData\Roaming\SumatraPDF
2019-01-16 16:18 - 2019-01-16 16:18 - 004860560 _____ (Krzysztof Kowalczyk) C:\Users\diego\Downloads\SumatraPDF-3.1.2-install.exe
2019-01-16 16:18 - 2019-01-16 16:18 - 000000000 ____D C:\Program Files (x86)\SumatraPDF
2019-01-16 16:16 - 2019-01-16 16:16 - 001056735 _____ C:\Users\diego\Downloads\113.1.PDF
2019-01-16 16:15 - 2019-01-16 16:15 - 001056734 _____ C:\Users\diego\Downloads\113.PDF
2019-01-16 13:52 - 2019-01-16 13:52 - 000000000 ____D C:\Users\diego\AppData\Local\ElevatedDiagnostics
2019-01-16 12:55 - 2019-01-16 12:55 - 000003120 _____ C:\WINDOWS\SysWOW64\MFV4EJ8S.ocx
2019-01-16 12:55 - 2019-01-16 12:55 - 000003120 _____ C:\WINDOWS\IBIURVFF.ocx
2019-01-16 12:54 - 2019-01-16 12:54 - 000000851 _____ C:\Users\Public\Desktop\EGA Futura 797.lnk
2019-01-16 12:53 - 2019-01-16 13:17 - 000000000 ____D C:\StockBase_POS_2033.797
2019-01-16 12:53 - 2019-01-16 12:53 - 000000000 ____D C:\Users\diego\AppData\Local\PackageAware
2019-01-16 12:49 - 2019-01-16 12:51 - 061356324 _____ (EGA Futura ) C:\Users\diego\Downloads\StockBase_POS.exe
2019-01-16 04:07 - 2019-01-02 16:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-16 04:07 - 2019-01-02 16:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-16 02:03 - 2019-01-16 02:03 - 000000000 ____D C:\Users\diego\AppData\Local\DBG
2019-01-16 00:33 - 2019-01-16 00:33 - 000000000 ____D C:\media
2019-01-16 00:18 - 2019-01-16 00:34 - 000000000 ____D C:\Users\Public\PC-NVR
2019-01-16 00:17 - 2019-02-03 00:26 - 000000000 ____D C:\Users\Public\SmartPSS
2019-01-16 00:17 - 2019-01-16 00:17 - 000001421 _____ C:\Users\Public\Desktop\SmartPSS.lnk
2019-01-16 00:17 - 2019-01-16 00:17 - 000001393 _____ C:\Users\Public\Desktop\PC-NVR.lnk
2019-01-16 00:17 - 2019-01-16 00:17 - 000000000 ____D C:\Program Files (x86)\Smart Professional Surveillance System
2019-01-16 00:13 - 2019-01-16 00:16 - 107443586 _____ C:\Users\diego\Downloads\DH_SmartPSS_International_Win32_IS_V2_02_1_R_180619.zip
2019-01-16 00:00 - 2019-01-16 00:00 - 000000000 ____D C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-16 00:00 - 2019-01-16 00:00 - 000000000 ____D C:\Program Files\WinRAR
2019-01-15 23:59 - 2019-01-16 00:00 - 003253552 _____ (Alexander Roshal) C:\Users\diego\Downloads\winrar-x64-561es.exe
2019-01-15 23:46 - 2019-01-15 23:46 - 000000000 ____D C:\Users\diego\AppData\Roaming\WinRAR
2019-01-15 22:17 - 2019-01-15 22:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-15 22:17 - 2019-01-15 22:17 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-15 22:06 - 2019-01-01 10:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-15 22:06 - 2019-01-01 10:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-15 22:06 - 2019-01-01 10:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-15 22:06 - 2019-01-01 04:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-15 22:06 - 2019-01-01 04:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-15 22:06 - 2019-01-01 04:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-15 22:06 - 2019-01-01 04:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-15 22:06 - 2019-01-01 04:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-15 22:06 - 2019-01-01 04:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-15 22:06 - 2019-01-01 04:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-15 22:06 - 2019-01-01 04:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-15 22:06 - 2019-01-01 04:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-15 22:06 - 2019-01-01 04:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-15 22:06 - 2019-01-01 04:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-15 22:06 - 2019-01-01 03:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-15 22:06 - 2019-01-01 03:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-15 22:06 - 2019-01-01 03:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-15 22:06 - 2019-01-01 03:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-15 22:06 - 2019-01-01 03:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-15 22:06 - 2019-01-01 03:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-15 22:06 - 2019-01-01 03:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-15 22:06 - 2019-01-01 03:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-15 22:06 - 2019-01-01 03:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-15 22:06 - 2019-01-01 03:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-15 22:06 - 2019-01-01 03:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-15 22:06 - 2019-01-01 03:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-15 22:06 - 2019-01-01 03:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-15 22:06 - 2019-01-01 03:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-15 22:06 - 2019-01-01 03:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-15 22:06 - 2019-01-01 03:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-15 22:06 - 2019-01-01 03:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-15 22:06 - 2019-01-01 03:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-15 22:06 - 2019-01-01 03:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-15 22:06 - 2019-01-01 03:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-15 22:06 - 2019-01-01 03:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-15 22:06 - 2019-01-01 03:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-15 22:06 - 2019-01-01 03:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-15 22:06 - 2019-01-01 03:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-15 22:06 - 2019-01-01 03:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-15 22:06 - 2019-01-01 03:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-15 22:06 - 2019-01-01 03:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-15 22:06 - 2019-01-01 03:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-15 22:06 - 2019-01-01 03:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-15 22:06 - 2019-01-01 03:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-15 22:06 - 2018-12-19 01:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-15 22:06 - 2018-12-14 04:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-01-15 22:06 - 2018-12-14 04:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-15 22:06 - 2018-12-14 04:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-01-15 22:06 - 2018-12-14 04:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-01-15 22:06 - 2018-12-14 04:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-01-15 22:06 - 2018-12-14 04:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-01-15 22:06 - 2018-12-14 04:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-01-15 22:06 - 2018-12-14 04:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-01-15 22:06 - 2018-12-14 03:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-15 22:06 - 2018-12-14 03:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-01-15 22:06 - 2018-12-14 03:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-15 22:06 - 2018-12-14 03:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-01-15 22:06 - 2018-12-14 03:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-15 22:06 - 2018-12-14 03:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 001786896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 001627656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 001422864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 001038352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 