Mi PC no me deja elimirar carpetas

Hola mucho gusto, espero haga bien este tema, verán ya de hace varias semanas mi pc ya no me deja eliminar carpetas, siempre me sale que no tengo permiso de administración y esas cosas, casi para todo! ademas que en usuarios tengo una carpeta llama así john.DESKTOP-T0QSL8N?? antes tenia avast, ya prove, avira, dr.web y panda. Ahora uso el que trae windows 10 por defecto. Pero la cuestion es que ya no se que hacer.

Gracias de antemano y espero su ayuda

Hola @diegos

Primero analicemos tu equipo:

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes Versión 4

  • Lo ejecutas siguiendo los pasos de su Manual.
  • Realizas un Análisis Personalizado
  • Revisa especialmente como salvar el reporte.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

Hola mil gracias por la respuesta tan rápida. Acá están los reportes de los programas que me dijiste que usara.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-17-2020
# Duration: 00:00:02
# OS:       Windows 10 Home Single Language
# Cleaned:  11
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\spyhunter
Deleted       C:\Program Files\Enigma Software Group
Deleted       C:\Program Files\spyhunter
Deleted       C:\ProgramData\MicrosoftCorporation
Deleted       C:\ProgramData\tiser
Deleted       C:\Users\Public\Documents\Downloaded Installers
Deleted       C:\Users\diego ruata\AppData\Local\slimware utilities inc
Deleted       C:\Windows\HhSm
Deleted       C:\Windows\rss

***** [ Files ] *****

Deleted       C:\END
Deleted       C:\Users\diego ruata\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2961 octets] - [17/05/2020 00:35:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 17/5/20
Hora del análisis: 0:12
Archivo de registro: 57d5a544-9805-11ea-b3d5-484d7ea1974e.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.23968
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.836)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-T0QSL8N\diego ruata

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 324672
Amenazas detectadas: 18
Amenazas en cuarentena: 18
Tiempo transcurrido: 2 min, 25 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 1
PUP.Optional.WinOptimizer, C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO WINOPTIMIZER 17\WINOPTIMIZERCONTEXTHANDLER64.DLL, En cuarentena, 3517, 821494, , , , 

Clave del registro: 16
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\WinOptimizerContextHandler.DLL, En cuarentena, 3517, 821497, 1.0.23968, , ame, 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\WinOptimizerContextHandler.DLL, En cuarentena, 3517, 821497, 1.0.23968, , ame, 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\CLSID\{45495078-B36D-4865-A67B-45CD8742AA1B}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\CLSID\{45495078-B36D-4865-A67B-45CD8742AA1B}\InprocServer32, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\WinOptimizerContextHandler.Extension.1, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\TYPELIB\{87B9C42D-3317-4109-B7FC-802675ABC5DA}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\INTERFACE\{FD165B0C-68F1-48EE-93B3-163F8595E80F}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FD165B0C-68F1-48EE-93B3-163F8595E80F}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FD165B0C-68F1-48EE-93B3-163F8595E80F}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{87B9C42D-3317-4109-B7FC-802675ABC5DA}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{87B9C42D-3317-4109-B7FC-802675ABC5DA}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\CLSID\{4C2351D7-7CAF-4D5D-9CB8-815019A5ADB3}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\*\SHELLEX\CONTEXTMENUHANDLERS\{4C2351D7-7CAF-4D5D-9CB8-815019A5ADB3}, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\CLSID\{4C2351D7-7CAF-4D5D-9CB8-815019A5ADB3}\InprocServer32, En cuarentena, 3517, 821494, , , , 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\WinOptimizerContextHandler.Extension, En cuarentena, 3517, 821494, 1.0.23968, , ame, 
PUP.Optional.WinOptimizer, HKLM\SOFTWARE\CLASSES\APPID\WinOptimizerContextHandler.DLL, En cuarentena, 3517, 821497, 1.0.23968, , ame, 

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.WinOptimizer, C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO WINOPTIMIZER 17\WINOPTIMIZERCONTEXTHANDLER64.DLL, En cuarentena, 3517, 821494, , , , 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
~ ZHPCleaner v2020.5.12.197 by Nicolas Coolman (2020/05/12)
~ Run by diego ruata (Administrator)  (17/05/2020 00:56:13)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Certificate ZHPCleaner: Legal
~ Type : Reparar
~ Report : C:\Users\diego ruata\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\diego ruata\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home Single Language, 64-bit  (Build 18362)

