Me infectó una pagina rusa


#1

Hola amigos (as),antes que todo sigo su pagina desde hace varios años y no hay nada mejor que Uds,no me había logeado pero ya fue tiempo de hacerlo. Después de estar en la página “intercambios virtuales” me recomendó buscar un programa en un buscador ruso…y ahí se me vino el problema he usado en algunas ocasiones el HiJackThis ,muchas en realidad,pero en Windows XP y 7 ,siempre con precaución e investigando cada ítem antes de borrar,pero ahora preferiría ayuda experta para esto tengo Windows 10 y dio este log a continuación espero que me puedan ayudar

Saludos


 Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.11

Platform:  x64 Windows 10 (Home Single Language), 10.0.17134.471 (ReleaseId: 1803), Service Pack: 0
Time:      23.12.2018 - 14:07 (UTC-03:00)
Language:  OS: Spanish (0x80A). Display: Spanish (0x80A). Non-Unicode: Spanish (0x340A)
Elevated:  Yes
Ran by:    arnold	(group: Administrator) on LAPTOP-279BD6ED, FirstRun: no

Edge:    11.0.17134.471
Internet Explorer: 11.0.17134.1
Default: "C:\WINDOWS\system32\LaunchWinApp.exe" "%1" (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
   1  C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
   1  C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
   1  C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
   1  C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
   1  C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
   1  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
   1  C:\Program Files\AMD\CNext\CNext\cnext.exe
   1  C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
   1  C:\Program Files\Bonjour\mDNSResponder.exe
   1  C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
   1  C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
   1  C:\Program Files\Elantech\ETDCtrl.exe
   1  C:\Program Files\Elantech\ETDCtrlHelper.exe
   1  C:\Program Files\Elantech\ETDService.exe
   1  C:\Program Files\Elantech\ETDTouch.exe
   1  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
   1  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
   1  C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
   1  C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
   1  C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
   1  C:\Users\arnal\Downloads\HiJackThis.exe
   2  C:\Windows\SysWOW64\svchost.exe
   1  C:\Windows\System32\ApplicationFrameHost.exe
   1  C:\Windows\System32\DbxSvc.exe
   8  C:\Windows\System32\RuntimeBroker.exe
   1  C:\Windows\System32\SearchIndexer.exe
   1  C:\Windows\System32\SecurityHealthService.exe
   1  C:\Windows\System32\SettingSyncHost.exe
   1  C:\Windows\System32\SgrmBroker.exe
   1  C:\Windows\System32\SystemSettingsBroker.exe
   1  C:\Windows\System32\atieclxx.exe
   1  C:\Windows\System32\atiesrxx.exe
   1  C:\Windows\System32\backgroundTaskHost.exe
   1  C:\Windows\System32\browser_broker.exe
   1  C:\Windows\System32\conhost.exe
   2  C:\Windows\System32\csrss.exe
   1  C:\Windows\System32\ctfmon.exe
   1  C:\Windows\System32\dasHost.exe
   2  C:\Windows\System32\dllhost.exe
   1  C:\Windows\System32\dwm.exe
   2  C:\Windows\System32\fontdrvhost.exe
   1  C:\Windows\System32\lsass.exe
   1  C:\Windows\System32\notepad.exe
   1  C:\Windows\System32\services.exe
   1  C:\Windows\System32\sihost.exe
   1  C:\Windows\System32\smartscreen.exe
   1  C:\Windows\System32\smss.exe
   1  C:\Windows\System32\spoolsv.exe
  70  C:\Windows\System32\svchost.exe
   2  C:\Windows\System32\taskhostw.exe
   1  C:\Windows\System32\wininit.exe
   1  C:\Windows\System32\winlogon.exe
   1  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
   8  C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
   1  C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
   1  C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
   2  C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp15-comm.msn.com/?pc=HRTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Search: [Default_Search_URL] = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp15-comm.msn.com/?pc=HRTE
R0 - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp15-comm.msn.com/?pc=HRTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main: [SearchAssistant] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126}: [URL] = https://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms} - GMX - Enhanced by Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [SuggestionsURL] = https://ie.search.yahoo.com/os?appid=ie8&command={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [TopResultURL] =   - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [URL] = https://cl.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__171229__yaie&p={searchTerms} - Yahoo!
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc}: [URL] = https://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms} - GMX - Enhanced by Google
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 skipittok.com
O1 - Hosts: 0.0.0.0 telemetry.malwarebytes.com
O1 - Hosts: 0.0.0.0 anchorfree.net
O1 - Hosts: 0.0.0.0 rss2search.com
O1 - Hosts: 0.0.0.0 techbrowsing.com
O1 - Hosts: 0.0.0.0 box.anchorfree.net
O1 - Hosts: 0.0.0.0 www.mefeedia.com
O1 - Hosts: 0.0.0.0 www.anchorfree.net
O1 - Hosts: 0.0.0.0 www.mefeedia.com
O1 - Hosts: 0.0.0.0 anchorfree.us
O1 - Hosts: 0.0.0.0 a433.com
O1 - Hosts: 0.0.0.0 anchorfree.net
O1 - Hosts: 0.0.0.0 rpt.anchorfree.net
O1 - Hosts: 0.0.0.0 delivery.anchorfree.us/land.php
O1 - Hosts: 0.0.0.0 hsselite.com
O1 - Hosts: 0.0.0.0 www.hsselite.com
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKCU\..\StartupApproved\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (2018/03/23)
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [StartCN] = c:\Program Files\AMD\CNext\CNext\cnext.exe atlogon
O4 - HKLM\..\Session Manager: [BootExecute] = C:\WINDOWS\system32\sdnclean64.exe
O4 - HKLM\..\StartupApproved\Run32: [CanonQuickMenu] = C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon (2017/12/14)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2018/03/23)
O4 - HKLM\..\StartupApproved\Run32: [HPMessageService] = C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (2018/03/23)
O4 - HKLM\..\StartupApproved\Run32: [PowerDVD14Agent] = C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (2017/12/14)
O4 - HKLM\..\StartupApproved\Run: [BtServer] = C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe (2018/03/23)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft) (2018/03/23)
O4 - HKLM\..\StartupApproved\Run: [WindowsDefender] = C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft) (2018/03/23)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - User Startup: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bvubbcij.lnk    ->    (lnk is corrupted)
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Ejecuta Comprobación de red de HP, que le ayuda a resolver problemas de conexión - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Comprobación de red de HP - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O17 - DHCP DNS 1: 200.83.1.4
O17 - DHCP DNS 2: 190.160.0.14
O17 - DHCP DNS 3: 200.30.192.15
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\   DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.0.dll
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): HPCeeScheduleForarnal.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForarnal (null)
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service R2: AdaptiveSleepService - c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service R2: BTDevManager - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HPWMISVC - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: WC Assistant - (WCAssistantService) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
O23 - Service R3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S2: Servicio de Actualización de Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: tbaseprovisioning - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Cyberlink RichVideo64 Service(CRVS) - (RichVideo64) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service S3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servicio de Actualización de Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc



Debug information:

- 23.12.2018 13:44:50 - modFile.OpenW - #0 LastDllError = 32 (El proceso no tiene acceso al archivo porque está siendo utilizado por otro proceso.) Cannot open file: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bvubbcij.lnk 

--
End of file - Time spent: 50,1 sec. - 33406 bytes, CRC32: FFFFFFFF. Sign: ꂣꬂ

#2

Hola Arnaldo, bienvenido al nuevo foro

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo


#4
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-24-2018
# Duration: 00:00:05
# OS:       Windows 10 Home Single Language
# Cleaned:  24
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\Users\arnal\AppData\Roaming\SPI
Deleted       C:\Users\arnal\AppData\Roaming\browsers
Deleted       C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Mail.Ru
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted       C:\Windows\rss

***** [ Files ] *****

Deleted       C:\Users\arnal\Favorites\?????? ? ?????????.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted       HKCU\Software\csastats
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
Deleted       HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted       HKLM\Software\Wow6432Node\Mail.Ru
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3881 octets] - [24/12/2018 19:46:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

lo anterior fue el informe de AdwCleaner Saludos


#5

Hola

Falta el reporte de Malwarebytes y no olvides comentar cómo sigue el problema.

Un saludo


#6

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 24/12/18
Hora del evento de protección: 18:25
Archivo de registro: 78bac778-07c2-11e9-9ce6-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8211
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del sitio web bloqueado-
Sitio web malicioso: 1
, , Bloqueado, [-1], [-1],0.0.0

-Datos de sitio web-
Categoría: Troyano
Dominio: 
Dirección IP: 130.255.73.90
Puerto: [51636]
Tipo: Saliente
Archivo: C:\Windows\explorer.exe



(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 24/12/18
Hora del evento de protección: 19:50
Archivo de registro: 468bd1fa-07ce-11e9-bf4d-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8475
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del malware bloqueado-
Archivo: 1
Generic.Malware/Suspicious, C:\Windows\Temp\url.exe, En cuarentena, [0], [392686],1.0.8475


(end)

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del evento de protección: 24/12/18
Hora del evento de protección: 18:34
Archivo de registro: ae46b0e0-07c3-11e9-9466-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8475
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Detalles del malware bloqueado-
Archivo: 1
Trojan.MalPack, C:\Users\arnal\AppData\Roaming\Microsoft\Windows\bvubbcij\svtfugfj.exe, En cuarentena, [510], [614099],1.0.8475


(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 24/12/18
Hora del análisis: 18:37
Archivo de registro: 1f0c2756-07c4-11e9-8705-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8475
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-279BD6ED\arnold

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 288947
Amenazas detectadas: 19
Amenazas en cuarentena: 19
Tiempo transcurrido: 3 min, 51 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 4
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OPERA SCHEDULED AUTOUPDATE 2796787680, En cuarentena, [407], [557703],1.0.8475
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A00A9753-C587-4C50-8D21-4B2232F64635}, En cuarentena, [407], [557703],1.0.8475
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{A00A9753-C587-4C50-8D21-4B2232F64635}, En cuarentena, [407], [557703],1.0.8475
Trojan.MalPack, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\owsmugoc, En cuarentena, [510], [614441],1.0.8475

Valor del registro: 1
Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A00A9753-C587-4C50-8D21-4B2232F64635}|PATH, En cuarentena, [407], [557701],1.0.8475

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 14
Trojan.Agent, C:\WINDOWS\SYSTEM32\TASKS\OPERA SCHEDULED AUTOUPDATE 2796787680, En cuarentena, [407], [557703],1.0.8475
Generic.Malware/Suspicious, C:\USERS\ARNAL\APPDATA\LOCAL\STOCKHOTIS.BIN, En cuarentena, [0], [392686],1.0.8475
Generic.Malware/Suspicious, C:\USERS\ARNAL\APPDATA\LOCAL\MEDSING.EXE, En cuarentena, [0], [392686],1.0.8475
Trojan.MalPack, C:\WINDOWS\SYSWOW64\OWSMUGOC\WBOORQGL.EXE, En cuarentena, [510], [614441],1.0.8475
Trojan.PasswordStealer, C:\PROGRAMDATA\HGZQBB.EXE, En cuarentena, [3543], [614063],1.0.8475
Adware.Csdimonetize, C:\USERS\ARNAL\APPDATA\ROAMING\4XMODJ5PQRM\1OTTAKVX3J3.EXE, En cuarentena, [2857], [614166],1.0.8475
Adware.Csdimonetize, C:\$RECYCLE.BIN\S-1-5-21-2530918004-119752134-1037699108-1001\$RV9Y1EC.LNK, En cuarentena, [2857], [609908],1.0.8475
Trojan.Agent.Generic, C:\USERS\ARNAL\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\BVUBBCIJ.LNK, En cuarentena, [3683], [536200],1.0.8475
Trojan.FakeSig, C:\USERS\ARNAL\APPDATA\LOCAL\TEMP\M1BBAT3L.IQQ\QIOWDE.EXE, En cuarentena, [452], [615037],1.0.8475
Trojan.MalPack, C:\USERS\ARNAL\APPDATA\LOCAL\TEMP\DLPN5YFS.5I2\APP.EXE, En cuarentena, [510], [614038],1.0.8475
Trojan.FakeSig, C:\USERS\ARNAL\APPDATA\LOCAL\TEMP\WR0LFIXA.2FZ\YDSAD.EXE, En cuarentena, [452], [615037],1.0.8475
Trojan.FakeSig, C:\USERS\ARNAL\APPDATA\LOCAL\TEMP\FEJ1QLTICKI\AUIFDEU.EXE, En cuarentena, [452], [615037],1.0.8475
Generic.Malware/Suspicious, C:\USERS\ARNAL\DOWNLOADS\DAEMON_TOOLS_LITE_10_7_0_0337_CRACK_2018_SERIAL_NUMBER_0637371808.EXE, En cuarentena, [0], [392686],1.0.8475
Adware.Linkury, C:\USERS\ARNAL\APPDATA\LOCAL\STATFIND.BIN, En cuarentena, [1148], [504848],1.0.8475

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/12/18
Hora del análisis: 11:52
Archivo de registro: d2599302-091d-11e9-b5b3-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8505
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 288841
Amenazas detectadas: 1
Amenazas en cuarentena: 0
Tiempo transcurrido: 13 min, 29 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
MachineLearning/Anomalous.100%, C:\WINDOWS\ZJZHZJHMN2I1MMQ4MTM3.EXE, Sin acciones por parte del usuario, [0], [392687],1.0.8505

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/12/18
Hora del análisis: 11:52
Archivo de registro: d2599302-091d-11e9-b5b3-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8505
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: System

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Programador de tareas
Resultado: Completado
Objetos analizados: 288841
Amenazas detectadas: 1
Amenazas en cuarentena: 0
Tiempo transcurrido: 13 min, 29 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
MachineLearning/Anomalous.100%, C:\WINDOWS\ZJZHZJHMN2I1MMQ4MTM3.EXE, Sin acciones por parte del usuario, [0], [392687],1.0.8505

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#7

no se si esta bien? lo anteriormente enviado cualquier cosa me mantengo antento Gracias


#8


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 26/12/18
Hora del análisis: 17:33
Archivo de registro: 8a0b2d2e-094d-11e9-9db8-98e7f4e84416.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8509
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.471)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-279BD6ED\arnold

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 289159
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 2 min, 9 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
MachineLearning/Anomalous.100%, C:\WINDOWS\ZJZHZJHMN2I1MMQ4MTM3.EXE, En cuarentena, [0], [392687],1.0.8509
Generic.Malware/Suspicious, C:\USERS\ARNAL\APPDATA\LOCAL\TEMP\7D5D.TMP.EXE, En cuarentena, [0], [392686],1.0.8509