000830480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 000750096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 000670224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2019-01-15 22:06 - 2018-12-08 09:47 - 000495632 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-01-15 22:06 - 2018-12-08 09:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-01-15 22:06 - 2018-12-08 09:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-15 22:06 - 2018-12-08 09:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-01-15 22:06 - 2018-12-08 09:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-15 22:06 - 2018-12-08 09:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-01-15 22:06 - 2018-12-08 09:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2019-01-15 22:06 - 2018-12-08 09:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-01-15 22:06 - 2018-12-08 09:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-01-15 22:06 - 2018-12-08 09:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-01-15 22:06 - 2018-12-08 09:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-01-15 22:06 - 2018-12-08 09:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-01-15 22:06 - 2018-12-08 09:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-01-15 22:06 - 2018-12-08 09:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-01-15 22:06 - 2018-12-08 09:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-01-15 22:06 - 2018-12-08 09:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-01-15 22:06 - 2018-12-08 09:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-01-15 22:06 - 2018-12-08 09:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-01-15 22:06 - 2018-12-08 09:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-01-15 22:06 - 2018-12-08 09:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-01-15 22:06 - 2018-12-08 09:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-01-15 22:06 - 2018-12-08 05:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-01-15 22:06 - 2018-12-08 05:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-01-15 22:06 - 2018-12-08 05:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2019-01-15 22:06 - 2018-12-08 05:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-01-15 22:06 - 2018-12-08 05:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-01-15 22:06 - 2018-12-08 05:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-01-15 22:06 - 2018-12-08 05:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-01-15 22:06 - 2018-12-08 05:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-01-15 22:06 - 2018-12-08 05:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-01-15 22:06 - 2018-12-08 05:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-01-15 22:06 - 2018-12-08 05:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-01-15 22:06 - 2018-12-08 05:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-01-15 22:06 - 2018-12-08 05:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-01-15 22:06 - 2018-12-08 05:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2019-01-15 22:06 - 2018-12-08 05:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-15 22:06 - 2018-12-08 05:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-15 22:06 - 2018-12-08 05:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-01-15 22:06 - 2018-12-08 05:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-01-15 22:06 - 2018-12-08 05:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-01-15 22:06 - 2018-12-08 05:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-01-15 22:06 - 2018-12-08 05:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-01-15 22:06 - 2018-12-08 05:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-01-15 22:06 - 2018-12-08 04:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2019-01-15 22:06 - 2018-12-08 04:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-01-15 22:06 - 2018-12-08 04:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-15 22:06 - 2018-12-08 04:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-01-15 22:06 - 2018-12-08 04:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2019-01-15 22:06 - 2018-12-08 04:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-01-15 22:06 - 2018-12-08 04:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-15 22:06 - 2018-12-08 04:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2019-01-15 22:06 - 2018-12-08 04:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-01-15 22:06 - 2018-12-08 04:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-01-15 22:06 - 2018-12-08 04:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-01-15 22:06 - 2018-12-08 04:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-01-15 22:06 - 2018-12-08 04:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-01-15 22:06 - 2018-12-08 04:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-01-15 22:06 - 2018-12-08 04:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-01-15 22:06 - 2018-12-08 04:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-01-15 22:06 - 2018-12-08 04:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-01-15 22:06 - 2018-12-08 04:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2019-01-15 22:06 - 2018-12-08 04:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-01-15 22:06 - 2018-12-08 04:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-01-15 22:06 - 2018-12-08 04:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-01-15 22:06 - 2018-12-08 04:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2019-01-15 22:06 - 2018-12-08 04:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-01-15 22:06 - 2018-12-08 04:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-01-15 22:06 - 2018-12-08 04:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-01-15 22:06 - 2018-12-08 04:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-01-15 22:06 - 2018-12-08 04:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-01-15 22:06 - 2018-12-08 04:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2019-01-15 22:06 - 2018-12-08 04:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-01-15 22:06 - 2018-12-08 04:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-01-15 22:06 - 2018-12-08 04:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-01-15 22:06 - 2018-12-08 04:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-01-15 22:06 - 2018-12-08 04:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-01-15 22:06 - 2018-12-08 04:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2019-01-15 22:06 - 2018-12-08 04:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-01-15 22:06 - 2018-12-08 04:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-01-15 22:06 - 2018-12-08 04:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-01-15 22:06 - 2018-12-08 04:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-01-15 22:06 - 2018-12-08 04:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-01-15 22:06 - 2018-12-08 04:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2019-01-15 22:06 - 2018-12-08 04:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2019-01-15 22:06 - 2018-12-08 04:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-01-15 22:06 - 2018-12-08 04:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-01-15 22:06 - 2018-12-08 04:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-01-15 22:06 - 2018-12-08 04:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-01-15 22:06 - 2018-12-08 04:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-01-15 22:06 - 2018-12-08 04:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-01-15 22:06 - 2018-12-08 04:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-01-15 22:06 - 2018-12-08 04:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-01-15 22:06 - 2018-12-08 04:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-01-15 22:06 - 2018-12-08 04:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-01-15 22:06 - 2018-12-08 04:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-01-15 22:06 - 2018-12-08 04:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-01-15 22:06 - 2018-12-08 04:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-01-15 22:06 - 2018-12-08 04:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-01-15 22:06 - 2018-12-08 04:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-01-15 22:06 - 2018-12-08 04:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-01-15 22:06 - 2018-12-08 04:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2019-01-15 22:06 - 2018-12-08 04:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-01-15 22:06 - 2018-12-08 04:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-01-15 22:06 - 2018-11-09 03:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-01-15 22:06 - 2018-11-09 02:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-01-15 22:06 - 2018-11-09 02:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2019-01-15 22:06 - 2018-11-09 02:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-01-15 22:06 - 2018-11-09 02:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2019-01-15 22:06 - 2018-11-09 02:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-01-15 22:06 - 2018-11-09 02:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2019-01-15 22:06 - 2018-11-09 02:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-01-15 22:06 - 2018-11-09 02:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-01-15 22:06 - 2018-11-09 02:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-01-15 22:06 - 2018-11-09 02:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-01-15 22:06 - 2018-11-09 02:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-01-15 22:06 - 2018-11-09 02:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-01-15 22:06 - 2018-11-09 02:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2019-01-15 22:06 - 2018-11-09 02:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-01-15 22:06 - 2018-11-09 02:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2019-01-15 22:06 - 2018-11-09 02:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-01-15 22:06 - 2018-11-08 23:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-01-15 22:06 - 2018-11-08 23:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-01-15 22:06 - 2018-11-08 23:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2019-01-15 22:06 - 2018-11-08 23:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-01-15 22:06 - 2018-11-08 23:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2019-01-15 22:06 - 2018-11-08 23:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-01-15 22:06 - 2018-11-08 23:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-01-15 22:06 - 2018-11-08 23:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-01-15 22:06 - 2018-11-08 23:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-01-15 22:06 - 2018-11-08 23:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-01-15 22:06 - 2018-11-08 23:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-01-15 22:06 - 2018-11-08 23:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-01-15 22:06 - 2018-11-08 23:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2019-01-15 22:06 - 2018-11-08 23:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-01-15 22:06 - 2018-11-08 23:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-01-15 22:06 - 2018-11-08 23:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-01-15 22:06 - 2018-11-08 23:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-01-15 22:06 - 2018-11-08 23:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-01-15 22:06 - 2018-11-08 23:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-01-15 22:06 - 2018-11-08 23:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2019-01-15 22:06 - 2018-11-08 23:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2019-01-15 22:06 - 2018-11-08 23:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-01-15 22:06 - 2018-11-08 23:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-01-15 22:06 - 2018-11-08 23:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-01-15 22:06 - 2018-11-08 23:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-01-15 22:06 - 2018-11-08 23:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-01-15 22:06 - 2018-11-08 23:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-01-15 22:06 - 2018-11-08 23:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-01-15 22:06 - 2018-11-08 23:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-01-15 22:06 - 2018-11-08 23:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-01-15 22:06 - 2018-11-08 23:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-01-15 22:06 - 2018-11-08 23:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-01-15 22:06 - 2018-11-08 23:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-01-15 22:06 - 2018-11-08 23:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-01-15 22:06 - 2018-11-08 23:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2019-01-15 22:06 - 2018-11-08 23:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-01-15 22:06 - 2018-11-08 22:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-01-15 22:06 - 2018-11-08 22:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-01-15 22:06 - 2018-11-08 22:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2019-01-15 22:06 - 2018-11-08 22:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-01-15 22:06 - 2018-11-08 22:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-01-15 22:06 - 2018-11-08 22:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-01-15 22:06 - 2018-11-08 22:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-01-15 22:06 - 2018-11-08 22:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-01-15 22:06 - 2018-11-08 22:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-01-15 22:06 - 2018-11-08 22:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-01-15 22:06 - 2018-11-08 22:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-01-15 22:06 - 2018-11-08 22:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-01-15 22:06 - 2018-11-08 22:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-01-15 22:06 - 2018-11-08 22:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-01-15 22:05 - 2019-01-15 22:05 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-15 22:05 - 2019-01-01 10:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-15 22:05 - 2019-01-01 10:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-15 22:05 - 2019-01-01 10:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-15 22:05 - 2019-01-01 10:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-15 22:05 - 2019-01-01 10:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-15 22:05 - 2019-01-01 10:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-15 22:05 - 2019-01-01 10:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-15 