---\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados. (ADS)

---\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados. (Servicio)

---\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados. (Navegador)

---\  Hosts carpeta (1)
~ El archivo hosts es legítimo (21)

---\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados. (Tarea)

---\  Explorador ( Archivos, Carpetas ) (2)
MOVIDO carpeta: C:\Users\diego ruata\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk  [Bad : C:\Users\diego ruata\AppData\Roaming\BitTorrent\BitTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO archivo: C:\Program Files (x86)\Cezurity  =>.SUP.Empty

---\  Registro ( Claves, Valores, Datos) (1)
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)

---\  Resumen de elementos en su estación de trabajo (2)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Empty

---\ Limpieza adicional. (1)
~ Clave de registro Tracing borrados (1)
~ Quitar los antiguos informes de ZHPCleaner. (0)

---\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK

---\ STATISTIQUES
~ Items escaneado : 1224
~ Items encontrado : 0
~ artículos cancelados : 0
~ Ahorro de espacio (bytes) : 0
~ Items opciones : 8/15

---\ OPCIONES NO ACTIVAS
~ Análisis temporal de archivos
~ Análisis temporal de carpetas
~ Análisis de CLSID de carpetas vacías
~ Vaciar otro análisis de carpetas
~ Análisis de carpetas locales vacías
~ Análisis de archivos de instalación obsoleto

~ End of clean in 00h00mn34s

---\  Reporte (2)
ZHPCleaner-[S]-17052020-00_53_12.txt
ZHPCleaner-[R]-17052020-00_56_47.txt

Espero ayude y siempre mil gracias.

Ayer Hice todo lo que me pidieron y hoy; me dije pues vamos a probar, y ya no me da ningún problema! Mil gracias se desbloqueo la PC, jajajaja MIL GRACIAS!!! No se que tenia, pero gracias a Dios por este foro. Ya puedo descansar en paz.

Muchas Gracias. :smile:

P.D.: Aun me da Curiosidad la carpeta john.DESKTOP-T0QSL8N, porque tengo una capeta llamada Juan?

Y una ves mas gracias. :smiley:

2 Me gusta

Hola @diegos

Que bueno que todo este mejor!!!

Pero aun no cantemos victoria.

Realizaste con Malwarebytes un Análisis de Amenazas y necesito que realices un Análisis Personalizado (Sigue el Manual que te deje)

Tipo de análisis: Análisis de amenazas Tiempo transcurrido: 2 min, 25 seg

Puede tardar, va de acuerdo a tu tamaño de disco y cantidad de archivos

Luego de reiniciar, cuando Malwarebytes termine realizas lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan/Analizar y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Perdón no me fije que hice un Análisis de Amenazas jeje.

Acá están los resultados.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 18/5/20
Hora del análisis: 7:21
Archivo de registro: 8d02b4c2-990a-11ea-a405-484d7ea1974e.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.24044
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.836)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-T0QSL8N\diego ruata