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#9

Hola

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#10
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.12.2018
Ran by arnold (administrator) on LAPTOP-279BD6ED (27-12-2018 10:04:41)
Running from C:\Users\arnal\Downloads
Loaded Profiles: arnold (Available Profiles: arnold)
Platform: Windows 10 Home Single Language Version 1803 17134.471 (X64) Language: Español (México)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Failed to access process -> tbaseprovisioning.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8853760 2018-12-19] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => c:\Program Files\AMD\CNext\CNext\cnext.exe [4998856 2016-03-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3349216 2016-02-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2016-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4174464 2017-05-23] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{a965a0a0-2307-4853-aa1e-2082f6d36a89}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-2530918004-119752134-1037699108-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> DefaultScope {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: man6q23e.default
FF ProfilePath: C:\Users\arnal\AppData\Roaming\Mozilla\Firefox\Profiles\man6q23e.default [2018-12-27]
FF Extension: (AdBlocker Ultimate) - C:\Users\arnal\AppData\Roaming\Mozilla\Firefox\Profiles\man6q23e.default\Extensions\[email protected] [2018-12-25]
FF Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\arnal\AppData\Roaming\Mozilla\Firefox\Profiles\man6q23e.default\Extensions\[email protected] [2018-12-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-12-05] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-12-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-03-26] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2018-02-16] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] ()
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-12] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2016-02-03] (ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2018-12-19] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1776864 2017-05-23] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2131760 2017-05-23] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233936 2017-05-23] (Safer-Networking Ltd.)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [54808 2016-04-06] (Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-18] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-18] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27384 2016-04-06] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101112 2016-04-06] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [79120 2016-04-06] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [277240 2016-04-06] (Advanced Micro Devices, Inc. )
R1 CA318505356C; C:\WINDOWS\CA318505356C.sys [621416 2018-12-19] (VideoDriver)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-01-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-01-28] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31976 2016-02-03] (ELAN Microelectronic Corp.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2018-12-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2018-12-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2018-12-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2018-12-26] (Malwarebytes)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-04] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [611608 2015-10-07] (Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [408280 2016-02-03] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2018-04-11] (Realtek Semiconductor Corporation )
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-02-22] (Anchorfree Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2018-12-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2018-12-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error(1) reading file: "C:\Users\arnal\Downloads\Colección(1). "
2018-12-27 10:04 - 2018-12-27 10:05 - 000015248 _____ C:\Users\arnal\Downloads\FRST.txt
2018-12-27 10:04 - 2018-12-27 10:04 - 000000000 ____D C:\FRST
2018-12-27 10:03 - 2018-12-27 10:03 - 002421760 _____ (Farbar) C:\Users\arnal\Downloads\FRST64.exe
2018-12-27 01:45 - 2018-12-27 01:45 - 000172386 _____ C:\Users\arnal\Downloads\lista-comprobacion-como-hacer-una-pagina-web-para-mi-negocio-voxelartstudio.pdf
2018-12-26 21:26 - 2018-12-26 21:26 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-12-26 21:26 - 2018-12-26 21:26 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-12-26 21:26 - 2018-12-26 21:26 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-12-26 21:24 - 2018-12-26 21:24 - 000003658 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-12-26 21:24 - 2018-12-26 21:24 - 000000000 ____D C:\WINDOWS\ABR
2018-12-26 21:24 - 2018-12-26 21:24 - 000000000 ____D C:\Users\arnal\Downloads\Backups
2018-12-26 15:57 - 2018-12-26 15:57 - 000519234 _____ C:\Users\arnal\Downloads\China Sensor Supplier ABS Wheel Speed Sensor O2 Lambda Sensor Auto Oxygen Sensor 0258986602 - China Auto Oxygen Sensor, Lambda Sensor.html
2018-12-26 15:57 - 2018-12-26 15:57 - 000000000 ____D C:\Users\arnal\Downloads\China Sensor Supplier ABS Wheel Speed Sensor O2 Lambda Sensor Auto Oxygen Sensor 0258986602 - China Auto Oxygen Sensor, Lambda Sensor_files
2018-12-26 12:50 - 2018-12-26 12:50 - 000363611 _____ C:\Users\arnal\Downloads\Analisis-SEO-Gratis.pdf
2018-12-26 12:41 - 2018-12-26 15:01 - 000011208 _____ C:\Users\arnal\Downloads\sensores.xlsx
2018-12-26 12:34 - 2018-12-26 12:34 - 000935124 _____ C:\Users\arnal\Downloads\Webmaestro.pdf
2018-12-25 21:40 - 2018-12-25 21:40 - 302440858 _____ C:\Users\arnal\Downloads\DW-19-(32-64bits).rar
2018-12-25 21:19 - 2018-12-25 21:20 - 000000000 ____D C:\Users\arnal\Downloads\Internet Business Promoter
2018-12-25 21:09 - 2018-12-25 21:11 - 000000000 ____D C:\Users\arnal\Downloads\Incomedia WebSite X5 Professional v16
2018-12-25 12:25 - 2018-12-25 12:30 - 000000000 ____D C:\Users\arnal\Downloads\WinZip Registry Optimizer
2018-12-25 12:24 - 2018-12-25 12:24 - 000002036 _____ C:\Users\arnal\Downloads\CARACTERISTICAS.txt
2018-12-25 11:52 - 2018-12-25 12:14 - 000000000 ____D C:\Users\arnal\Desktop\Inspiration.v9.0.3.SPANiSH.CRACKED
2018-12-25 11:52 - 2018-12-25 12:10 - 000000000 ____D C:\Users\arnal\Desktop\Incomedia.WebSite.X5.Professional.v10.1.4.45.MULTILINGUAL-CRD
2018-12-25 10:25 - 2018-12-25 10:26 - 000000000 ____D C:\Users\arnal\Downloads\Destroy Windows 10 Spying v
2018-12-25 02:34 - 2018-12-25 02:41 - 000000000 ____D C:\Users\arnal\AppData\Local\Mozilla
2018-12-25 02:34 - 2018-12-25 02:34 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-25 02:34 - 2018-12-25 02:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-25 02:34 - 2018-12-25 02:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-25 02:07 - 2018-12-25 02:07 - 000000000 ___HD C:\$SysReset
2018-12-24 19:45 - 2018-12-24 19:47 - 000000000 ____D C:\AdwCleaner
2018-12-24 18:59 - 2018-12-24 18:59 - 007320272 _____ (Malwarebytes) C:\Users\arnal\Downloads\adwcleaner_7.2.6.0.exe
2018-12-24 18:34 - 2018-12-24 18:34 - 000000000 ____D C:\Users\arnal\AppData\Local\mbam
2018-12-24 18:33 - 2018-12-24 18:33 - 000000000 ____D C:\Users\arnal\AppData\Local\mbamtray
2018-12-24 18:20 - 2018-12-24 18:20 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-12-24 18:20 - 2018-12-24 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-24 18:20 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-12-24 18:19 - 2018-12-24 18:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-24 14:19 - 2018-12-24 14:19 - 000003264 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForarnold
2018-12-23 13:27 - 2018-12-23 13:27 - 007194192 _____ (Stanislav Polshyn & Trend Micro Inc.) C:\Users\arnal\Downloads\HiJackThis.exe
2018-12-23 11:46 - 2017-08-01 20:07 - 000000000 ____D C:\Users\arnal\Downloads\spy boy search full
2018-12-23 11:35 - 2018-12-23 11:35 - 000001427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-12-23 11:35 - 2018-12-23 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-12-23 11:35 - 2017-05-23 09:22 - 000032240 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2018-12-23 11:34 - 2018-12-23 11:34 - 051725936 _____ (Safer-Networking Ltd. ) C:\Users\arnal\Downloads\spybotsd-2.6.46.exe
2018-12-23 11:27 - 2018-12-23 11:27 - 000000085 _____ C:\WINDOWS\wininit.ini
2018-12-23 11:08 - 2018-12-23 11:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-12-23 11:07 - 2018-12-23 13:22 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-12-23 11:07 - 2018-12-23 11:35 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-12-23 00:58 - 2018-12-23 01:00 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-12-21 23:27 - 2018-12-23 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2018-12-21 23:27 - 2018-12-23 00:06 - 000000000 ____D C:\Program Files\PowerISO
2018-12-21 23:27 - 2017-06-06 21:36 - 000138296 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2018-12-21 10:08 - 2018-12-23 00:06 - 000000000 ____D C:\Program Files (x86)\Nitro
2018-12-21 09:17 - 2018-12-21 09:17 - 000000000 ____D C:\Users\arnal\AppData\Roaming\Nitro
2018-12-21 09:12 - 2018-12-21 09:12 - 000000000 ____D C:\ProgramData\Nitro
2018-12-21 08:33 - 2018-12-25 11:58 - 000000000 ___RD C:\Users\arnal\Desktop\FOREX
2018-12-21 08:30 - 2018-12-25 10:13 - 000000000 ___RD C:\Users\arnal\Desktop\SENSORES CHILE
2018-12-21 08:11 - 2018-12-10 15:57 - 000027559 _____ C:\Users\arnal\Desktop\0By_pW2cq_KLBLW0wTkRPdmVSem8.bin
2018-12-21 08:07 - 2018-12-21 08:07 - 000348502 _____ C:\Users\arnal\OneDrive\Documentos\MANEJO DE STOK.xlsx
2018-12-19 22:08 - 2018-12-19 22:08 - 000000000 ____D C:\Users\arnal\AppData\Local\D3DSCache
2018-12-19 21:33 - 2018-12-24 18:50 - 000000000 ____D C:\WINDOWS\SysWOW64\owsmugoc
2018-12-19 21:30 - 2018-12-19 21:30 - 000000000 ____D C:\Users\arnal\AppData\Roaming\WildTangent
2018-12-19 21:25 - 2018-12-19 21:25 - 000000000 ____D C:\ProgramData\{7AF27571-D226-3E5A-5ECF-D9B25E2880E3}
2018-12-19 21:25 - 2018-12-19 21:25 - 000000000 ____D C:\ProgramData\{3437A3DD-048A-709F-F219-1CFCF2FE45AD}
2018-12-19 21:11 - 2018-12-19 21:11 - 000000000 ____D C:\ProgramData\{5A78D3CF-7498-1ED0-E069-5392E08E0AC3}
2018-12-19 21:11 - 2018-12-19 21:11 - 000000000 ____D C:\ProgramData\{58DA6DD9-CA8E-1C72-F6D7-F190F630A8C1}
2018-12-19 21:09 - 2018-12-19 21:10 - 000000000 ____D C:\ProgramData\{DCA8878D-20DA-9800-A23D-8314A2DADA45}
2018-12-19 21:09 - 2018-12-19 21:10 - 000000000 ____D C:\ProgramData\{81608C32-2B65-C5C8-1D36-4B491DD11218}
2018-12-19 21:05 - 2018-12-19 21:05 - 000865521 _____ C:\Users\arnal\AppData\Local\0gafanswjc0v.zip
2018-12-19 21:02 - 2018-12-19 21:02 - 000000000 ____D C:\Users\arnold
2018-12-19 21:01 - 2018-12-19 21:09 - 000000000 ____D C:\ProgramData\{73016DAC-CAFB-37A9-83D7-2ABB833073EA}
2018-12-19 21:01 - 2018-12-19 21:09 - 000000000 ____D C:\ProgramData\{5C61C557-6200-18C9-787F-4A94789813C5}
2018-12-19 21:01 - 2018-12-19 21:01 - 000621416 _____ (VideoDriver) C:\WINDOWS\CA318505356C.sys
2018-12-19 21:01 - 2018-12-19 21:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-12-19 21:00 - 2018-12-24 18:50 - 000000000 ____D C:\Users\arnal\AppData\Roaming\4xmodj5pqrm
2018-12-19 21:00 - 2018-12-23 00:06 - 000000000 ____D C:\Program Files\SRAJKJX6KS
2018-12-19 21:00 - 2018-12-19 21:00 - 025260414 _____ (TigerTrade ) C:\ProgramData\hgzqbd.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 000000104 _____ C:\ProgramData\hgzqbf.bat
2018-12-19 21:00 - 2018-12-19 21:00 - 000000003 _____ C:\Users\arnal\AppData\Local\wbem.ini
2018-12-19 21:00 - 2018-12-19 21:00 - 000000000 ____D C:\Users\arnal\AppData\Local\0vadkugl5we0
2018-12-19 20:59 - 2018-12-19 21:00 - 000000116 _____ C:\ProgramData\hgzqbc.txt
2018-12-19 20:59 - 2018-12-19 20:59 - 000140800 _____ C:\Users\arnal\AppData\Local\installer.dat
2018-12-19 20:59 - 2018-12-19 20:59 - 000001153 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firеfoх.lnk
2018-12-19 20:20 - 2018-12-19 22:13 - 000000282 __RSH C:\Users\arnal\ntuser.pol
2018-12-19 20:20 - 2018-12-19 21:03 - 000000282 __RSH C:\ProgramData\ntuser.pol
2018-12-19 17:47 - 2018-12-01 01:01 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-19 17:47 - 2018-12-01 01:01 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-19 15:02 - 2018-12-08 05:05 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-12-19 15:02 - 2018-12-08 04:49 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-19 15:02 - 2018-12-08 04:45 - 006569040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-19 15:02 - 2018-12-08 04:42 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-19 15:02 - 2018-11-01 06:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-12-19 15:02 - 2018-10-21 04:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-12-19 15:02 - 2018-10-21 04:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-12-19 15:01 - 2018-12-08 09:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-19 15:01 - 2018-12-08 09:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-19 15:01 - 2018-12-08 09:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-19 15:01 - 2018-12-08 09:28 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-19 15:01 - 2018-12-08 09:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-19 15:01 - 2018-12-08 09:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-19 15:01 - 2018-12-08 09:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-19 15:01 - 2018-12-08 09:25 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-19 15:01 - 2018-12-08 09:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-19 15:01 - 2018-12-08 05:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-12-19 15:01 - 2018-12-08 05:07 - 001221632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-12-19 15:01 - 2018-12-08 05:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-19 15:01 - 2018-12-08 05:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-19 15:01 - 2018-12-08 05:04 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-19 15:01 - 2018-12-08 05:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-19 15:01 - 2018-12-08 05:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-19 15:01 - 2018-12-08 04:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-19 15:01 - 2018-12-08 04:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-19 15:01 - 2018-12-08 04:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-19 15:01 - 2018-12-08 04:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-19 15:01 - 2018-12-08 04:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-19 15:01 - 2018-12-08 04:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-12-19 15:01 - 2018-12-08 04:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-19 15:01 - 2018-12-08 04:40 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-19 15:01 - 2018-12-08 04:38 - 022016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-19 15:01 - 2018-12-08 04:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-19 15:01 - 2018-12-08 04:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-19 15:01 - 2018-12-08 04:36 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-12-19 15:01 - 2018-12-08 04:36 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-19 15:01 - 2018-12-08 04:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-19 15:01 - 2018-12-08 04:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-12-19 