22:05 - 2019-01-01 04:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-15 22:05 - 2019-01-01 04:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-15 22:05 - 2019-01-01 04:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-15 22:05 - 2019-01-01 04:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-15 22:05 - 2019-01-01 04:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-15 22:05 - 2019-01-01 04:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-15 22:05 - 2019-01-01 04:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-15 22:05 - 2019-01-01 04:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-15 22:05 - 2019-01-01 04:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-15 22:05 - 2019-01-01 03:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-15 22:05 - 2019-01-01 03:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-15 22:05 - 2019-01-01 03:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-15 22:05 - 2019-01-01 03:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-15 22:05 - 2019-01-01 03:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-15 22:05 - 2019-01-01 03:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-15 22:05 - 2019-01-01 03:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-15 22:05 - 2019-01-01 03:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-15 22:05 - 2019-01-01 03:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-15 22:05 - 2019-01-01 03:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-15 22:05 - 2019-01-01 03:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-15 22:05 - 2019-01-01 03:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-15 22:05 - 2019-01-01 03:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-15 22:05 - 2019-01-01 03:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-15 22:05 - 2019-01-01 03:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-15 22:05 - 2019-01-01 03:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-15 22:05 - 2019-01-01 03:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-15 22:05 - 2019-01-01 03:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-15 22:05 - 2019-01-01 03:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-15 22:05 - 2019-01-01 03:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-15 22:05 - 2019-01-01 03:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-15 22:05 - 2019-01-01 03:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-15 22:05 - 2019-01-01 03:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-15 22:05 - 2019-01-01 03:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-15 22:05 - 2019-01-01 03:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-15 22:05 - 2019-01-01 02:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-15 22:05 - 2018-12-14 04:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-01-15 22:05 - 2018-12-14 03:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-01-15 22:05 - 2018-12-14 03:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-01-15 22:05 - 2018-12-08 09:48 - 000034104 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2019-01-15 22:05 - 2018-12-08 09:47 - 000954384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000825352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000399880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000258064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000231440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2019-01-15 22:05 - 2018-12-08 09:47 - 000228368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000201744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2019-01-15 22:05 - 2018-12-08 09:47 - 000180752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2019-01-15 22:05 - 2018-12-08 09:47 - 000173072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2019-01-15 22:05 - 2018-12-08 09:43 - 000304144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-01-15 22:05 - 2018-12-08 09:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-01-15 22:05 - 2018-12-08 09:27 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
2019-01-15 22:05 - 2018-12-08 09:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-01-15 22:05 - 2018-12-08 09:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2019-01-15 22:05 - 2018-12-08 09:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2019-01-15 22:05 - 2018-12-08 09:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-01-15 22:05 - 2018-12-08 05:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-01-15 22:05 - 2018-12-08 05:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-01-15 22:05 - 2018-12-08 05:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-01-15 22:05 - 2018-12-08 05:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-01-15 22:05 - 2018-12-08 05:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-01-15 22:05 - 2018-12-08 05:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2019-01-15 22:05 - 2018-12-08 05:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-01-15 22:05 - 2018-12-08 05:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-01-15 22:05 - 2018-12-08 05:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2019-01-15 22:05 - 2018-12-08 05:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2019-01-15 22:05 - 2018-12-08 05:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2019-01-15 22:05 - 2018-12-08 05:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-01-15 22:05 - 2018-12-08 05:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-01-15 22:05 - 2018-12-08 05:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-01-15 22:05 - 2018-12-08 05:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-01-15 22:05 - 2018-12-08 05:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2019-01-15 22:05 - 2018-12-08 04:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2019-01-15 22:05 - 2018-12-08 04:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-01-15 22:05 - 2018-12-08 04:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2019-01-15 22:05 - 2018-12-08 04:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-01-15 22:05 - 2018-12-08 04:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-01-15 22:05 - 2018-12-08 04:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2019-01-15 22:05 - 2018-12-08 04:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-01-15 22:05 - 2018-12-08 04:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2019-01-15 22:05 - 2018-12-08 04:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2019-01-15 22:05 - 2018-12-08 04:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-01-15 22:05 - 2018-12-08 04:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-01-15 22:05 - 2018-12-08 04:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-01-15 22:05 - 2018-12-08 04:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-01-15 22:05 - 2018-12-08 04:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2019-01-15 22:05 - 2018-12-08 04:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-01-15 22:05 - 2018-12-08 04:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-01-15 22:05 - 2018-12-08 04:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-01-15 22:05 - 2018-12-08 04:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-01-15 22:05 - 2018-12-08 04:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-01-15 22:05 - 2018-12-08 04:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll

SEGUNDA PARTE

 2019-01-15 22:05 - 2018-12-08 04:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
    2019-01-15 22:05 - 2018-12-08 04:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2019-01-15 22:05 - 2018-12-08 04:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2019-01-15 22:05 - 2018-12-08 04:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2019-01-15 22:05 - 2018-12-08 04:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-01-15 22:05 - 2018-12-08 04:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
    2019-01-15 22:05 - 2018-12-08 04:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2019-01-15 22:05 - 2018-12-08 04:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
    2019-01-15 22:05 - 2018-12-08 04:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2019-01-15 22:05 - 2018-12-08 04:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2019-01-15 22:05 - 2018-11-09 03:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
    2019-01-15 22:05 - 2018-11-09 02:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
    2019-01-15 22:05 - 2018-11-09 02:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
    2019-01-15 22:05 - 2018-11-08 23:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
    2019-01-15 22:05 - 2018-11-08 23:22 - 000097792 _____ (Microsoft Corporation) 
C:\WINDOWS\system32\winhttpcom.dll
    2019-01-15 22:05 - 2018-11-08 23:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
    2019-01-15 22:05 - 2018-11-08 23:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
    2019-01-15 22:05 - 2018-11-08 23:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-01-15 22:05 - 2018-11-08 23:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
    2019-01-15 22:05 - 2018-11-08 23:19 - 000726528 _____ (Microsoft Corporation) 
C:\WINDOWS\system32\jscript9diag.dll
    2019-01-15 22:05 - 2018-11-08 23:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
    2019-01-15 22:05 - 2018-11-08 23:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
    2019-01-15 22:05 - 2018-11-08 22:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
    2019-01-15 22:05 - 2018-11-08 22:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-01-15 22:05 - 2018-11-08 22:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
    2019-01-15 22:05 - 2018-11-08 22:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
    2019-01-15 22:05 - 2018-11-08 22:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2019-01-15 22:05 - 2018-11-08 22:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
     000000 ____D C:\Program Files\rempl
    2019-01-15 14:36 - 2019-01-15 22:05 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2019-01-15 14:36 - 2019-01-15 14:36 - 000000000 ____D C:\Program Files\Intel
    2019-01-15 14:36 - 2019-01-15 14:36 - 000000000 ____D C:\Intel
    2019-01-15 14:36 - 2019-01-15 14:36 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
    2019-01-15 14:36 - 2018-11-19 19:57 - 000136704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
    2019-01-15 14:34 - 2019-02-03 00:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-01-15 14:34 - 2019-01-24 16:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
    2019-01-15 14:33 - 2019-02-03 02:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-01-15 14:33 - 2019-01-16 04:06 - 000235056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-01-15 14:33 - 2019-01-15 14:33 - 000000000 ____D C:\WINDOWS\ServiceProfiles
    2019-01-15 12:36 - 2019-01-15 12:36 - 000000000 ____D C:\Users\diego\AppData\Local\TeamViewer
    2019-01-15 12:33 - 2019-02-03 00:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2019-01-15 12:33 - 2019-01-27 20:07 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
    2019-01-15 12:33 - 2019-01-15 12:33 - 000000000 ____D C:\Users\diego\AppData\Roaming\TeamViewer
    2019-01-15 12:31 - 2019-01-15 12:33 - 022647512 _____ (TeamViewer GmbH) C:\Users\diego\Downloads\TeamViewer_Setup.exe
    2019-01-15 12:29 - 2019-01-15 12:29 - 000001957 _____ C:\Users\Public\Desktop\AnyDesk.lnk
    2019-01-15 12:29 - 2019-01-15 12:29 - 000000000 ____D C:\Program Files (x86)\AnyDesk
    2019-01-15 12:21 - 2019-01-15 12:21 - 002126120 _____ C:\Users\diego\Downloads\AnyDesk.exe
    2019-01-15 12:21 - 2019-01-15 12:21 - 000000000 ____D C:\Users\diego\AppData\Roaming\AnyDesk
    2019-01-15 12:16 - 2019-01-15 12:16 - 000000000 ____D C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
    2019-01-15 12:15 - 2019-01-15 12:15 - 000000000 ____D C:\Users\diego\AppData\Roaming\Google
    2019-01-15 12:13 - 2019-01-15 12:13 - 000002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-01-15 12:12 - 2019-01-15 14:21 - 000000000 ____D C:\Users\diego\AppData\Local\Comms
    2019-01-15 12:12 - 2019-01-15 13:10 - 000000000 ____D C:\Users\diego\AppData\Local\Google
    2019-01-15 12:12 - 2019-01-15 12:13 - 000000000 ____D C:\Program Files (x86)\Google
    2019-01-15 12:12 - 2019-01-15 12:12 - 000003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2019-01-15 12:12 - 2019-01-15 12:12 - 000003432 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2019-01-15 12:11 - 2019-01-15 12:11 - 001136176 _____ (Google Inc.) C:\Users\diego\Downloads\ChromeSetup.exe
    2019-01-15 12:03 - 2019-01-15 11:58 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2019-01-15 12:00 - 2019-01-17 12:07 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-554391025-2556448295-3555311632-1001
    2019-01-15 11:57 - 2019-01-17 12:08 - 000000000 ___RD C:\Users\diego\OneDrive
    2019-01-15 11:57 - 2019-01-16 17:03 - 000000000 ____D C:\Users\diego\AppData\Local\PlaceholderTileLogoFolder
    2019-01-15 11:56 - 2019-01-15 11:56 - 000001417 _____ C:\Users\diego\Desktop\Microsoft Edge.lnk
    2019-01-15 11:55 - 2019-01-15 12:45 - 000000000 ____D C:\Users\diego\AppData\Local\Publishers
    2019-01-15 11:55 - 2019-01-15 11:55 - 000000000 ___HD C:\Users\diego\MicrosoftEdgeBackups
    2019-01-15 11:55 - 2019-01-15 11:55 - 000000000 ____D C:\Users\diego\AppData\Local\MicrosoftEdge
    2019-01-15 11:54 - 2019-02-03 00:23 - 000000000 __SHD C:\Users\diego\IntelGraphicsProfiles
    2019-01-15 11:54 - 2019-02-02 23:35 - 000000000 ____D C:\Users\diego\AppData\Local\Packages
    2019-01-15 11:54 - 2019-01-16 04:07 - 000000000 __RHD C:\Users\Public\AccountPictures
    2019-01-15 11:54 - 2019-01-16 04:07 - 000000000 ___RD C:\Users\diego\3D Objects
    2019-01-15 11:54 - 2019-01-16 02:04 - 000000000 ____D C:\Users\diego\AppData\Local\VirtualStore
    2019-01-15 11:54 - 2019-01-15 11:55 - 000000000 ____D C:\Users\diego\AppData\Local\Intel
    2019-01-15 11:54 - 2019-01-15 11:55 - 000000000 ____D C:\Users\diego\AppData\Local\ConnectedDevicesPlatform
    2019-01-15 11:54 - 2019-01-15 11:54 - 000000000 ____D C:\Users\diego\AppData\Roaming\Adobe
    2019-01-15 11:52 - 2019-01-23 16:05 - 000000000 ____D C:\Users\diego