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 534243
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 42 min, 9 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 13-05-2020 01
Ejecutado por diego ruata (18-05-2020 09:49:20)
Ejecutado desde C:\Users\diego ruata\Desktop
Windows 10 Home Single Language Versión 1903 18362.836 (X64) (2019-08-15 14:39:21)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1486343048-83721877-620847005-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1486343048-83721877-620847005-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1486343048-83721877-620847005-1000 - Limited - Disabled) => C:\Users\defaultuser0
diego ruata (S-1-5-21-1486343048-83721877-620847005-1001 - Administrator - Enabled) => C:\Users\diego ruata
Invitado (S-1-5-21-1486343048-83721877-620847005-501 - Limited - Disabled)
john (S-1-5-21-1486343048-83721877-620847005-1002 - Administrator - Enabled) => C:\Users\john.DESKTOP-T0QSL8N
WDAGUtilityAccount (S-1-5-21-1486343048-83721877-620847005-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Ashampoo Music Studio 7 (HKLM-x32\...\{91B33C97-6B1A-B73D-D2FE-BFD378F77213}_is1) (Version: 7.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 17 (HKLM-x32\...\{4209F371-A288-7880-7A7F-D105477C7D11}_is1) (Version: 17.00.24 - Ashampoo GmbH & Co. KG)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
AudioThing Vinyl Strip (HKLM\...\Vinyl Strip_is1) (Version: 1.1.5 - AudioThing)
Call of Duty - United Offensive (HKLM-x32\...\{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Nombre de su organización) Hidden
Call of Duty - United Offensive (HKLM-x32\...\InstallShield_{A662E280-64A8-4CF5-8407-13D0808602B3}) (Version: 1.00.0000 - Nombre de su organización)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1115 - Disc Soft Ltd)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.3.9.0 - Dell Inc.) Hidden
Dell OSD (HKLM-x32\...\Dell OSD_is1) (Version: 1.2.10.1127 - Dell Inc.)
Diablo II Complete Edition version 1.13d (HKLM-x32\...\Diablo II Complete Edition_is1) (Version: 1.13d - Blizzard Entertainment)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
GoldWave v6.26 (HKLM\...\GoldWave v6.26) (Version: 6.26 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #2) (Version:  - )
Hero Editor V1.03 (C:\Program Files (x86)\Hero Editor\) (HKLM-x32\...\ST6UNST #3) (Version:  - )
Hero Editor V1.03 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BC9BA4BE-DA5C-488C-97ED-0BE86C2E69B4}) (Version: 17.1.1524.1353 - Intel Corporation)
iZotope RX 7 Audio Editor (HKLM\...\RX 7 Audio Editor_is1) (Version: 7.0.1 - iZotope)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mp3tag v3.01 (HKLM-x32\...\Mp3tag) (Version: 3.01 - Florian Heidenreich)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7908 - Realtek Semiconductor Corp.)
Software Intel® PROSet/Wireless (HKLM-x32\...\{c28476ae-214c-4ed9-b4ae-5b3c00a4ef72}) (Version: 18.33.0 - Intel Corporation)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
SpywareBlaster 5.6 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.6.0 - BrightFort LLC)
StarCraft versión 1.16.1 (HKLM-x32\...\{580D8422-EC60-4BD8-B05A-B3E209B6AD35}_is1) (Version: 1.16.1 - Blizzard Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8  - Winamp SA)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
CyberLink Media Suite Essentials -> C:\Program Files\WindowsApps\DB6EA5DB.CyberLinkMediaSuiteEssentials_1.0.10.0_x86__mcezb6ze687jp [2018-03-30] (CYBERLINK CORPORATION.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-24] (Microsoft Corporation) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-05-07] (Microsoft Corporation) [MS Ad]

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1486343048-83721877-620847005-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\diego ruata\Dropbox [2017-07-20 21:15]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-05-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-05-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_364f43f2a27f7bd7\igfxDTCM.dll [2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\Windows\SysWOW64\prodad-codec.dll [506392 2016-04-27] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [Archivo no firmado]

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2018-10-18 16:13 - 2018-10-18 16:13 - 000939008 _____ () [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000012800 _____ () [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\out_wasapi.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000268288 _____ () [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\libFLAC.dll
2020-03-27 10:50 - 2020-03-27 10:50 - 000398336 _____ (Florian Heidenreich) [Archivo no firmado] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000017408 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Components\ssdp.w6c
2018-10-18 16:13 - 2018-10-18 16:13 - 000338944 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2018-10-18 16:13 - 2018-10-18 16:13 - 000041984 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\gen_crasher.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 001770496 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000031232 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000323072 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000026624 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000070144 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000061440 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000072704 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000051200 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000044032 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000008192 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000112128 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000041472 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000150016 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000052224 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000077824 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000024064 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000239104 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000024064 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000100864 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000031744 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000226816 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000165376 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000057856 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_downloads.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000060928 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000059904 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000329728 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000139776 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000111104 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000287232 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000038912 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000033792 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000126464 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\ml_wire.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000024576 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000053760 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000019968 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000058368 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000163840 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000020992 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000113664 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000053248 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000078336 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000867328 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\jnetlib.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000212992 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\libmp4v2.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000165376 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\libmpg123.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000260096 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\libsndfile.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000086016 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\nde.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000418304 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\nsutil.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000030208 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\nxlite.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000094208 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\tataki.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000051200 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\Shared\zlib.dll
2018-10-18 16:13 - 2018-10-18 16:13 - 000030208 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\aacdec.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000026112 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\albumart.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000018432 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\bmp.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000034304 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\devices.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000017920 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\dlmgr.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000015360 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\filereader.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000019456 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\gif.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000869888 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\jnetlib.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000156160 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\jpeg.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000027648 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\mp3.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000308224 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\ombrowser.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000091648 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\playlist.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000086528 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\png.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000024064 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\tagz.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000037376 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\timer.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000048128 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\wasabi2.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000088576 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\xml.w5s
2018-10-18 16:13 - 2018-10-18 16:13 - 000017408 _____ (Winamp SA) [Archivo no firmado] C:\Program Files (x86)\Winamp\System\xspf.w5s