15:01 - 2018-12-08 04:35 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-19 15:01 - 2018-12-08 04:33 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-19 15:01 - 2018-12-08 04:28 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-12-19 15:01 - 2018-11-09 03:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-19 15:01 - 2018-11-09 02:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-19 15:01 - 2018-11-08 23:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-19 15:01 - 2018-11-08 23:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-19 15:01 - 2018-11-08 23:20 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-19 15:01 - 2018-11-08 23:16 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-19 15:01 - 2018-11-08 22:26 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-19 15:01 - 2018-11-01 06:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-12-19 15:01 - 2018-11-01 04:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-12-19 15:01 - 2018-11-01 04:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-12-19 15:01 - 2018-11-01 04:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-12-19 15:01 - 2018-11-01 04:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-12-19 15:01 - 2018-11-01 03:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-19 15:01 - 2018-11-01 03:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-12-19 15:01 - 2018-11-01 03:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-12-19 15:01 - 2018-11-01 03:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-12-19 15:01 - 2018-11-01 03:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-12-19 15:01 - 2018-11-01 03:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-12-19 15:01 - 2018-11-01 01:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-12-19 15:01 - 2018-11-01 01:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-12-19 15:01 - 2018-11-01 01:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-12-19 15:01 - 2018-11-01 01:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-12-19 15:01 - 2018-11-01 01:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-19 15:01 - 2018-10-21 10:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-12-19 15:01 - 2018-10-21 09:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-12-19 15:01 - 2018-10-21 09:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-12-19 15:01 - 2018-10-21 08:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-12-19 15:01 - 2018-10-21 04:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-12-19 15:01 - 2018-10-21 04:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-12-19 15:01 - 2018-10-21 04:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-12-19 15:01 - 2018-10-21 04:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-12-19 15:01 - 2018-10-21 04:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-12-19 15:01 - 2018-10-21 03:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-12-19 15:01 - 2018-09-21 00:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-12-19 15:01 - 2018-09-20 01:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-12-19 15:01 - 2018-09-08 05:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-12-19 15:01 - 2018-09-08 05:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-12-19 15:01 - 2018-09-08 05:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-12-19 15:01 - 2018-09-08 04:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-12-19 15:01 - 2018-09-08 03:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-12-19 15:01 - 2018-09-08 03:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-12-19 15:01 - 2018-09-08 01:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-12-19 15:01 - 2018-09-08 00:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-12-19 15:01 - 2018-09-08 00:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-12-19 15:01 - 2018-09-08 00:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-12-19 15:01 - 2018-09-08 00:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-12-19 15:01 - 2018-09-08 00:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-12-19 15:01 - 2018-09-08 00:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-12-19 15:01 - 2018-08-09 05:21 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-12-19 15:01 - 2018-08-09 01:23 - 003148288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2018-12-19 15:01 - 2018-08-09 01:10 - 002893824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2018-12-19 15:01 - 2018-08-03 05:20 - 004049408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-12-19 15:01 - 2018-08-03 04:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-12-19 15:01 - 2018-08-03 00:09 - 001932288 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-12-19 15:01 - 2018-07-14 21:39 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-12-19 15:01 - 2018-07-14 01:22 - 006813744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-12-19 15:01 - 2018-07-14 01:22 - 001144664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-12-19 15:01 - 2018-07-14 01:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-12-19 15:01 - 2018-07-14 01:19 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-12-19 15:01 - 2018-07-14 01:19 - 000981920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-12-19 15:01 - 2018-07-14 01:18 - 002563984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-12-19 15:01 - 2018-07-14 01:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-12-19 15:01 - 2018-07-14 01:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-12-19 15:01 - 2018-07-14 01:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-12-19 15:01 - 2018-07-14 00:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-12-19 15:01 - 2018-07-14 00:56 - 004559872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-12-19 15:01 - 2018-07-14 00:56 - 002697216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-12-19 15:01 - 2018-07-14 00:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2018-12-19 15:01 - 2018-07-14 00:51 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-12-19 15:01 - 2018-07-14 00:50 - 001773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-12-19 15:01 - 2018-07-06 11:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-12-19 15:01 - 2018-07-06 09:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-12-19 15:01 - 2018-07-06 04:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-12-19 15:01 - 2018-07-06 03:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-12-19 15:01 - 2018-06-15 02:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-12-19 15:01 - 2018-06-15 02:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-12-19 15:01 - 2018-06-15 02:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-12-19 15:01 - 2018-06-15 02:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-12-19 15:01 - 2018-06-15 02:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-12-19 15:01 - 2018-06-15 02:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-12-19 15:01 - 2018-06-15 02:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-12-19 15:01 - 2018-06-15 01:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-12-19 15:00 - 2018-12-08 09:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-19 15:00 - 2018-12-08 09:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-19 15:00 - 2018-12-08 09:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-19 15:00 - 2018-12-08 09:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-19 15:00 - 2018-12-08 09:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-19 15:00 - 2018-12-08 09:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-19 15:00 - 2018-12-08 09:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-19 15:00 - 2018-12-08 09:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-19 15:00 - 2018-12-08 09:23 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-12-19 15:00 - 2018-12-08 09:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-19 15:00 - 2018-12-08 09:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-19 15:00 - 2018-12-08 05:13 - 001040936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-19 15:00 - 2018-12-08 05:07 - 001030184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-12-19 15:00 - 2018-12-08 05:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-19 15:00 - 2018-12-08 05:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-19 15:00 - 2018-12-08 05:05 - 002463384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-19 15:00 - 2018-12-08 05:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-19 15:00 - 2018-12-08 05:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-19 15:00 - 2018-12-08 05:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-19 15:00 - 2018-12-08 05:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-19 15:00 - 2018-12-08 05:04 - 001457032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-19 15:00 - 2018-12-08 05:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-19 15:00 - 2018-12-08 05:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-12-19 15:00 - 2018-12-08 04:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-19 15:00 - 2018-12-08 04:46 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-19 15:00 - 2018-12-08 04:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-12-19 15:00 - 2018-12-08 04:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-12-19 15:00 - 2018-12-08 04:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-19 15:00 - 2018-12-08 04:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-19 15:00 - 2018-12-08 04:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-19 15:00 - 2018-12-08 04:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-12-19 15:00 - 2018-12-08 04:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-12-19 15:00 - 2018-12-08 04:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-12-19 15:00 - 2018-12-08 04:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-19 15:00 - 2018-12-08 04:36 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-19 15:00 - 2018-12-08 04:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-19 15:00 - 2018-12-08 04:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-12-19 15:00 - 2018-12-08 04:35 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-19 15:00 - 2018-12-08 04:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-19 15:00 - 2018-12-08 04:34 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-19 15:00 - 2018-12-08 04:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-12-19 15:00 - 2018-12-08 04:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-12-19 15:00 - 2018-12-08 04:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-19 15:00 - 2018-12-08 04:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-12-19 15:00 - 2018-12-08 04:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-12-19 15:00 - 2018-12-08 04:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-19 15:00 - 2018-12-08 04:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-12-19 15:00 - 2018-12-08 04:32 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-19 15:00 - 2018-12-08 04:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-19 15:00 - 2018-12-08 04:32 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-19 15:00 - 2018-12-08 04:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-12-19 15:00 - 2018-12-08 04:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-19 15:00 - 2018-12-08 04:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-12-19 15:00 - 2018-12-08 04:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-19 15:00 - 2018-12-08 04:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-19 15:00 - 2018-12-08 04:27 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-19 15:00 - 2018-12-08 04:25 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-19 15:00 - 2018-12-08 04:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-19 15:00 - 2018-11-09 02:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-12-19 15:00 - 2018-11-09 02:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-19 15:00 - 2018-11-09 02:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-19 15:00 - 2018-11-09 02:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-19 15:00 - 2018-11-09 02:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-12-19 15:00 - 2018-11-09 02:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-19 15:00 - 2018-11-09 02:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-19 15:00 - 2018-11-08 23:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-12-19 15:00 - 2018-11-08 23:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-19 15:00 - 2018-11-08 23:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-12-19 15:00 - 2018-11-08 23:47 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-19 15:00 - 2018-11-08 23:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-19 15:00 - 2018-11-08 23:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-12-19 15:00 - 2018-11-08 23:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-12-19 15:00 - 2018-11-08 23:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-19 15:00 - 2018-11-08 23:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-12-19 15:00 - 2018-11-08 23:19 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-19 15:00 - 2018-11-08 23:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-19 15:00 - 2018-11-08 23:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-12-19 15:00 - 2018-11-08 23:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-19 15:00 - 2018-11-08 23:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-19 15:00 - 2018-11-08 23:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-12-19 15:00 - 2018-11-08 23:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-12-19 15:00 - 2018-11-08 23:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-12-19 15:00 - 2018-11-08 23:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-12-19 15:00 - 2018-11-08 23:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-12-19 15:00 - 2018-11-08 23:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-19 15:00 - 2018-11-08 22:46 - 002253184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-19 15:00 - 2018-11-08 22:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-12-19 15:00 - 2018-11-08 22:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-19 15:00 - 2018-11-08 22:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-12-19 15:00 - 2018-11-08 22:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-19 15:00 - 2018-11-08 22:28 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-12-19 15:00 - 2018-11-08 22:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-19 15:00 - 2018-11-08 22:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-12-19 15:00 - 2018-11-01 08:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-12-19 15:00 - 2018-11-01 07:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-12-19 15:00 - 2018-11-01 04:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-12-19 15:00 - 2018-11-01 04:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-12-19 15:00 - 2018-11-01 04:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-12-19 15:00 - 2018-11-01 03:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-12-19 15:00 - 2018-11-01 03:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-12-19 15:00 - 2018-11-01 03:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-12-19 15:00 - 2018-11-01 03:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