    2019-01-15 11:52 - 2019-01-17 12:07 - 000002363 _____ C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-01-15 11:52 - 2019-01-15 11:52 - 000000020 ___SH C:\Users\diego\ntuser.ini
    2019-01-15 11:50 - 2019-01-15 11:51 - 000000000 ____D C:\WINDOWS\InfusedApps
    2019-01-15 11:49 - 2019-01-15 11:49 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
    2019-01-15 11:49 - 2019-01-15 11:49 - 000000000 ____D C:\WINDOWS\Setup
    2019-01-15 11:48 - 2019-01-15 11:50 - 000000000 ____D C:\WINDOWS\containers
    2019-01-15 11:47 - 2019-02-03 00:29 - 001673686 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-01-15 11:45 - 2019-02-03 00:29 - 000745148 _____ C:\WINDOWS\system32\perfh00A.dat
    2019-01-15 11:45 - 2019-02-03 00:29 - 000144250 _____ C:\WINDOWS\system32\perfc00A.dat
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\yo-NG
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\wo-SN
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\ti-ET
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\rw-RW
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\ig-NG
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
    2019-01-15 11:45 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\vi-VN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ur-PK
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ug-CN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\tt-RU
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\tk-TM
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\te-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\sw-KE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\sq-AL
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\quz-PE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\prs-AF
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\pa-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\or-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\nn-NO
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ne-NP
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\mt-MT
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\mr-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\mn-MN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ml-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\mk-MK
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\lo-LA
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\lb-LU
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ky-KG
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\kok-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\kn-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\km-KH
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ka-GE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\is-IS
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\id-ID
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\hy-AM
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\gu-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\gd-GB
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ga-IE
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\fil-PH
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\fa-IR
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\cy-GB
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\bn-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\bn-BD
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\be-BY
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\as-IN
    2019-01-15 11:45 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\af-ZA
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\hi-IN
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\gl-ES
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\eu-ES
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\ca-ES
    2019-01-15 11:45 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\OCR
    2019-01-15 11:45 - 2019-01-15 11:44 - 000346834 _____ C:\WINDOWS\system32\perfi00A.dat
    2019-01-15 11:45 - 2019-01-15 11:44 - 000043954 _____ C:\WINDOWS\system32\perfd00A.dat
    2019-01-15 11:45 - 2018-04-11 20:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\es
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\winrm
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\WCN
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\slmgr
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\es
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\0409
    2019-01-15 11:44 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\DigitalLocker
    2019-01-15 11:39 - 2019-02-03 00:23 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-01-15 11:39 - 2019-02-02 23:35 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-01-15 11:39 - 2019-02-02 23:34 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
    2019-01-15 11:39 - 2019-02-02 03:23 - 000000000 ___RD C:\Program Files (x86)
    2019-01-15 11:39 - 2019-01-16 04:13 - 000000000 ____D C:\WINDOWS\appcompat
    2019-01-15 11:39 - 2019-01-16 04:04 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2019-01-15 11:39 - 2019-01-16 04:04 - 000000000 ____D C:\WINDOWS\TextInput
    2019-01-15 11:39 - 2019-01-16 04:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2019-01-15 11:39 - 2019-01-16 04:03 - 000000000 ____D C:\WINDOWS\ShellComponents
    2019-01-15 11:39 - 2019-01-16 04:03 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-01-15 11:39 - 2019-01-15 14:41 - 000000000 ____D C:\WINDOWS\CSC
    2019-01-15 11:39 - 2019-01-15 14:37 - 000000000 ___RD C:\WINDOWS\PrintDialog
    2019-01-15 11:39 - 2019-01-15 13:57 - 000000000 ____D C:\Program Files\Windows Defender
    2019-01-15 11:39 - 2019-01-15 11:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
    2019-01-15 11:39 - 2019-01-15 11:50 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ___SD C:\WINDOWS\system32\UNP
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ___SD C:\WINDOWS\system32\F12
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ta-in
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\si-lk
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\setup
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\oobe
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\Dism
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\system32\am-et
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\Provisioning
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\Program Files\Windows Photo Viewer
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
    2019-01-15 11:39 - 2019-01-15 11:48 - 000000000 ____D C:\Program Files (x86)\Windows Defender
    2019-01-15 11:39 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\spool
    2019-01-15 11:39 - 2019-01-15 11:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ___SD C:\WINDOWS\system32\dsc
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\SysWOW64\com
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\Sysprep