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143]
AlternateDataStreams: C:\ProgramData\TEMP:D735933A [394]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\1001movie.com -> 1001movie.com

Hay 6091 más sitios.


==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2019-03-18 22:49 - 2020-02-07 22:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKU\S-1-5-21-1486343048-83721877-620847005-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\diego ruata\Pictures\wallup-47090 (1).jpg
DNS Servers: 216.230.147.90 - 216.230.128.32
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: lfsvc => 3
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "OSDApp"
HKLM\...\StartupApproved\Run: => "Realtek HD Audio"
HKLM\...\StartupApproved\Run32: => "UnlockerAssistant"
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_E12D31EC7A616745F3ED34F7E6090615"
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{7397ADA5-C913-4C7E-AC6E-732D9128F68B}] => (Allow) LPort=9393
FirewallRules: [{D96E1C28-54D3-4A33-84CA-EF88684E2791}] => (Allow) LPort=9494
FirewallRules: [{379CBF42-8CE2-49DD-B93D-9E92AB3875AA}] => (Allow) LPort=9393
FirewallRules: [{E9653363-FDE5-465F-9C62-219E39712F1B}] => (Allow) LPort=9494
FirewallRules: [{67983E67-0F5C-472E-827E-B4C2F637D72B}] => (Allow) LPort=3389
FirewallRules: [{C4536245-18FE-40D5-875E-CC98345322A0}] => (Allow) LPort=3389
FirewallRules: [{6C60EFDA-0CF2-4B37-9C83-3D525BF36F34}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{EDB41FCD-7E60-4014-BBA1-C0E132F8FA44}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E10A9A06-651D-4AA4-86D3-AD7A4F697814}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{52DF5BA9-E5BF-4687-9A64-84C276E72E7F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [TCP Query User{13A8641E-15B6-432B-BB8E-ADEAE44F3EB1}C:\program files (x86)\tomahawk\tomahawk.exe] => (Block) C:\program files (x86)\tomahawk\tomahawk.exe (Jeffrey Mitchell -> ) [Archivo no firmado]
FirewallRules: [UDP Query User{76EFB3D0-1BFA-4D62-AAC9-AF80215AEBDC}C:\program files (x86)\tomahawk\tomahawk.exe] => (Block) C:\program files (x86)\tomahawk\tomahawk.exe (Jeffrey Mitchell -> ) [Archivo no firmado]
FirewallRules: [TCP Query User{EB905CC4-E562-44F2-BAE3-0615C1D15788}C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe] => (Block) C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe (Cheat Engine -> Cheat Engine)
FirewallRules: [UDP Query User{F7BA702C-D91A-47AF-B57C-889E8A026E04}C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe] => (Block) C:\program files (x86)\cheat engine 6.7\cheatengine-x86_64.exe (Cheat Engine -> Cheat Engine)
FirewallRules: [{F0D37553-9F52-4C1B-AA2B-6CB4D37E0E17}] => (Allow) C:\Users\diego ruata\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{4A3D61A5-39F2-441B-A1FA-5963104249B6}] => (Allow) C:\Users\diego ruata\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8EFC8BCE-9D17-4CDF-9C47-62162B6DA4E8}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{315D112A-3F7B-47E2-9E4C-BA347479E3D3}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{2877986F-B3FA-46C2-89A1-1F12BC8519AA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2CA809E0-67B2-42D1-BA21-33DFA5752A53}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{4DFD711A-9B1D-4906-8C22-3421A5A757C4}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{385C7E99-9F98-49E0-A600-683EB1F7DAC6}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{E8A0AD40-CF4A-4869-AFEE-27208428B122}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{EF5FF9FE-70E4-4117-B15A-FD3F3D451704}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)

==================== Puntos de Restauración =========================


==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Pantalla táctil compatible con HID
Description: Pantalla táctil compatible con HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Dispositivos de sistema estándar)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (05/18/2020 08:18:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8320,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/18/2020 04:32:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7948,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/18/2020 04:04:40 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8088,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/17/2020 10:56:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2128,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/17/2020 10:37:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7220,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/17/2020 10:16:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4348,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (05/17/2020 10:05:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (05/18/2020 01:19:58 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Se anularon las instantáneas del volumen C: porque el almacenamiento de instantáneas no pudo crecer debido a un límite impuesto por el usuario.