#11
2018-12-19 15:00 - 2018-11-01 03:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-12-19 15:00 - 2018-11-01 03:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-12-19 15:00 - 2018-11-01 03:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-12-19 15:00 - 2018-11-01 03:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-12-19 15:00 - 2018-11-01 01:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-12-19 15:00 - 2018-11-01 01:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-12-19 15:00 - 2018-11-01 01:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-12-19 15:00 - 2018-11-01 01:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-12-19 15:00 - 2018-10-21 10:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-12-19 15:00 - 2018-10-21 10:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-12-19 15:00 - 2018-10-21 09:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-12-19 15:00 - 2018-10-21 09:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-12-19 15:00 - 2018-10-21 09:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-12-19 15:00 - 2018-10-21 09:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-12-19 15:00 - 2018-10-21 08:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-12-19 15:00 - 2018-10-21 08:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-12-19 15:00 - 2018-10-21 08:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-12-19 15:00 - 2018-10-21 08:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-12-19 15:00 - 2018-10-21 08:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-12-19 15:00 - 2018-10-21 04:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-12-19 15:00 - 2018-10-21 04:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-12-19 15:00 - 2018-10-21 04:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-12-19 15:00 - 2018-10-21 04:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-12-19 15:00 - 2018-10-21 04:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-19 15:00 - 2018-10-21 04:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-12-19 15:00 - 2018-10-21 04:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-12-19 15:00 - 2018-10-21 04:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-12-19 15:00 - 2018-10-21 04:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-19 15:00 - 2018-10-21 04:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-12-19 15:00 - 2018-10-21 04:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-12-19 15:00 - 2018-10-21 04:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-12-19 15:00 - 2018-10-21 04:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-12-19 15:00 - 2018-10-21 04:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-12-19 15:00 - 2018-10-21 04:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-12-19 15:00 - 2018-10-21 04:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-12-19 15:00 - 2018-10-21 04:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-12-19 15:00 - 2018-10-21 04:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-12-19 15:00 - 2018-10-21 04:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-12-19 15:00 - 2018-10-21 04:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-12-19 15:00 - 2018-10-21 04:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-12-19 15:00 - 2018-10-21 04:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-12-19 15:00 - 2018-10-21 04:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-12-19 15:00 - 2018-10-21 04:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-12-19 15:00 - 2018-10-21 03:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-12-19 15:00 - 2018-10-21 03:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-12-19 15:00 - 2018-10-21 03:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-12-19 15:00 - 2018-09-21 01:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-12-19 15:00 - 2018-09-21 01:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-12-19 15:00 - 2018-09-21 01:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-12-19 15:00 - 2018-09-21 01:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-12-19 15:00 - 2018-09-21 01:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-12-19 15:00 - 2018-09-21 00:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-12-19 15:00 - 2018-09-20 06:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-12-19 15:00 - 2018-09-20 05:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-12-19 15:00 - 2018-09-20 01:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-12-19 15:00 - 2018-09-20 01:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-12-19 15:00 - 2018-09-20 01:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-12-19 15:00 - 2018-09-20 01:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-12-19 15:00 - 2018-09-20 00:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-12-19 15:00 - 2018-09-08 05:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-12-19 15:00 - 2018-09-08 05:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-12-19 15:00 - 2018-09-08 05:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-12-19 15:00 - 2018-09-08 05:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-12-19 15:00 - 2018-09-08 05:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-12-19 15:00 - 2018-09-08 05:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-12-19 15:00 - 2018-09-08 04:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-12-19 15:00 - 2018-09-08 04:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-12-19 15:00 - 2018-09-08 04:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-12-19 15:00 - 2018-09-08 04:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-12-19 15:00 - 2018-09-08 04:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-12-19 15:00 - 2018-09-08 04:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-12-19 15:00 - 2018-09-08 04:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-12-19 15:00 - 2018-09-08 04:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-12-19 15:00 - 2018-09-08 04:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-12-19 15:00 - 2018-09-08 04:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-12-19 15:00 - 2018-09-08 03:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-12-19 15:00 - 2018-09-08 03:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-12-19 15:00 - 2018-09-08 03:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-12-19 15:00 - 2018-09-08 03:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-12-19 15:00 - 2018-09-08 03:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-12-19 15:00 - 2018-09-08 00:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-12-19 15:00 - 2018-09-08 00:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-12-19 15:00 - 2018-09-08 00:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-12-19 15:00 - 2018-09-08 00:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-12-19 15:00 - 2018-09-08 00:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-12-19 15:00 - 2018-09-08 00:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-12-19 15:00 - 2018-09-08 00:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-12-19 15:00 - 2018-09-08 00:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-12-19 15:00 - 2018-09-08 00:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-12-19 15:00 - 2018-09-08 00:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-12-19 15:00 - 2018-09-08 00:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-12-19 15:00 - 2018-09-08 00:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-12-19 15:00 - 2018-09-08 00:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-12-19 15:00 - 2018-09-08 00:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-12-19 15:00 - 2018-09-08 00:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-12-19 15:00 - 2018-09-08 00:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-12-19 15:00 - 2018-09-08 00:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-12-19 15:00 - 2018-09-08 00:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-12-19 15:00 - 2018-08-31 04:24 - 000482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2018-12-19 15:00 - 2018-08-31 00:42 - 000632296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2018-12-19 15:00 - 2018-08-31 00:28 - 000453104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2018-12-19 15:00 - 2018-08-31 00:12 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-12-19 15:00 - 2018-08-28 03:48 - 001274368 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-12-19 15:00 - 2018-08-28 03:45 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-12-19 15:00 - 2018-08-13 23:14 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-12-19 15:00 - 2018-08-09 06:13 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-12-19 15:00 - 2018-08-09 06:12 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-12-19 15:00 - 2018-08-09 06:10 - 001557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-12-19 15:00 - 2018-08-09 06:10 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-12-19 15:00 - 2018-08-09 05:22 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-12-19 15:00 - 2018-08-09 05:22 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2018-12-19 15:00 - 2018-08-09 05:21 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-12-19 15:00 - 2018-08-09 01:55 - 000230304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-12-19 15:00 - 2018-08-09 01:54 - 000203568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-12-19 15:00 - 2018-08-09 01:53 - 001026456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-12-19 15:00 - 2018-08-09 01:26 - 000990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-12-19 15:00 - 2018-08-09 01:26 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-12-19 15:00 - 2018-08-09 01:25 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-12-19 15:00 - 2018-08-09 01:25 - 000460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-12-19 15:00 - 2018-08-09 01:25 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2018-12-19 15:00 - 2018-08-09 01:23 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-12-19 15:00 - 2018-08-09 01:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-12-19 15:00 - 2018-08-09 01:12 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2018-12-19 15:00 - 2018-08-09 01:11 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-12-19 15:00 - 2018-08-09 01:10 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-12-19 15:00 - 2018-08-09 01:09 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-12-19 15:00 - 2018-08-03 00:39 - 000692240 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-12-19 15:00 - 2018-08-03 00:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-12-19 15:00 - 2018-07-14 01:23 - 000760888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-12-19 15:00 - 2018-07-14 01:22 - 000510392 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-12-19 15:00 - 2018-07-14 01:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-12-19 15:00 - 2018-07-14 01:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-12-19 15:00 - 2018-07-14 00:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2018-12-19 15:00 - 2018-07-14 00:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2018-12-19 15:00 - 2018-07-14 00:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-12-19 15:00 - 2018-07-14 00:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-12-19 15:00 - 2018-07-14 00:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-12-19 15:00 - 2018-07-14 00:55 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-12-19 15:00 - 2018-07-14 00:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2018-12-19 15:00 - 2018-07-14 00:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2018-12-19 15:00 - 2018-07-14 00:54 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-12-19 15:00 - 2018-07-14 00:54 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-12-19 15:00 - 2018-07-14 00:54 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-12-19 15:00 - 2018-07-14 00:53 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-12-19 15:00 - 2018-07-14 00:53 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-12-19 15:00 - 2018-07-14 00:52 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-12-19 15:00 - 2018-07-14 00:52 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-12-19 15:00 - 2018-07-14 00:52 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-12-19 15:00 - 2018-07-14 00:51 - 001304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-12-19 15:00 - 2018-07-06 04:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-12-19 15:00 - 2018-07-06 03:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-12-19 15:00 - 2018-07-06 03:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-12-19 15:00 - 2018-07-06 03:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-12-19 15:00 - 2018-07-06 03:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-12-19 15:00 - 2018-07-06 03:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-12-19 15:00 - 2018-07-06 03:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-12-19 15:00 - 2018-07-06 03:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-12-19 15:00 - 2018-07-06 03:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-12-19 15:00 - 2018-06-15 14:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-12-19 15:00 - 2018-06-15 14:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-12-19 15:00 - 2018-06-15 14:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-12-19 15:00 - 2018-06-15 14:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-12-19 15:00 - 2018-06-15 14:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-12-19 15:00 - 2018-06-15 14:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-12-19 15:00 - 2018-06-15 12:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-12-19 15:00 - 2018-06-15 12:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-12-19 15:00 - 2018-06-15 12:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-12-19 15:00 - 2018-06-15 10:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-12-19 15:00 - 2018-06-15 02:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-12-19 15:00 - 2018-06-15 02:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-12-19 15:00 - 2018-06-15 02:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-12-19 15:00 - 2018-06-15 02:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-12-19 15:00 - 2018-06-15 02:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-12-19 15:00 - 2018-06-15 02:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-12-19 15:00 - 2018-06-15 01:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-12-19 15:00 - 2018-06-15 01:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-12-19 15:00 - 2018-06-15 01:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-12-19 15:00 - 2018-06-15 01:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-12-19 15:00 - 2018-06-15 01:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-12-19 15:00 - 2018-06-15 01:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-12-19 15:00 - 2018-06-15 01:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-12-19 15:00 - 2018-06-15 01:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-12-19 15:00 - 2018-06-15 01:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-12-19 15:00 - 2018-06-15 01:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-12-19 15:00 - 2018-06-15 01:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-12-19 15:00 - 2018-06-15 01:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-12-19 15:00 - 2018-06-15 01:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-12-19 15:00 - 2018-06-15 01:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-12-19 15:00 - 2018-06-15 01:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-12-19 15:00 - 2018-06-15 01:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-12-19 15:00 - 2018-06-15 01:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-12-19 15:00 - 2018-06-15 01:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-12-19 15:00 - 2018-06-15 01:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-12-19 14:59 - 2018-12-08 09:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-12-19 14:59 - 2018-12-08 09:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-12-19 14:59 - 2018-12-08 09:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-12-19 14:59 - 2018-12-08 09:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-12-19 14:59 - 2018-12-08 09:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-19 14:59 - 2018-12-08 09:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-19 14:59 - 2018-12-08 09:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-19 14:59 - 2018-12-08 09:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-19 14:59 - 2018-12-08 09:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-12-19 14:59 - 2018-12-08 09:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-19 14:59 - 2018-12-08 05:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-19 14:59 - 2018-12-08 05:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-19 14:59 - 2018-12-08 05:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-19 14:59 - 2018-12-08 05:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-19 14:59 - 2018-12-08 05:07 - 001063416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-19 14:59 - 2018-12-08 05:07 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-12-19 14:59 - 2018-12-08 05:07 - 000076280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-12-19 14:59 - 2018-12-08 05:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-19 14:59 - 2018-12-08 05:06 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-12-19 14:59 - 2018-12-08 05:06 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-19 14:59 - 2018-12-08 05:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-19 14:59 - 2018-12-08 05:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2018-12-19 14:59 - 2018-12-08 05:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-19 14:59 - 2018-12-08 05:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-19 14:59 - 2018-12-08 05:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-19 14:59 - 2018-12-08 05:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2018-12-19 14:59 - 2018-12-08 05:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-12-19 14:59 - 2018-12-08 05:05 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-12-19 14:59 - 2018-12-08 05:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-19 14:59 - 2018-12-08 05:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-19 14:59 - 2018-12-08 05:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-12-19 14:59 - 2018-12-08 05:04 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-19 14:59 - 2018-12-08 05:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-19 14:59 - 2018-12-08 05:04 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-19 14:59 - 2018-12-08 05:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-19 14:59 - 2018-12-08 05:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-19 14:59 - 2018-12-08 05:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-19 14:59 - 2018-12-08 05:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 000268280 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-19 14:59 - 2018-12-08 05:04 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-19 14:59 - 2018-12-08 05:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-19 14:59 - 2018-12-08 05:04 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-19 14:59 - 2018-12-08 04:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-12-19 14:59 - 2018-12-08 04:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-19 14:59 - 2018-12-08 04:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-19 14:59 - 2018-12-08 04:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-19 14:59 - 2018-12-08 04:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-12-19 14:59 - 2018-12-08 04:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-12-19 14:59 - 2018-12-08 04:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-19 14:59 - 2018-12-08 04:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-19 14:59 - 2018-12-08 04:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-19 14:59 - 2018-12-08 04:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-12-19 14:59 - 2018-12-08 04:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-19 14:59 - 2018-12-08 04:37 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-19 14:59 - 2018-12-08 04:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-19 14:59 - 2018-12-08 04:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-19 14:59 - 2018-12-08 04:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-19 14:59 - 2018-12-08 04:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-19 14:59 - 2018-12-08 04:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2018-12-19 14:59 - 2018-12-08 04:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-19 14:59 - 2018-12-08 04:35 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-12-19 14:59 - 2018-12-08 04:35 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-19 14:59 - 2018-12-08 04:34 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-12-19 14:59 - 2018-12-08 04:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-12-19 14:59 - 2018-12-08 04:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-19 14:59 - 2018-12-08 04:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-19 14:59 - 2018-12-08 04:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-12-19 14:59 - 2018-12-08 04:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-19 14:59 - 2018-12-08 04:32 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-19 14:59 - 2018-12-08 04:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-19 14:59 - 2018-12-08 04:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-19 14:59 - 2018-12-08 04:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-19 14:59 - 2018-12-08 04:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-19 14:59 - 2018-12-08 04:28 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-12-19 14:59 - 2018-12-08 04:28 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-19 14:59 - 2018-12-08 04:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-19 14:59 - 2018-12-08 04:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-19 14:59 - 2018-12-08 04:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-12-19 14:59 - 2018-12-08 04:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-12-19 14:59 - 2018-12-08 04:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-19 14:59 - 2018-12-08 04:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-19 14:59 - 2018-12-08 04:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-19 14:59 - 2018-12-08 04:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-12-19 14:59 - 2018-12-08 04:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-12-19 14:59 - 2018-12-08 04:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-12-19 14:59 - 2018-12-08 04:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-19 14:59 - 2018-12-08 04:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-12-19 14:59 - 2018-12-08 04:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-12-19 14:59 - 2018-12-08 04:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-19 14:59 - 2018-12-08 04:24 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-19 14:59 - 2018-12-08 04:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-19 14:59 - 2018-12-08 04:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-19 14:59 - 2018-11-09 03:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-19 14:59 - 2018-11-09 02:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-12-19 14:59 - 2018-11-09 02:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-12-19 14:59 - 2018-11-09 02:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-19 14:59 - 2018-11-09 02:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-12-19 14:59 - 2018-11-09 02:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-12-19 14:59 - 2018-11-09 02:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-12-19 14:59 - 2018-11-09 02:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-19 14:59 - 2018-11-09 02:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-12-19 14:59 - 2018-11-09 02:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-12-19 14:59 - 2018-11-09 02:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-12-19 14:59 - 2018-11-08 23:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-19 14:59 - 2018-11-08 23:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-12-19 14:59 - 2018-11-08 23:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-12-19 14:59 - 2018-11-08 23:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-19 14:59 - 2018-11-08 23:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-12-19 14:59 - 2018-11-08 23:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-12-19 14:59 - 2018-11-08 23:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-19 14:59 - 2018-11-08 23:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-19 14:59 - 2018-11-08 23:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-12-19 14:59 - 2018-11-08 23:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-12-19 14:59 - 2018-11-08 23:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-19 14:59 - 2018-11-08 23:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-12-19 14:59 - 2018-11-08 23:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-12-19 14:59 - 2018-11-08 23:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-12-19 14:59 - 2018-11-08 23:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-19 14:59 - 2018-11-08 23:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-12-19 14:59 - 2018-11-08 23:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-12-19 14:59 - 2018-11-08 23:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-12-19 14:59 - 2018-11-08 23:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-12-19 14:59 - 2018-11-08 23:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-12-19 14:59 - 2018-11-08 23:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-12-19 14:59 - 2018-11-08 23:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-19 14:59 - 2018-11-08 23:15 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-19 14:59 - 2018-11-08 22:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-19 14:59 - 2018-11-08 22:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-12-19 14:59 - 2018-11-08 22:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-12-19 14:59 - 2018-11-08 22:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-12-19 14:59 - 2018-11-08 22:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-19 14:59 - 2018-11-08 22:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-12-19 14:59 - 2018-11-08 22:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-12-19 14:59 - 2018-11-08 22:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-12-19 14:59 - 2018-11-08 22:29 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-19 14:59 - 2018-11-08 22:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-12-19 14:59 - 2018-11-08 22:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-12-19 14:59 - 2018-11-08 22:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-12-19 14:59 - 2018-11-08 22:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-12-19 14:59 - 2018-11-01 08:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-12-19 14:59 - 2018-11-01 08:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-12-19 14:59 - 2018-11-01 08:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-12-19 14:59 - 2018-11-01 08:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-12-19 14:59 - 2018-11-01 08:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-12-19 14:59 - 2018-11-01 08:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-12-19 14:59 - 2018-11-01 06:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-12-19 14:59 - 2018-11-01 06:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-12-19 14:59 - 2018-11-01 06:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-12-19 14:59 - 2018-11-01 04:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-12-19 14:59 - 2018-11-01 03:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-12-19 14:59 - 2018-11-01 03:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-12-19 14:59 - 2018-11-01 03:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-12-19 14:59 - 2018-11-01 03:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-12-19 14:59 - 2018-11-01 03:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-12-19 14:59 - 2018-11-01 03:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-12-19 14:59 - 2018-11-01 03:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-12-19 14:59 - 2018-11-01 03:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-12-19 14:59 - 2018-11-01 01:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-12-19 14:59 - 2018-11-01 01:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-12-19 14:59 - 2018-11-01 01:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-12-19 14:59 - 2018-10-21 10:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-12-19 14:59 - 2018-10-21 09:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-12-19 14:59 - 2018-10-21 09:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-12-19 14:59 - 2018-10-21 09:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-12-19 14:59 - 2018-10-21 09:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-12-19 14:59 - 2018-10-21 09:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-12-19 14:59 - 2018-10-21 09:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-12-19 14:59 - 2018-10-21 09:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-12-19 14:59 - 2018-10-21 08:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-12-19 14:59 - 2018-10-21 08:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-12-19 14:59 - 2018-10-21 08:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-12-19 14:59 - 2018-10-21 06:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-12-19 14:59 - 2018-10-21 05:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-12-19 14:59 - 2018-10-21 04:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-12-19 14:59 - 2018-10-21 04:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-12-19 14:59 - 2018-10-21 04:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-12-19 14:59 - 2018-10-21 04:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-12-19 14:59 - 2018-10-21 04:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-12-19 14:59 - 2018-10-21 04:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-12-19 14:59 - 2018-10-21 04:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-12-19 14:59 - 2018-10-21 04:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-12-19 14:59 - 2018-10-21 04:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-12-19 14:59 - 2018-10-21 04:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-12-19 14:59 - 2018-10-21 04:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-12-19 14:59 - 2018-10-21 04:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-12-19 14:59 - 2018-10-21 04:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-12-19 14:59 - 2018-10-21 04:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-12-19 14:59 - 2018-10-21 04:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-12-19 14:59 - 2018-10-21 04:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-12-19 14:59 - 2018-10-21 04:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-12-19 14:59 - 2018-10-21 04:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-12-19 14:59 - 2018-10-21 04:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-12-19 14:59 - 2018-10-21 04:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-12-19 14:59 - 2018-10-21 04:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-12-19 14:59 - 2018-10-21 02:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-12-19 14:59 - 2018-10-21 02:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-12-19 14:59 - 2018-09-21 06:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-12-19 14:59 - 2018-09-21 05:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-12-19 14:59 - 2018-09-20 06:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-12-19 14:59 - 2018-09-20 05:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-12-19 14:59 - 2018-09-20 01:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-12-19 14:59 - 2018-09-20 00:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-12-19 14:59 - 2018-09-19 22:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-12-19 14:59 - 2018-09-08 05:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-12-19 14:59 - 2018-09-08 04:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-12-19 14:59 - 2018-09-08 04:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-12-19 14:59 - 2018-09-08 04:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-12-19 14:59 - 2018-09-08 04:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-12-19 14:59 - 2018-09-08 04:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-12-19 14:59 - 2018-09-08 04:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-12-19 14:59 - 2018-09-08 04:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-12-19 14:59 - 2018-09-08 04:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-12-19 14:59 - 2018-09-08 04:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-12-19 14:59 - 2018-09-08 04:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-12-19 14:59 - 2018-09-08 04:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-12-19 14:59 - 2018-09-08 03:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-12-19 14:59 - 2018-09-08 03:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-12-19 14:59 - 2018-09-08 03:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-12-19 14:59 - 2018-09-08 03:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-12-19 14:59 - 2018-09-08 00:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-12-19 14:59 - 2018-09-08 00:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-12-19 14:59 - 2018-09-08 00:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-12-19 14:59 - 2018-09-08 00:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-12-19 14:59 - 2018-09-08 00:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-12-19 14:59 - 2018-09-08 00:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-12-19 14:59 - 2018-09-08 00:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-12-19 14:59 - 2018-09-08 00:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-12-19 14:59 - 2018-09-08 00:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-12-19 14:59 - 2018-09-08 00:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-12-19 14:59 - 2018-09-08 00:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-12-19 14:59 - 2018-09-08 00:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-12-19 14:59 - 2018-09-08 00:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-12-19 14:59 - 2018-09-08 00:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-12-19 14:59 - 2018-09-08 00:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-12-19 14:59 - 2018-09-08 00:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-12-19 14:59 - 2018-09-08 00:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-12-19 14:59 - 2018-09-08 00:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-12-19 14:59 - 2018-09-08 00:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-12-19 14:59 - 2018-09-08 00:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-12-19 14:59 - 2018-08-31 04:27 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-12-19 14:59 - 2018-08-31 04:26 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-12-19 14:59 - 2018-08-31 04:25 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2018-12-19 14:59 - 2018-08-31 04:25 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-12-19 14:59 - 2018-08-31 03:41 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-12-19 14:59 - 2018-08-31 03:40 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2018-12-19 14:59 - 2018-08-31 00:42 - 000155112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-12-19 14:59 - 2018-08-31 00:28 - 000134936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-12-19 14:59 - 2018-08-31 00:15 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-12-19 14:59 - 2018-08-31 00:14 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-12-19 14:59 - 2018-08-31 00:13 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-12-19 14:59 - 2018-08-31 00:08 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-12-19 14:59 - 2018-08-28 03:49 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-12-19 14:59 - 2018-08-13 23:14 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-12-19 14:59 - 2018-08-09 06:31 - 000253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-12-19 14:59 - 2018-08-09 06:14 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2018-12-19 14:59 - 2018-08-09 06:14 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollUI.dll
2018-12-19 14:59 - 2018-08-09 06:12 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-12-19 14:59 - 2018-08-09 06:09 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-12-19 14:59 - 2018-08-09 06:09 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-12-19 14:59 - 2018-08-09 05:24 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2018-12-19 14:59 - 2018-08-09 05:23 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollUI.dll
2018-12-19 14:59 - 2018-08-09 05:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-12-19 14:59 - 2018-08-09 05:20 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-12-19 14:59 - 2018-08-09 02:01 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2018-12-19 14:59 - 2018-08-09 01:53 - 000125600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2018-12-19 14:59 - 2018-08-09 01:30 - 000183992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2018-12-19 14:59 - 2018-08-09 01:29 - 000099208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2018-12-19 14:59 - 2018-08-09 01:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2018-12-19 14:59 - 2018-08-09 01:27 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2018-12-19 14:59 - 2018-08-09 01:26 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-12-19 14:59 - 2018-08-09 01:26 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-12-19 14:59 - 2018-08-09 01:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-12-19 14:59 - 2018-08-09 01:22 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-12-19 14:59 - 2018-08-09 01:13 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2018-12-19 14:59 - 2018-08-09 01:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsAuth.dll
2018-12-19 14:59 - 2018-08-09 01:11 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-12-19 14:59 - 2018-08-09 01:08 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-12-19 14:59 - 2018-08-03 05:24 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-12-19 14:59 - 2018-08-03 05:24 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-12-19 14:59 - 2018-08-03 04:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-12-19 14:59 - 2018-08-03 04:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2018-12-19 14:59 - 2018-08-03 04:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-12-19 14:59 - 2018-08-03 00:47 - 000128920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2018-12-19 14:59 - 2018-08-03 00:41 - 000061736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-12-19 14:59 - 2018-08-03 00:40 - 000228136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-12-19 14:59 - 2018-08-03 00:40 - 000072800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-12-19 14:59 - 2018-08-03 00:39 - 000114080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-12-19 14:59 - 2018-08-03 00:39 - 000075160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-12-19 14:59 - 2018-08-03 00:39 - 000031648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-12-19 14:59 - 2018-08-03 00:38 - 000115640 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-12-19 14:59 - 2018-08-03 00:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-12-19 14:59 - 2018-08-03 00:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-12-19 14:59 - 2018-08-03 00:14 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-12-19 14:59 - 2018-08-03 00:12 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-12-19 14:59 - 2018-07-14 21:58 - 000094112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-12-19 14:59 - 2018-07-14 21:41 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-12-19 14:59 - 2018-07-14 01:21 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-12-19 14:59 - 2018-07-14 01:19 - 000636944 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-12-19 14:59 - 2018-07-14 00:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Controls.dll
2018-12-19 14:59 - 2018-07-14 00:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2018-12-19 14:59 - 2018-07-14 00:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-12-19 14:59 - 2018-07-14 00:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-12-19 14:59 - 2018-07-14 00:55 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-12-19 14:59 - 2018-07-14 00:55 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-12-19 14:59 - 2018-07-14 00:55 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-12-19 14:59 - 2018-07-14 00:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-12-19 14:59 - 2018-07-14 00:54 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-12-19 14:59 - 2018-07-14 00:54 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-12-19 14:59 - 2018-07-14 00:54 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-12-19 14:59 - 2018-07-14 00:53 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-12-19 14:59 - 2018-07-14 00:53 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-12-19 14:59 - 2018-07-14 00:52 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-12-19 14:59 - 2018-07-14 00:50 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-12-19 14:59 - 2018-07-06 10:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-12-19 14:59 - 2018-07-06 10:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-12-19 14:59 - 2018-07-06 08:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-12-19 14:59 - 2018-07-06 04:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-12-19 14:59 - 2018-07-06 03:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-12-19 14:59 - 2018-07-06 03:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-12-19 14:59 - 2018-07-06 03:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-12-19 14:59 - 2018-07-06 03:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-12-19 14:59 - 2018-07-06 03:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-12-19 14:59 - 2018-07-06 03:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-12-19 14:59 - 2018-07-06 03:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-12-19 14:59 - 2018-07-06 03:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-12-19 14:59 - 2018-07-06 03:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-12-19 14:59 - 2018-06-15 14:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-12-19 14:59 - 2018-06-15 14:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-12-19 14:59 - 2018-06-15 14:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-12-19 14:59 - 2018-06-15 14:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-12-19 14:59 - 2018-06-15 14:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-12-19 14:59 - 2018-06-15 14:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-12-19 14:59 - 2018-06-15 14:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-12-19 14:59 - 2018-06-15 14:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-12-19 14:59 - 2018-06-15 14:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-12-19 14:59 - 2018-06-15 14:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-12-19 14:59 - 2018-06-15 12:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-12-19 14:59 - 2018-06-15 12:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-12-19 14:59 - 2018-06-15 12:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-12-19 14:59 - 2018-06-15 04:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-12-19 14:59 - 2018-06-15 04:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-12-19 14:59 - 2018-06-15 02:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-12-19 14:59 - 2018-06-15 02:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-12-19 14:59 - 2018-06-15 02:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-12-19 14:59 - 2018-06-15 02:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-12-19 14:59 - 2018-06-15 02:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-12-19 14:59 - 2018-06-15 02:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-12-19 14:59 - 2018-06-15 02:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-12-19 14:59 - 2018-06-15 02:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-12-19 14:59 - 2018-06-15 02:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-12-19 14:59 - 2018-06-15 02:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-12-19 14:59 - 2018-06-15 02:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-12-19 14:59 - 2018-06-15 02:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-12-19 14:59 - 2018-06-15 02:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-12-19 14:59 - 2018-06-15 01:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-12-19 14:59 - 2018-06-15 01:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-12-19 14:59 - 2018-06-15 01:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-12-19 14:59 - 2018-06-15 01:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-12-19 14:59 - 2018-06-15 01:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll

#13
2018-12-19 14:59 - 2018-06-15 01:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-12-19 14:59 - 2018-06-15 01:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-12-19 14:59 - 2018-06-15 01:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-12-19 14:59 - 2018-06-15 01:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-12-19 14:59 - 2018-06-15 01:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-12-19 14:59 - 2018-06-15 01:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-12-19 14:59 - 2018-06-15 01:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-12-19 14:59 - 2018-06-15 01:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-12-19 14:59 - 2018-06-15 01:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-12-19 14:59 - 2018-06-15 01:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-12-19 14:59 - 2018-06-15 01:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-12-19 14:59 - 2018-06-15 01:42 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2018-12-19 14:59 - 2018-06-15 01:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-12-19 14:59 - 2018-06-15 01:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-12-19 14:59 - 2018-06-15 01:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-12-19 14:59 - 2018-06-15 01:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-12-19 14:59 - 2018-06-15 01:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-12-19 14:59 - 2018-06-15 01:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-12-19 14:59 - 2018-06-15 01:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-12-19 14:58 - 2018-12-08 09:29 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-12-19 14:58 - 2018-12-08 04:39 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-12-19 14:58 - 2018-12-08 04:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-12-19 14:58 - 2018-12-08 04:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-19 14:58 - 2018-12-08 04:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-12-19 14:58 - 2018-12-08 04:36 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-12-19 14:58 - 2018-12-08 04:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-12-19 14:58 - 2018-12-08 04:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2018-12-19 14:58 - 2018-12-08 03:16 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-12-19 14:58 - 2018-11-08 23:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-12-19 14:58 - 2018-11-08 23:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-19 14:58 - 2018-11-08 23:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-12-19 14:58 - 2018-11-08 22:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-19 14:58 - 2018-11-08 22:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-12-19 14:58 - 2018-11-08 22:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-12-19 14:58 - 2018-11-01 04:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-12-19 14:58 - 2018-11-01 04:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-12-19 14:58 - 2018-11-01 04:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-12-19 14:58 - 2018-10-21 09:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-12-19 14:58 - 2018-10-21 08:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-12-19 14:58 - 2018-10-21 04:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-12-19 14:58 - 2018-10-21 04:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-12-19 14:58 - 2018-10-21 04:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-12-19 14:58 - 2018-10-21 04:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-12-19 14:58 - 2018-10-21 03:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-12-19 14:58 - 2018-09-08 04:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-12-19 14:58 - 2018-09-08 04:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-12-19 14:58 - 2018-09-08 04:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-12-19 14:58 - 2018-09-08 03:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-12-19 14:58 - 2018-09-08 00:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-12-19 14:58 - 2018-09-08 00:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-12-19 14:58 - 2018-09-08 00:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-12-19 14:58 - 2018-09-08 00:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-12-19 14:58 - 2018-08-31 00:17 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\netevent.dll
2018-12-19 14:58 - 2018-08-31 00:12 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netevent.dll
2018-12-19 14:58 - 2018-08-09 06:14 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2018-12-19 14:58 - 2018-08-09 06:13 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-12-19 14:58 - 2018-08-09 01:26 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-12-19 14:58 - 2018-08-09 01:11 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-12-19 14:58 - 2018-08-03 05:24 - 000046592 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2018-12-19 14:58 - 2018-08-03 00:17 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-12-19 14:58 - 2018-08-03 00:16 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-12-19 14:58 - 2018-08-03 00:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2018-12-19 14:58 - 2018-07-14 00:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2018-12-19 14:58 - 2018-07-14 00:56 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2018-12-19 14:58 - 2018-07-14 00:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2018-12-19 14:58 - 2018-07-14 00:55 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-12-19 14:58 - 2018-07-14 00:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2018-12-19 14:58 - 2018-07-06 04:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-12-19 14:58 - 2018-07-06 04:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-12-19 14:58 - 2018-07-06 04:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-12-19 14:58 - 2018-07-06 04:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-12-19 14:58 - 2018-07-06 04:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-12-19 14:58 - 2018-07-06 04:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-12-19 14:58 - 2018-07-06 04:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-12-19 14:58 - 2018-07-06 04:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-12-19 14:58 - 2018-07-06 03:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-12-19 14:58 - 2018-07-06 03:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-12-19 14:58 - 2018-07-06 03:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-12-19 14:58 - 2018-07-06 03:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-12-19 14:58 - 2018-07-06 03:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-12-19 14:58 - 2018-07-06 03:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-12-19 14:58 - 2018-07-06 03:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-12-19 14:58 - 2018-07-06 03:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-12-19 14:58 - 2018-06-15 14:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-12-19 14:58 - 2018-06-15 01:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-12-19 14:58 - 2018-06-15 01:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-12-19 14:58 - 2018-06-15 01:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-12-19 14:58 - 2018-06-15 01:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-12-19 14:38 - 2018-12-26 20:59 - 000164633 ____H C:\Users\arnal\AppData\Local\IconCache.db.backup
2018-12-19 14:37 - 2018-12-19 14:37 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForarnal.job
2018-12-19 08:37 - 2018-12-19 08:35 - 072520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-12-19 08:37 - 2018-12-19 08:35 - 005876734 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-12-19 08:37 - 2018-12-19 08:35 - 003199232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 002895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-12-19 08:37 - 2018-12-19 08:35 - 002477528 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 002053376 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 001435152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 001355616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 001023240 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-12-19 08:37 - 2018-12-19 08:35 - 000088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-12-19 08:36 - 2018-12-19 08:35 - 001601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2018-12-19 08:36 - 2018-12-19 08:35 - 000574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2018-12-19 08:36 - 2018-12-19 08:35 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-12-19 08:36 - 2018-12-19 08:35 - 000118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2018-12-19 08:32 - 2018-12-19 08:32 - 000000000 ____D C:\Users\arnal\AppData\Local\RadeonInstaller
2018-12-19 08:31 - 2018-12-19 08:31 - 000000000 ____D C:\AMD
2018-12-19 07:37 - 2018-12-26 12:51 - 000000000 ____D C:\ProgramData\Packages
2018-12-19 07:37 - 2018-12-19 07:37 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-12-19 07:36 - 2018-12-19 07:36 - 000001417 _____ C:\Users\arnal\Desktop\Microsoft Edge.lnk
2018-12-19 07:33 - 2018-12-19 07:33 - 000000020 ___SH C:\Users\arnal\ntuser.ini
2018-12-19 03:10 - 2018-12-19 00:41 - 000000000 ____D C:\Windows.old
2018-12-19 03:04 - 2018-12-19 03:10 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-12-19 03:01 - 2018-12-19 03:04 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-12-19 03:01 - 2018-12-19 03:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-12-19 02:57 - 2018-12-19 02:57 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-12-19 02:57 - 2018-12-19 02:57 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-12-19 02:57 - 2018-12-19 02:57 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-12-19 02:56 - 2018-12-19 02:56 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-12-19 02:56 - 2018-12-19 02:56 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-12-19 02:56 - 2018-12-19 02:56 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-12-19 02:56 - 2018-12-19 02:56 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-12-19 02:56 - 2018-12-19 02:56 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-12-19 02:56 - 2018-12-19 02:56 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-12-19 02:56 - 2018-12-19 02:56 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-12-19 02:56 - 2018-12-19 02:56 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-12-19 02:56 - 2018-12-19 02:56 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-12-19 02:56 - 2018-12-19 02:56 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-12-19 02:56 - 2018-12-19 02:56 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-12-19 02:56 - 2018-12-19 02:56 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat
2018-12-19 02:56 - 2018-12-19 02:56 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-12-19 02:48 - 2018-12-19 02:48 - 000000000 ____D C:\inetpub
2018-12-19 02:47 - 2018-12-19 02:47 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-12-19 02:47 - 2018-12-19 02:47 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-12-19 02:47 - 2018-12-19 02:47 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-12-19 02:47 - 2018-12-19 02:47 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-12-19 02:47 - 2018-12-19 02:47 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-12-19 02:47 - 2018-12-19 02:47 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-12-19 02:47 - 2018-12-19 02:47 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-12-19 02:47 - 2018-12-19 02:47 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-12-19 02:47 - 2018-12-19 02:47 - 000000000 ____D C:\Program Files\MSBuild
2018-12-19 02:47 - 2018-12-19 02:47 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-12-19 02:47 - 2018-12-19 02:47 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-12-19 02:45 - 2018-12-19 02:45 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-12-19 02:45 - 2018-12-19 02:45 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-12-19 02:45 - 2018-12-19 02:45 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-12-19 02:45 - 2018-12-19 02:45 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-12-19 02:45 - 2018-12-19 02:45 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-12-19 02:45 - 2018-12-19 02:45 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-12-19 02:41 - 2018-12-19 02:41 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2018-12-19 02:41 - 2018-12-19 02:41 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2018-12-19 02:41 - 2018-12-19 02:41 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-12-19 00:39 - 2018-12-26 21:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-19 00:39 - 2018-12-23 00:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2018-12-19 00:39 - 2018-12-20 22:17 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2530918004-119752134-1037699108-1001
2018-12-19 00:39 - 2018-12-19 00:41 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-19 00:39 - 2018-12-19 00:39 - 000002540 _____ C:\WINDOWS\System32\Tasks\HPDAS
2018-12-19 00:39 - 2018-12-19 00:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-12-19 00:38 - 2018-12-19 00:39 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-12-19 00:38 - 2018-12-19 00:39 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-12-19 00:21 - 2018-12-19 00:21 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-12-19 00:18 - 2018-12-26 21:18 - 000000000 ____D C:\Users\arnal
2018-12-19 00:18 - 2018-12-20 22:17 - 000002370 _____ C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-19 00:17 - 2018-12-26 21:34 - 001968798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-19 00:16 - 2018-12-19 00:16 - 000000000 ____D C:\ProgramData\USOShared
2018-12-19 00:16 - 2018-04-11 20:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-12-19 00:12 - 2018-12-27 10:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-19 00:11 - 2018-12-19 17:46 - 000418400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-19 00:01 - 2018-12-19 00:01 - 000111038 _____ C:\WINDOWS\uninstaller.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-27 10:02 - 2017-12-03 11:41 - 000000000 ____D C:\Users\arnal\AppData\LocalLow\Mozilla
2018-12-27 10:01 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-26 21:34 - 2018-04-12 13:18 - 000857110 _____ C:\WINDOWS\system32\perfh00A.dat
2018-12-26 21:34 - 2018-04-12 13:18 - 000188332 _____ C:\WINDOWS\system32\perfc00A.dat
2018-12-26 21:34 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-26 21:26 - 2017-12-03 01:56 - 002125143 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2018-12-26 21:25 - 2018-04-11 18:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-26 21:25 - 2017-12-03 00:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-12-26 16:52 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-12-26 16:52 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-26 12:56 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-26 12:42 - 2017-12-03 10:40 - 000000000 ____D C:\Users\arnal\AppData\Local\Packages
2018-12-25 19:25 - 2018-01-12 21:52 - 000000000 ____D C:\Users\arnal\AppData\Roaming\AIMP
2018-12-25 11:58 - 2017-12-12 09:53 - 000000000 ____D C:\Users\arnal\Desktop\FOTOS
2018-12-25 11:04 - 2017-12-31 12:24 - 000000000 ____D C:\Users\arnal\Downloads\PROGRAMAS BAJADOS
2018-12-25 02:34 - 2017-12-03 11:41 - 000000000 ____D C:\Users\arnal\AppData\Roaming\Mozilla
2018-12-25 02:07 - 2018-06-03 02:00 - 000000000 ___DC C:\WINDOWS\Panther
2018-12-24 19:47 - 2017-12-29 00:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-12-23 10:38 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2018-12-23 01:48 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-23 01:37 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\registration
2018-12-23 00:06 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-23 00:06 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-23 00:06 - 2018-03-09 16:32 - 000000000 ___RD C:\Users\arnal\Desktop\Arnol
2018-12-23 00:06 - 2018-01-28 18:49 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2018-12-23 00:06 - 2017-12-29 00:18 - 000000000 ____D C:\Users\arnal\AppData\Roaming\uTorrent
2018-12-23 00:06 - 2017-12-09 21:33 - 000000000 ___RD C:\Users\arnal\3D Objects
2018-12-23 00:06 - 2017-12-09 21:33 - 000000000 ____D C:\Users\arnal\AppData\Local\ConnectedDevicesPlatform
2018-12-23 00:06 - 2017-12-03 12:09 - 000000000 ____D C:\Users\arnal\AppData\Roaming\GHISLER
2018-12-23 00:06 - 2017-12-03 12:04 - 000000000 ____D C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-23 00:06 - 2017-12-03 02:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-12-23 00:05 - 2018-10-07 15:19 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-12-23 00:05 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-12-23 00:05 - 2018-04-11 20:41 - 000000000 ____D C:\WINDOWS\Setup
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SystemResources
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\DDFs
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\schemas
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\L2Schemas
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-23 00:05 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-12-23 00:05 - 2018-04-11 18:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-12-23 00:05 - 2018-04-11 18:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-12-23 00:05 - 2018-04-11 18:04 - 000000000 ____D C:\WINDOWS\servicing
2018-12-23 00:05 - 2018-03-10 12:21 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-12-23 00:05 - 2018-02-14 19:58 - 000000000 ____D C:\WINDOWS\pss
2018-12-23 00:05 - 2017-12-03 01:59 - 000000000 ____D C:\WINDOWS\HP
2018-12-23 00:05 - 2017-12-03 01:56 - 000000000 ____D C:\WINDOWS\tbaseregistry
2018-12-23 00:05 - 2015-11-02 15:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-23 00:05 - 2015-10-30 04:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-12-22 23:30 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-12-20 22:55 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-20 22:32 - 2018-01-05 22:19 - 000000000 ____D C:\Users\arnal\Downloads\RENTABLe
2018-12-20 22:17 - 2017-12-03 10:44 - 000000000 ___RD C:\Users\arnal\OneDrive
2018-12-19 22:23 - 2017-12-05 19:47 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-19 22:04 - 2017-12-05 20:16 - 000000000 ___RD C:\Users\arnal\Maletin
2018-12-19 21:31 - 2017-12-03 01:59 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2018-12-19 21:30 - 2017-12-03 01:59 - 000000000 ____D C:\ProgramData\WildTangent
2018-12-19 21:05 - 2018-01-28 18:49 - 000000000 ____D C:\Users\arnal\AppData\Roaming\DAEMON Tools Lite
2018-12-19 21:01 - 2017-12-15 08:40 - 000000000 ____D C:\Users\arnal\AppData\Roaming\Opera Software
2018-12-19 19:27 - 2018-03-06 16:44 - 000000000 ____D C:\Users\arnal\AppData\Local\PlaceholderTileLogoFolder
2018-12-19 17:43 - 2018-04-11 20:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-12-19 17:43 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-12-19 08:38 - 2017-12-03 00:55 - 000098911 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2018-12-19 08:38 - 2017-12-03 00:55 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control Panel.lnk
2018-12-19 08:38 - 2017-12-03 00:55 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-12-19 08:38 - 2017-12-03 00:55 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-12-19 08:35 - 2017-12-03 00:55 - 004874496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-12-19 08:35 - 2017-12-03 00:55 - 003283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-12-19 08:35 - 2017-12-03 00:55 - 003086960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-12-19 08:35 - 2017-12-03 00:55 - 001847888 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-12-19 08:35 - 2017-12-03 00:55 - 000192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-12-19 08:35 - 2017-12-03 00:55 - 000023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-12-19 08:35 - 2016-04-18 14:43 - 000000000 ____D C:\SWSetup
2018-12-19 03:10 - 2018-04-11 20:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\system
2018-12-19 03:10 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-19 03:10 - 2018-04-02 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual
2018-12-19 03:10 - 2018-03-10 12:25 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2018-12-19 03:10 - 2018-03-09 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TextAloud
2018-12-19 03:10 - 2018-01-26 01:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PBE
2018-12-19 03:10 - 2018-01-26 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2018-12-19 03:10 - 2017-12-06 16:31 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-12-19 03:10 - 2017-12-05 23:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-19 03:10 - 2017-12-05 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2018-12-19 03:10 - 2017-12-03 13:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-19 03:10 - 2017-12-03 12:51 - 000000000 ____D C:\Program Files\UNP
2018-12-19 03:10 - 2017-12-03 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-12-19 03:10 - 2017-12-03 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-19 03:10 - 2017-12-03 01:00 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-12-19 03:10 - 2017-12-03 00:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-12-19 03:10 - 2017-12-03 00:56 - 000000000 ____D C:\Program Files\AMD
2018-12-19 03:10 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-12-19 03:10 - 2016-04-18 12:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2018-12-19 03:10 - 2016-04-18 12:53 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-12-19 03:10 - 2016-04-18 12:52 - 000000000 ____D C:\Program Files (x86)\HP
2018-12-19 03:05 - 2017-12-03 00:55 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-12-19 03:04 - 2018-04-12 13:22 - 000000000 ____D C:\WINDOWS\OCR
2018-12-19 03:04 - 2017-12-06 16:31 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-12-19 03:04 - 2017-12-06 12:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2018-12-19 03:04 - 2017-12-03 00:57 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-12-19 03:04 - 2017-12-03 00:55 - 000000000 ____D C:\Program Files\Realtek
2018-12-19 02:48 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-12-19 02:48 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-12-19 02:47 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-12-19 02:47 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-12-19 00:40 - 2018-04-11 18:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-19 00:29 - 2018-04-11 20:38 - 000000000 __RSD C:\WINDOWS\media
2018-12-19 00:29 - 2017-12-09 21:12 - 000023124 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-12-19 00:17 - 2015-11-03 03:05 - 001872876 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-12-19 00:16 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-12-19 00:16 - 2017-12-03 01:01 - 000000000 ____D C:\Program Files\Elantech
2018-12-18 21:53 - 2018-04-02 17:56 - 000000000 ____D C:\Users\arnal\Desktop\jana
2018-12-18 21:37 - 2017-12-03 13:21 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-18 21:36 - 2018-03-06 08:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-18 21:36 - 2017-12-03 10:25 - 000000000 ____D C:\Program Files\rempl
2018-12-18 21:14 - 2018-02-03 01:39 - 000592616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2018-12-19 21:00 - 2018-12-19 21:00 - 025260414 _____ (TigerTrade                                                  ) C:\ProgramData\hgzqbd.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 000000104 _____ () C:\ProgramData\hgzqbf.bat
1601-01-03 21:26 - 1601-01-03 21:26 - 000178688 _____ (Microsoft Corporation) C:\Users\arnal\AppData\Roaming\BmoV.exe
2018-12-19 21:05 - 2018-12-19 21:05 - 000865521 _____ () C:\Users\arnal\AppData\Local\0gafanswjc0v.zip
2017-12-03 10:41 - 2018-12-27 10:01 - 000140311 _____ () C:\Users\arnal\AppData\Local\BTServer.log
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\arnal\AppData\Local\ewEIukYaoAgi.exe
2018-12-19 20:59 - 2018-12-19 20:59 - 000140800 _____ () C:\Users\arnal\AppData\Local\installer.dat
2018-02-14 21:05 - 2018-02-14 21:05 - 000000000 ___SH () C:\Users\arnal\AppData\Local\LumaEmu
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\arnal\AppData\Local\QiBdweFIxEeiu.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 000000003 _____ () C:\Users\arnal\AppData\Local\wbem.ini