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\MUI
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\migwiz
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\system32\com
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\IME
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\Help
    2019-01-15 11:39 - 2019-01-15 11:44 - 000000000 ____D C:\Program Files\Common Files\system
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 __SHD C:\Program Files\Windows Sidebar
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 __RSD C:\WINDOWS\media
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 __RHD C:\Users\Public\Libraries
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___SD C:\WINDOWS\system32\Nui
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___SD C:\WINDOWS\system32\Configuration
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___SD C:\WINDOWS\system32\AppV
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Web
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\WaaS
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Vss
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\tracing
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\TAPI
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SystemResources
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SystemApps
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\winevt
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\ta-lk
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\ras
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\PointOfService
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\NDF
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\my-mm
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\MsDtc
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\Ipmi
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\InputMethod
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\inetsrv
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\IME
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\icsxml
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\ias
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\hydrogen
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\DriverState
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\downlevel
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\DDFs
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\config\TxR
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\config\Journal
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\Bthprops
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\AppLocker
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\System
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SKB
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\ServiceState
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\security
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\schemas
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\SchCache
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Resources
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\rescache
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\RemotePackages
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Registration
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\PLA
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Performance
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\ModemLogs
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\L2Schemas
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\InputMethod
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\IdentityCRL
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Globalization
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Cursors
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\Branding
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\addins
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files\Windows Security
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files\Windows Portable Devices
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files\windows nt
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files\Common Files\Services
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files (x86)\windows nt
    2019-01-15 11:39 - 2019-01-15 11:39 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
    2019-01-15 11:39 - 2019-01-15 11:37 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
    2019-01-15 11:39 - 2019-01-15 11:37 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
    2019-01-15 11:39 - 2019-01-15 11:37 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
    2019-01-15 11:39 - 2019-01-15 11:37 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
    2019-01-15 11:39 - 2019-01-15 11:37 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
    2019-01-15 11:39 - 2019-01-15 11:37 - 000017346 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
    2019-01-15 11:39 - 2019-01-15 11:37 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
    2019-01-15 11:39 - 2019-01-15 11:37 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
    2019-01-15 11:39 - 2019-01-15 11:37 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
    2019-01-15 11:39 - 2019-01-15 11:37 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
    2019-01-15 11:39 - 2019-01-15 11:37 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
    2019-01-15 11:39 - 2019-01-15 11:37 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
    2019-01-15 11:39 - 2019-01-15 11:37 - 000000219 _____ C:\WINDOWS\system.ini
    2019-01-15 11:39 - 2019-01-15 11:37 - 000000092 _____ C:\WINDOWS\win.ini
    2019-01-15 11:39 - 2018-11-19 19:57 - 000111616 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
    2019-01-15 11:38 - 2019-02-03 00:29 - 000000000 ____D C:\WINDOWS\INF
    2019-01-15 11:33 - 2019-01-15 22:17 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-01-15 11:27 - 2019-02-03 00:23 - 077070336 _____ C:\WINDOWS\system32\config\SOFTWARE
    2019-01-15 11:27 - 2019-02-03 00:22 - 014155776 _____ C:\WINDOWS\system32\config\SYSTEM
    2019-01-15 11:27 - 2019-02-03 00:22 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
    2019-01-15 11:27 - 2019-02-03 00:22 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2019-01-15 11:27 - 2019-02-03 00:22 - 000131072 _____ C:\WINDOWS\system32\config\SAM
    2019-01-15 11:27 - 2019-02-03 00:22 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
    2019-01-15 11:27 - 2019-01-17 16:03 - 000000000 ____D C:\WINDOWS\Panther
    2019-01-15 11:27 - 2019-01-15 12:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
    2019-01-15 11:27 - 2019-01-15 11:44 - 000000000 ____D C:\WINDOWS\servicing
    2019-01-15 11:27 - 2019-01-15 11:39 - 000000000 ____D C:\WINDOWS\system32\SMI
    2019-01-15 08:16 - 2019-01-15 11:51 - 000000000 ___HD C:\$SysReset