Error: (05/17/2020 12:36:12 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T0QSL8N)
Description: El servidor {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/17/2020 12:36:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Disc Soft Lite Bus Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/17/2020 12:36:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Cyberlink RichVideo Service(CRVS) se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/17/2020 12:36:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (05/17/2020 12:36:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Content Protection HECI Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/17/2020 12:36:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Waves Audio Services se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/17/2020 12:36:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio OSDSrv se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-05-17 00:39:50.115
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2020-05-17T06:39:50.115Z
Usuario: (unknown user)
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.315.812.0
Versión del motor: 1.1.17000.7
Versión del producto: 4.18.2004.6

Date: 2020-05-17 00:39:43.871
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
Tiempo de detección: 2020-05-17T06:39:43.863Z
Usuario: NT AUTHORITY\SYSTEM
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
Versión de inteligencia de seguridad: 1.315.812.0
Versión del motor: 1.1.17000.7
Versión del producto: 4.18.2004.6

Date: 2020-05-17 00:19:00.584
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2020-05-17T06:19:00.584Z
Usuario: (unknown user)
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de inteligencia de seguridad: 1.315.812.0
Versión del motor: 1.1.17000.7
Versión del producto: 4.18.2004.6

Date: 2020-05-17 00:18:38.641
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
Tiempo de detección: 2020-05-17T06:18:38.615Z
Usuario: NT AUTHORITY\SYSTEM
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
Versión de inteligencia de seguridad: 1.315.812.0
Versión del motor: 1.1.17000.7
Versión del producto: 4.18.2004.6

Date: 2020-05-16 23:47:15.276
Description: 
El acceso controlado a carpetas bloqueó C:\Windows\explorer.exe para que no pueda modificar %userprofile%\Pictures\Camera Roll\.
Hora de detección: 2020-05-17T05:47:15.275Z
Usuario: DESKTOP-T0QSL8N\diego ruata
Ruta de acceso: %userprofile%\Pictures\Camera Roll\
Nombre del proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: 1.315.812.0
Versión del motor: 1.1.17000.7
Versión del producto: 4.18.2004.6

CodeIntegrity:
===================================

Date: 2020-05-16 20:56:08.082
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-16 20:56:08.078
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-16 20:56:07.839
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-16 20:56:07.837
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-05-16 20:39:29.676
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-16 20:39:29.675
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-16 20:25:33.180
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-16 20:25:33.179
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: Dell Inc. 2.5.0 06/15/2016
Placa base: Dell Inc. 0V03J3
Procesador: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Porcentaje de memoria en uso: 25%
RAM física total: 16287.18 MB
RAM física disponible: 12164.92 MB
Virtual total: 20287.18 MB
Virtual disponible: 16435.57 MB

==================== Unidades ================================

Drive c: (OS) (Fixed) (Total:918.67 GB) (Free:801.35 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:307.69 GB) NTFS

\\?\Volume{cbafc5eb-8fe0-4039-8560-b1f50bcceb5c}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{8cdda3f0-f668-4e5b-b270-788a212ecd08}\ (Image) (Fixed) (Total:11.72 GB) (Free:0.5 GB) NTFS
\\?\Volume{e31c01ef-884f-4191-bf22-3074547c4ce8}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A6ADB393)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 48EAC0AF)
Partition 1: (Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Espero esto ayude :grinning:

Hola @diegos

Falta el reporte mas importante, el FRST.txt revisa en tu escritorio que debes tenerlo por allí.

Lo copias en tu próxima respuesta.

Salu2

@SanMar Perdón no me fije.