Some files in TEMP:
====================
2018-12-19 21:00 - 2018-12-19 21:00 - 013205167 _____ (MAL                                                         ) C:\Users\arnal\AppData\Local\Temp\elhy4u5fmmb.exe
2018-12-19 20:59 - 2018-12-19 20:59 - 000382464 _____ () C:\Users\arnal\AppData\Local\Temp\TigSetup.exe
2018-12-19 21:16 - 2018-12-19 21:00 - 000099906 _____ () C:\Users\arnal\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-19 00:11

==================== End of FRST.txt ============================

Ya Daniela ahí estan en tres mensajes el FRST.txt que generó


#14
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.12.2018
Ran by arnold (27-12-2018 10:06:24)
Running from C:\Users\arnal\Downloads
Windows 10 Home Single Language Version 1803 17134.471 (X64) (2018-12-19 03:41:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2530918004-119752134-1037699108-500 - Administrator - Disabled)
arnold (S-1-5-21-2530918004-119752134-1037699108-1001 - Administrator - Enabled) => C:\Users\arnal
DefaultAccount (S-1-5-21-2530918004-119752134-1037699108-503 - Limited - Disabled)
Invitado (S-1-5-21-2530918004-119752134-1037699108-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2530918004-119752134-1037699108-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2530918004-119752134-1037699108-1001\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{020D236C-0860-8700-6645-A8D7DF7D1219}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{B8D846ED-A061-FC73-1A80-E45A70FC8BE1}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{05B3192F-37A6-D1F0-365B-476D69C3F0D2}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{5FBFEC71-C194-6D96-21D9-80C183E25878}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9A841032-8472-D1CE-0ACB-E399AC7A2199}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{9DF52711-9C0C-5B80-6304-49CE67D2824D}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{7516F9DE-6B63-B709-84CE-3098F06DD318}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{AF5429E4-27FD-3F52-A54D-6BD8F4A68963}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{5BA23300-0626-7146-471A-5BF56F8B5CBD}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{3FF26615-BB9E-2C89-6532-4B6215A20BB5}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{58EB8CBE-C35C-ADE2-1F58-0F9D453976D4}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B84C4DE7-F6A1-CC2A-9EE3-781DC5D600C2}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{401E894B-7172-98C5-0DA6-A05F78EE79B9}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{A3A601FE-245E-B0EE-F0B1-DDACCBBFDF7B}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6332ED4-35E5-CC2A-4E37-612FC1985994}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{89551DFD-EC10-8C4C-E127-9EEB614346FA}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{9E3D8484-056C-E087-D6F4-FCCD5EF6FABB}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{ADC3E089-7CA6-E182-26B3-A7DA6438636D}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01C748AD-07EC-9D6B-3F15-43D49C5E9DE6}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{E5407BDB-DAF1-F28E-B835-BB90F20A3333}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{9A8954B1-8591-D49B-F337-800094222F7E}) (Version: 2016.0326.2041.34859 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6129 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - Nombre de su organización) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0337 - Disc Soft Ltd)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ELAN Touchpad 15.2.6.13_X64_WHQL (HKLM\...\Elantech) (Version: 15.2.6.13 - ELAN Microelectronic Corp.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E959FD01-BD01-4CC4-9BB8-4EBE8309BF37}) (Version: 8.7.50.3 - HP)
HP Support Solutions Framework (HKLM-x32\...\{21925AE1-929D-4222-B38B-80BC30BBE09C}) (Version: 12.10.49.21 - HP)
HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.10 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Loquendo TTS Carlos 6.6.0 (HKLM-x32\...\{3130FBF6-BAF1-4ED3-9977-6E6B353EBF35}) (Version: 6.6.0 - Loquendo)
Loquendo TTS: Jorge (Spanish) (HKLM-x32\...\LoqTTS-Jorge_is1) (Version:  - )
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2530918004-119752134-1037699108-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{26d3efd6-ca22-4f93-bf78-c422efaf105d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 64.0 (x64 es-ES)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
PBE (HKLM-x32\...\PBE 1.0) (Version: 1.0 - Riot Games, Inc)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.3 - Power Software Ltd)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.52 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10240.31219 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7779 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.69 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TextAloud 3.0 (HKLM-x32\...\TextAloud3_is1) (Version: 3.0 - NextUp.com)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Web Companion (HKLM-x32\...\{bd533ce1-6812-4604-a2db-4aef13adb3dc}) (Version: 4.4.1950.3825 - Lavasoft)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-02-09] (AIMP DevTeam)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-12] (Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-02-09] (AIMP DevTeam)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-11-22] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03B7E4B0-2137-4EBA-8D05-B8B1BEBCA6DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0A7F9581-1DDB-4EBA-B72E-2589C7F64B87} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {178C8DCC-8DAD-49FC-9DB2-61032DE7D7E5} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
Task: {22896C0C-5EBF-4330-97F7-7D9D5C305857} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {3C037A0B-4EFB-4351-8003-7EC541405935} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
Task: {4C5D3D70-E33F-45E0-861B-8C10DFCCE2EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {69BDEE9E-B1FC-40E8-89C3-002EED65DA7C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {A689FF13-2F7C-41C3-BFE6-C7DCE7A796F0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {B41CEFCE-0A60-47DD-B429-46B0B2EF6E6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {B4EDC9D0-94AE-4D9E-A4FD-C2ABD6C3A281} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BC8CADD8-A314-4E42-8998-C1CADD4BF99F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {C499EF4E-1116-4B00-89C1-FD8BB1200B0C} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {C4C3D3FF-F369-410C-9A33-598ABBEE8D8C} - System32\Tasks\HPCeeScheduleForarnold => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {C56D4C10-99E5-4109-9641-B736EB1CFD27} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D915831A-5022-4125-BB3D-FA7A024C77D0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {E02380B2-166C-49D4-B1DF-6AD0C7B04ACA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {ED83AFBD-4060-4A73-8254-506F1FF5522B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {FA79C363-31C2-4592-8BAA-1287515BEB0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForarnal.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехрlоrеr.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\arnal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firеfох.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firеfoх.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-12-03 01:00 - 2015-11-19 18:44 - 000127192 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2018-12-24 18:20 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-11 20:34 - 2018-04-11 20:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2016-03-26 23:25 - 2016-03-26 23:25 - 000138752 _____ () c:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2018-04-11 20:34 - 2018-04-11 20:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-19 15:00 - 2018-11-08 23:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-19 15:00 - 2018-12-08 04:33 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-18 21:52 - 2018-12-18 21:52 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-18 21:52 - 2018-12-18 21:52 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-09 22:15 - 2017-12-09 22:15 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-12-18 21:52 - 2018-12-18 21:52 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-18 21:52 - 2018-12-18 21:52 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-18 21:52 - 2018-12-18 21:52 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-12-18 21:56 - 2018-12-18 21:57 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-12-23 11:35 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2018-12-23 11:35 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2018-12-23 11:35 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2018-12-23 11:35 - 2017-05-12 11:36 - 000507464 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2530918004-119752134-1037699108-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 04:24 - 2018-12-26 21:24 - 000000828 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2530918004-119752134-1037699108-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\arnal\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Foto0311.jpg
DNS Servers: 200.83.1.4 - 190.160.0.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "PowerDVD14Agent"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-2530918004-119752134-1037699108-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9334D33A-D788-4D35-A824-E42E22F9511F}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{DFEAE0C3-ED85-40C5-A05A-A11423C91939}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{B47431FA-F0FA-4543-9A2F-5285F82A0762}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation)
FirewallRules: [{31835E62-89C5-47DD-B758-BD9B8D8B97AC}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation)
FirewallRules: [{E6FF79F3-CA7D-4E26-B2BF-CDFCE70AEF24}] => (Allow) LPort=1688
FirewallRules: [{C9D33669-8E6C-4280-846F-153E8C0BB835}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd)
FirewallRules: [{FD8CA343-C48C-46CD-B545-41502FB5EE1E}] => (Allow) C:\Users\arnal\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{2632ABB5-3080-4999-92FD-4F587330BA3D}] => (Allow) C:\Users\arnal\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{762F564A-F0A9-4854-91EC-943A5CE3E89D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{F9F0D378-F47D-473F-AB22-3DB5D121CCDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{61E20CB5-EFC8-442D-9146-CAC653AFB99C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{560C2C59-B508-4A06-A9BC-770657F6EE4D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{D2B7FE7E-3138-46D9-854D-8AC9330E4A57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp.)
FirewallRules: [{E791BF2F-1544-48B0-9E75-8256C7A0FB82}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp.)
FirewallRules: [{9601B02E-78CF-4A74-97EA-750C1CBCAA46}] => (Allow) 㩃啜敳獲慜湲污䅜灰慄慴剜慯業杮楜普卯睩楜普卯睩攮數 No File
FirewallRules: [{D019A1A0-8AA9-4B5D-9157-8DF26D359283}] => (Allow) 㩃啜敳獲慜湲污䅜灰慄慴剜慯業杮楜普卯睩剜湵䥓攮數 No File
FirewallRules: [{B35AA685-D083-4ED8-8703-432378B767F5}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Corporation)
FirewallRules: [{6E51F716-531D-40FC-A431-4164FC37C867}] => (Allow) C:\Users\arnal\AppData\Local\QiBdweFIxEeiu.exe (Microsoft Corporation)
FirewallRules: [{3407964C-E8B6-4CBA-9278-DC7E7DBCC967}] => (Allow) C:\Users\arnal\AppData\Local\ewEIukYaoAgi.exe (Microsoft Corporation)
FirewallRules: [{CAD1459C-8250-437D-93B0-221F341BEF7A}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{EB984CB8-58B2-420B-9EF5-DC4259596CB5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{FACAB8DB-508A-4CC2-B941-80D006AD6555}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2018 09:50:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MicrosoftEdge.exe, versión: 11.0.17134.471, marca de tiempo: 0x5c0b7893
Nombre del módulo con errores: win32u.dll, versión: 10.0.17134.1, marca de tiempo: 0xb8eb0e32
Código de excepción: 0xcfffffff
Desplazamiento de errores: 0x00000000000096e4
Identificador del proceso con errores: 0x1ebc
Hora de inicio de la aplicación con errores: 0x01d49d7af1ef8736
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\win32u.dll
Identificador del informe: 1f6f36ec-8950-42de-8b9c-eb9cee718872
Nombre completo del paquete con errores: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
Identificador de aplicación relativa del paquete con errores: MicrosoftEdge

Error: (12/26/2018 09:26:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: tbaseprovisioning.exe, versión: 1.0.0.0, marca de tiempo: 0x56b4dcb7
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.441, marca de tiempo: 0x3da51fd0
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x00111812
Identificador del proceso con errores: 0x710
Hora de inicio de la aplicación con errores: 0x01d49d7ac2f4edd6
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 5f60be8a-e427-4c74-a3d3-2eb7211095ab
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/26/2018 09:26:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: tbaseprovisioning.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.InvalidOperationException
   en System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress, Boolean)
   en System.ServiceModel.Security.SecurityUtils.GetCertificateFromStore(System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.X509FindType, System.Object, System.ServiceModel.EndpointAddress)
   en System.ServiceModel.Security.X509CertificateRecipientServiceCredential.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation, System.Security.Cryptography.X509Certificates.StoreName, System.Security.Cryptography.X509Certificates.X509FindType, System.Object)
   en System.ServiceModel.Configuration.X509RecipientCertificateServiceElement.ApplyConfiguration(System.ServiceModel.Security.X509CertificateRecipientServiceCredential)
   en System.ServiceModel.Configuration.ServiceCredentialsElement.ApplyConfiguration(System.ServiceModel.Description.ServiceCredentials)
   en System.ServiceModel.Configuration.ServiceCredentialsElement.CreateBehavior()
   en System.ServiceModel.Description.ConfigLoader.LoadBehaviors[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ServiceModel.Configuration.ServiceModelExtensionCollectionElement`1<System.ServiceModel.Configuration.BehaviorExtensionElement>, System.Collections.Generic.KeyedByTypeCollection`1<System.__Canon>, Boolean)
   en System.ServiceModel.Description.ConfigLoader.LoadServiceDescription(System.ServiceModel.ServiceHostBase, System.ServiceModel.Description.ServiceDescription, System.ServiceModel.Configuration.ServiceElement, System.Action`1<System.Uri>, Boolean)
   en System.ServiceModel.ServiceHostBase.LoadConfigurationSectionInternal(System.ServiceModel.Description.ConfigLoader, System.ServiceModel.Description.ServiceDescription, System.ServiceModel.Configuration.ServiceElement)
   en System.ServiceModel.ServiceHostBase.ApplyConfiguration()
   en System.ServiceModel.ServiceHost.ApplyConfiguration()
   en System.ServiceModel.ServiceHostBase.InitializeDescription(System.ServiceModel.UriSchemeKeyedCollection)
   en System.ServiceModel.ServiceHost.InitializeDescription(System.Type, System.ServiceModel.UriSchemeKeyedCollection)
   en System.ServiceModel.ServiceHost..ctor(System.Type, System.Uri[])
   en RootPaApp.RootPaWindowsService.startThread()
   en System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()

Error: (12/26/2018 09:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: HiJackThis.exe, versión: 2.9.0.11, marca de tiempo: 0x5b7e5787
Nombre del módulo con errores: MSVBVM60.DLL, versión: 6.0.98.15, marca de tiempo: 0x49b01fc3
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ae87
Identificador del proceso con errores: 0x12f4
Hora de inicio de la aplicación con errores: 0x01d49d7a9073a60d
Ruta de acceso de la aplicación con errores: C:\Users\arnal\Downloads\HiJackThis.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\MSVBVM60.DLL
Identificador del informe: 76ed40f1-a9b2-482b-9e69-613d5d493fe0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/26/2018 09:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: HiJackThis.exe, versión: 2.9.0.11, marca de tiempo: 0x5b7e5787
Nombre del módulo con errores: HiJackThis.exe, versión: 2.9.0.11, marca de tiempo: 0x5b7e5787
Código de excepción: 0xc00001a5
Desplazamiento de errores: 0x00006ab0
Identificador del proceso con errores: 0x12f4
Hora de inicio de la aplicación con errores: 0x01d49d7a9073a60d
Ruta de acceso de la aplicación con errores: C:\Users\arnal\Downloads\HiJackThis.exe
Ruta de acceso del módulo con errores: C:\Users\arnal\Downloads\HiJackThis.exe
Identificador del informe: fad33657-2266-41a5-bff7-cb5e1bd6ce97
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (12/26/2018 09:17:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (12/26/2018 09:16:03 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {c35c4375-beac-4d12-aa51-98538a754937}

Error: (12/26/2018 09:00:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: tbaseprovisioning.exe, versión: 1.0.0.0, marca de tiempo: 0x56b4dcb7
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.441, marca de tiempo: 0x3da51fd0
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x00111812
Identificador del proceso con errores: 0x6ec
Hora de inicio de la aplicación con errores: 0x01d49d7731191c5f
Ruta de acceso de la aplicación con errores: C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 9261a812-2460-43ba-8eeb-207d20cb750a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (12/27/2018 10:05:48 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-279BD6ED)
Description: El servidor {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/27/2018 10:03:48 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-279BD6ED)
Description: El servidor {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/27/2018 10:01:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\LOCAL SERVICE con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (12/27/2018 09:58:05 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {9E175B68-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/27/2018 09:57:34 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-279BD6ED)
Description: El servidor {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/27/2018 09:57:03 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-279BD6ED)
Description: El servidor {9E175B6D-F52A-11D8-B9A5-505054503030} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/27/2018 09:56:32 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-279BD6ED)
Description: El servidor {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (12/27/2018 09:56:01 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-279BD6ED)
Description: El servidor {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} no se registró con DCOM dentro del tiempo de espera requerido.


Windows Defender:
===================================
Date: 2018-12-26 17:05:46.025
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {2CA8C779-19E6-4346-8DA3-66846CAA807F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-12-24 20:46:45.390
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {CF5C721C-372B-4254-B551-A07017E9223D}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2018-12-24 19:00:57.607
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {C87A99D6-FDA5-49BF-90B0-D5388A93C67A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: LAPTOP-279BD6ED\arnold

Date: 2018-12-20 22:16:58.712
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {4E0A007E-92FA-4ECB-B384-1D09D3489B86}
Tipo de examen: Antimalware
Parámetros de examen: Examen completo
Usuario: LAPTOP-279BD6ED\arnold

Date: 2018-12-19 21:04:08.841
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Nombre: Trojan:Win32/Occamy.C
Id.: 2147726780
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Users\arnal\AppData\Local\Temp\wzexlnlm.ftj\nuwpqicunde.exe
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: LAPTOP-279BD6ED\arnold
Nombre de proceso: C:\Users\arnal\AppData\Local\Temp\wzexlnlm.ftj\nuwpqicunde.exe
Versión de firma: AV: 1.283.1001.0, AS: 1.283.1001.0, NIS: 0.0.0.0
Versión de motor: AM: 1.1.15500.2, NIS: 0.0.0.0

Date: 2018-12-22 22:53:16.407
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.283.1255.0
Versión de firma anterior: 1.283.1180.0
Origen de actualización: Usuario
Tipo de firma: AntiSpyware
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 1.1.15500.2
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico. 