  ==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

==================== Bamital & volsnap ======================

  (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\dllhost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
    LastRegBack: 2019-01-15 14:33
    ==================== End of FRST.txt ============================

Hola:

Mientras reviso los reportes :slight_smile:

Recuerda que no veo tu ordenador, de donde? de tu navegador? de algún programa en uso? De tu escritorio?

Nos comentas.

Salu2

1 me gusta

Hola:

La imagen no la has subido correctamente.

Solo tienes que soltarla en el tema.

En cuanto a lo de las 21 hs lo reportare. De todas maneras solo dime si es en un navegador? Cual? O en el escritorio de Windows/ Sistema.

Salu2.

Hola @SanMar.

Muchas gracias por tu respuesta

Me aparece en el escritorio

Hola:

Prueba lo siguiente:

1.-

  • En la esquina superior derecha, haga clic en el botón del menú principal de Chrome, representado por tres puntos verticales. Cuando aparezca el menú desplegable, haga clic en “Configuración”.

  • Ahora debería aparecer el menú de “Configuración” de Chrome, desplácese hasta la parte inferior de la página y haga clic en “Avanzado”.

  • En la sección Privacidad y seguridad, haga clic en “Configuración de contenido”.

  • Haga clic en “Notificaciones”.

  • Encuentre el sitio Fireappear.fun y haga clic en el botón de tres puntos verticales al lado, luego haga clic en “Quitar”

2.- Posteriormente realiza los pasos de Eliminar PUP/Adware en: Google Chrome reestableciendo la configuración de Google Chrome.

3.- Ejecutaste FRST desde una ubicación incorrecta:

Running from C:\Users\diego*Downloads*

Lo cortas y lo pegas en tu escritorio.

Luego Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ShortcutWithArgument: C:\Users\diego\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas como sigue el problema.

Salu2.