Date: 2018-12-22 22:53:16.406
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 1.283.1255.0
Versión de firma anterior: 1.283.1180.0
Origen de actualización: Usuario
Tipo de firma: AntiVirus
Tipo de actualización: Diferencia
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 1.1.15500.2
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80509004
Descripción del error: Problema inesperado. Instala todas las actualizaciones disponibles e intenta iniciar el programa de nuevo. Para obtener más información sobre cómo instalar actualizaciones, consulta Ayuda y soporte técnico. 

Date: 2018-12-19 23:07:47.069
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1001.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-12-19 23:07:47.068
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1001.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

Date: 2018-12-19 23:07:47.068
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.283.1001.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15500.2
Código de error: 0x80072ee7
Descripción del error: No se pudo resolver el nombre de servidor o su dirección 

==================== Memory info =========================== 

Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics 
Percentage of memory in use: 22%
Total physical RAM: 15322.01 MB
Available physical RAM: 11810.32 MB
Total Virtual: 17626.01 MB
Available Virtual: 13971.02 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:911.64 GB) (Free:566.04 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.64 GB) (Free:2.13 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{e8adb94e-0be8-4308-94ea-e7581462d242}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.49 GB) NTFS
\\?\Volume{83627730-bcbd-4fe9-875e-486d9027fa2c}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#15

Y ahi el Addition.txt Una ves mas Muchas gracias por tu gran ayuda Saludos


#16

Hola

No descargaste y ejecutaste Frst desde el escritorio como te indiqué, muévelo al escritorio si no fallará el siguiente paso.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> DefaultScope {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tsrc=301&p_w=y0w50&q={searchTerms}
R1 CA318505356C; C:\WINDOWS\CA318505356C.sys [621416 2018-12-19] (VideoDriver)
2018-12-19 21:33 - 2018-12-24 18:50 - 000000000 ____D C:\WINDOWS\SysWOW64\owsmugoc
2018-12-19 21:25 - 2018-12-19 21:25 - 000000000 ____D C:\ProgramData\{7AF27571-D226-3E5A-5ECF-D9B25E2880E3}
2018-12-19 21:25 - 2018-12-19 21:25 - 000000000 ____D C:\ProgramData\{3437A3DD-048A-709F-F219-1CFCF2FE45AD}
2018-12-19 21:11 - 2018-12-19 21:11 - 000000000 ____D C:\ProgramData\{5A78D3CF-7498-1ED0-E069-5392E08E0AC3}
2018-12-19 21:11 - 2018-12-19 21:11 - 000000000 ____D C:\ProgramData\{58DA6DD9-CA8E-1C72-F6D7-F190F630A8C1}
2018-12-19 21:09 - 2018-12-19 21:10 - 000000000 ____D C:\ProgramData\{DCA8878D-20DA-9800-A23D-8314A2DADA45}
2018-12-19 21:09 - 2018-12-19 21:10 - 000000000 ____D C:\ProgramData\{81608C32-2B65-C5C8-1D36-4B491DD11218}
2018-12-19 21:01 - 2018-12-19 21:09 - 000000000 ____D C:\ProgramData\{73016DAC-CAFB-37A9-83D7-2ABB833073EA}
2018-12-19 21:01 - 2018-12-19 21:09 - 000000000 ____D C:\ProgramData\{5C61C557-6200-18C9-787F-4A94789813C5}
2018-12-19 21:01 - 2018-12-19 21:01 - 000621416 _____ (VideoDriver) C:\WINDOWS\CA318505356C.sys
2018-12-19 21:00 - 2018-12-24 18:50 - 000000000 ____D C:\Users\arnal\AppData\Roaming\4xmodj5pqrm
2018-12-19 21:00 - 2018-12-23 00:06 - 000000000 ____D C:\Program Files\SRAJKJX6KS
2018-12-19 21:00 - 2018-12-19 21:00 - 025260414 _____ (TigerTrade ) C:\ProgramData\hgzqbd.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 000000000 ____D C:\Users\arnal\AppData\Local\0vadkugl5we0
1601-01-03 21:26 - 1601-01-03 21:26 - 000178688 _____ (Microsoft Corporation) C:\Users\arnal\AppData\Roaming\BmoV.exe
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\arnal\AppData\Local\ewEIukYaoAgi.exe
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\arnal\AppData\Local\QiBdweFIxEeiu.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 013205167 _____ (MAL                                                         ) C:\Users\arnal\AppData\Local\Temp\elhy4u5fmmb.exe
2018-12-19 20:59 - 2018-12-19 20:59 - 000382464 _____ () C:\Users\arnal\AppData\Local\Temp\TigSetup.exe
2018-12-19 21:16 - 2018-12-19 21:00 - 000099906 _____ () C:\Users\arnal\AppData\Local\Temp\Uninstall.exe
Task: {03B7E4B0-2137-4EBA-8D05-B8B1BEBCA6DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Shortcut: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехрlоrеr.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\arnal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Мozillа Firеfох.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firеfoх.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
AlternateDataStreams: C:\Windows:nlsPreferences [386]
FirewallRules: [{9601B02E-78CF-4A74-97EA-750C1CBCAA46}] => (Allow) 㩃啜敳獲慜湲污䅜灰慄慴剜慯業杮楜普卯睩楜普卯睩攮數 No File
FirewallRules: [{D019A1A0-8AA9-4B5D-9157-8DF26D359283}] => (Allow) 㩃啜敳獲慜湲污䅜灰慄慴剜慯業杮楜普卯睩剜湵䥓攮數 No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#23

Hola acabo de pasar el malwarebites y cero no encontro nada,ahora por tiempo mas tarde pasare el Spybot-S&D


#24

Hola

Los reportes son de un nuevo análisis, realizaste las últimas indicaciones que te di?

Un saludo


#25

sii se hiso todo como me dijiste Saludos


#26

Hola

Antes de darte los pasos para la eliminación de los programas utilizados, podrías poner el reporte que generó el Fixlog para revisarlo?

Un saludo


#32

Hola

Si, pero habías subido los reportes de Frst.txt y Addition, igual que ahora, pero estos son los primeros que tuvimos y el que necesitamos es el reporte con nombre Fixlog.txt que tiene que estar en el escritorio también :wink:

Un saludo


#33
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by arnold (01-01-2019 18:59:16) Run:1
Running from C:\Users\arnal\Desktop
Loaded Profiles: arnold (Available Profiles: arnold)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> DefaultScope {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tmsrc=301&p_w=y0w50&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tmsrc=301&p_w=y0w50&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530918004-119752134-1037699108-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=cl&p_tmsrc=301&p_w=y0w50&q={searchTerms}
R1 CA318505356C; C:\WINDOWS\CA318505356C.sys [621416 2018-12-19] (VideoDriver)
2018-12-19 21:33 - 2018-12-24 18:50 - 000000000 ____D C:\WINDOWS\SysWOW64\owsmugoc
2018-12-19 21:25 - 2018-12-19 21:25 - 000000000 ____D C:\ProgramData\{7AF27571-D226-3E5A-5ECF-D9B25E2880E3}
2018-12-19 21:25 - 2018-12-19 21:25 - 000000000 ____D C:\ProgramData\{3437A3DD-048A-709F-F219-1CFCF2FE45AD}
2018-12-19 21:11 - 2018-12-19 21:11 - 000000000 ____D C:\ProgramData\{5A78D3CF-7498-1ED0-E069-5392E08E0AC3}
2018-12-19 21:11 - 2018-12-19 21:11 - 000000000 ____D C:\ProgramData\{58DA6DD9-CA8E-1C72-F6D7-F190F630A8C1}
2018-12-19 21:09 - 2018-12-19 21:10 - 000000000 ____D C:\ProgramData\{DCA8878D-20DA-9800-A23D-8314A2DADA45}
2018-12-19 21:09 - 2018-12-19 21:10 - 000000000 ____D C:\ProgramData\{81608C32-2B65-C5C8-1D36-4B491DD11218}
2018-12-19 21:01 - 2018-12-19 21:09 - 000000000 ____D C:\ProgramData\{73016DAC-CAFB-37A9-83D7-2ABB833073EA}
2018-12-19 21:01 - 2018-12-19 21:09 - 000000000 ____D C:\ProgramData\{5C61C557-6200-18C9-787F-4A94789813C5}
2018-12-19 21:01 - 2018-12-19 21:01 - 000621416 _____ (VideoDriver) C:\WINDOWS\CA318505356C.sys
2018-12-19 21:00 - 2018-12-24 18:50 - 000000000 ____D C:\Users\arnal\AppData\Roaming\4xmodj5pqrm
2018-12-19 21:00 - 2018-12-23 00:06 - 000000000 ____D C:\Program Files\SRAJKJX6KS
2018-12-19 21:00 - 2018-12-19 21:00 - 025260414 _____ (TigerTrade ) C:\ProgramData\hgzqbd.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 000000000 ____D C:\Users\arnal\AppData\Local\0vadkugl5we0
1601-01-03 21:26 - 1601-01-03 21:26 - 000178688 _____ (Microsoft Corporation) C:\Users\arnal\AppData\Roaming\BmoV.exe
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\arnal\AppData\Local\ewEIukYaoAgi.exe
1601-01-03 21:26 - 1601-01-03 21:26 - 000060416 ____N (Microsoft Corporation) C:\Users\arnal\AppData\Local\QiBdweFIxEeiu.exe
2018-12-19 21:00 - 2018-12-19 21:00 - 013205167 _____ (MAL                                                         ) C:\Users\arnal\AppData\Local\Temp\elhy4u5fmmb.exe
2018-12-19 20:59 - 2018-12-19 20:59 - 000382464 _____ () C:\Users\arnal\AppData\Local\Temp\TigSetup.exe
2018-12-19 21:16 - 2018-12-19 21:00 - 000099906 _____ () C:\Users\arnal\AppData\Local\Temp\Uninstall.exe
Task: {03B7E4B0-2137-4EBA-8D05-B8B1BEBCA6DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Shortcut: C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ???l?r?r.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic
Shortcut: C:\Users\arnal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\?ozill? Fir?f??.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fir?fo?.lnk -> C:\Users\arnal\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic
AlternateDataStreams: C:\Windows:nlsPreferences [386]
FirewallRules: [{9601B02E-78CF-4A74-97EA-750C1CBCAA46}] => (Allow) ????????????????????????? No File
FirewallRules: [{D019A1A0-8AA9-4B5D-9157-8DF26D359283}] => (Allow) ???????????????????????? No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
"HKU\S-1-5-21-2530918004-119752134-1037699108-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2530918004-119752134-1037699108-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} => removed successfully
HKLM\Software\Classes\CLSID\{0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} => not found
HKU\S-1-5-21-2530918004-119752134-1037699108-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c2b8e594-d284-ef0b-2c66-48a9c98914bc} => removed successfully
HKLM\Software\Classes\CLSID\{c2b8e594-d284-ef0b-2c66-48a9c98914bc} => not found
CA318505356C => Unable to stop service.
HKLM\System\CurrentControlSet\Services\CA318505356C => removed successfully
CA318505356C => service removed successfully
C:\WINDOWS\SysWOW64\owsmugoc => moved successfully
C:\ProgramData\{7AF27571-D226-3E5A-5ECF-D9B25E2880E3} => moved successfully
C:\ProgramData\{3437A3DD-048A-709F-F219-1CFCF2FE45AD} => moved successfully
C:\ProgramData\{5A78D3CF-7498-1ED0-E069-5392E08E0AC3} => moved successfully
C:\ProgramData\{58DA6DD9-CA8E-1C72-F6D7-F190F630A8C1} => moved successfully
C:\ProgramData\{DCA8878D-20DA-9800-A23D-8314A2DADA45} => moved successfully
C:\ProgramData\{81608C32-2B65-C5C8-1D36-4B491DD11218} => moved successfully
C:\ProgramData\{73016DAC-CAFB-37A9-83D7-2ABB833073EA} => moved successfully
C:\ProgramData\{5C61C557-6200-18C9-787F-4A94789813C5} => moved successfully
Could not move "C:\WINDOWS\CA318505356C.sys" => Scheduled to move on reboot.
C:\Users\arnal\AppData\Roaming\4xmodj5pqrm => moved successfully
C:\Program Files\SRAJKJX6KS => moved successfully
C:\ProgramData\hgzqbd.exe => moved successfully
C:\Users\arnal\AppData\Local\0vadkugl5we0 => moved successfully
C:\Users\arnal\AppData\Roaming\BmoV.exe => moved successfully
C:\Users\arnal\AppData\Local\ewEIukYaoAgi.exe => moved successfully
C:\Users\arnal\AppData\Local\QiBdweFIxEeiu.exe => moved successfully
"C:\Users\arnal\AppData\Local\Temp\elhy4u5fmmb.exe" => not found
"C:\Users\arnal\AppData\Local\Temp\TigSetup.exe" => not found
"C:\Users\arnal\AppData\Local\Temp\Uninstall.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03B7E4B0-2137-4EBA-8D05-B8B1BEBCA6DB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03B7E4B0-2137-4EBA-8D05-B8B1BEBCA6DB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"C:\Users\arnal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ???l?r?r.lnk" => Could not move.
"C:\Users\arnal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\?ozill? Fir?f??.lnk" => Could not move.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fir?fo?.lnk" => Could not move.
C:\Windows => ":nlsPreferences" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9601B02E-78CF-4A74-97EA-750C1CBCAA46}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D019A1A0-8AA9-4B5D-9157-8DF26D359283}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2530918004-119752134-1037699108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2530918004-119752134-1037699108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 1 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth 2 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 1:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Wi-Fi:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::44a1:da89:5ed4:4177%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.17
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

{B6B06197-30CF-403A-A9AD-4DB156971464} canceled.
{F77DFB95-B5EA-47A0-A5BD-D8E1AE9B3372} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 53191845 B
Java, Flash, Steam htmlcache => 988 B
Windows/system/drivers => 36256 B
Edge => 551505 B
Chrome => 134101347 B
Firefox => 1074233417 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7516 B
LocalService => 0 B
NetworkService => 5974262 B
NetworkService => 0 B
arnal => 180788100 B

RecycleBin => 554983233 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-01-2019 19:08:09)

C:\WINDOWS\CA318505356C.sys => Could not move

==== End of Fixlog 19:08:10 ====