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 13-05-2020 01
Ejecutado por diego ruata (administrador) sobre DESKTOP-T0QSL8N (Dell Inc. Inspiron 24-3459) (18-05-2020 09:47:34)
Ejecutado desde C:\Users\diego ruata\Desktop
Perfiles cargados: diego ruata
Platform: Windows 10 Home Single Language Versión 1903 18362.836 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

() [Archivo no firmado] C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_364f43f2a27f7bd7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_364f43f2a27f7bd7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_364f43f2a27f7bd7\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_364f43f2a27f7bd7\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Winamp SA -> Winamp SA) C:\Program Files (x86)\Winamp\winamp.exe
(Wistron Corporation) [Archivo no firmado] C:\Windows\SysWOW64\OSDSrv\OSDApp.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-05-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {1250daee-3d4c-11ea-b661-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {1250dc65-3d4c-11ea-b661-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {13cbbf94-4b55-11ea-b665-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {13cbc0a7-4b55-11ea-b665-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [38400 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\OSDEventCredProv.dll [2013-12-24] (Wistron Corporation) [Archivo no firmado]
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {0BCE4594-6620-4415-9929-6942457DE8D5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {79150525-0996-446F-9D23-8A133B313425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-19] (Google Inc -> Google Inc.)
Task: {7A58F1B4-8A0B-4947-9380-B80C9BC1D186} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B79592DE-D93E-4856-AB40-840D2E1EE22C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-19] (Google Inc -> Google Inc.)
Task: {E5AA57C6-2A4B-4B04-AD08-FCE4B050FC68} - System32\Tasks\Opera scheduled assistant Autoupdate 1572159133 => C:\Users\diego ruata\AppData\Local\Programs\Opera\launcher.exe
Task: {F8317FDD-7E63-496A-8083-18A5234C25EB} - System32\Tasks\Opera scheduled Autoupdate 1572159120 => C:\Users\diego ruata\AppData\Local\Programs\Opera\launcher.exe

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 216.230.147.90 216.230.128.32
Tcpip\..\Interfaces\{bde18553-ae83-4c3c-ba08-76222a440817}: [DhcpNameServer] 216.230.147.90 216.230.128.32
Tcpip\..\Interfaces\{e8d0891c-188b-47e1-8de6-0c61196c8230}: [DhcpNameServer] 216.230.147.90 216.230.128.32

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1486343048-83721877-620847005-1001 -> DefaultScope {9CEBA58E-3758-4AC5-B319-9BA402304476} URL = 
SearchScopes: HKU\S-1-5-21-1486343048-83721877-620847005-1001 -> {9CEBA58E-3758-4AC5-B319-9BA402304476} URL = 

FireFox:
========
FF DefaultProfile: datffsub.default
FF ProfilePath: C:\Users\diego ruata\AppData\Roaming\Mozilla\Firefox\Profiles\datffsub.default [2020-02-08]
FF ProfilePath: C:\Users\diego ruata\AppData\Roaming\Mozilla\Firefox\Profiles\tqb9koqy.default-release [2020-05-17]
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default [2020-05-18]
CHR Notifications: Default -> hxxps://6sercher.biz; hxxps://tii.ai; hxxps://www.instagram.com; hxxps://www1a.moshemartin.pro
CHR Extension: (Presentaciones) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documentos) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-19]
CHR Extension: (YouTube) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2020-05-07]
CHR Extension: (Hojas de cálculo) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-20]
CHR Profile: C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-17]
CHR Profile: C:\Users\diego ruata\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S4 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Techporch Incorporated -> Dell Inc.)
S4 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-06-23] (Techporch Incorporated -> Dell Inc.)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 17\DfsdkS.exe [406016 2019-09-27] (mst software GmbH, Germany) [Archivo no firmado]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-05-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-09] (Malwarebytes Inc -> Malwarebytes)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-01-04] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 OSDSrv; C:\Windows\SysWoW64\OSDSrv\OSDSrv.EXE [192512 2013-12-27] () [Archivo no firmado]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [323344 2016-09-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2016-06-14] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3832224 2016-01-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2016-06-23] (Techporch Incorporated -> Dell Computer Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-05-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-05-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2017-07-21] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-21] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1096192 2019-08-12] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-13] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-17] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-17] (Malwarebytes Inc -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3515664 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 PQAWRwa; C:\Windows\SysWoW64\OSDSrv\PQAWDrv.sys [17128 2013-12-12] (Wistron Corporation -> Wistron Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [936192 2016-03-22] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [753368 2015-06-15] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-18 09:47 - 2020-05-18 09:48 - 000018033 _____ C:\Users\diego ruata\Desktop\FRST.txt
2020-05-18 09:46 - 2020-05-18 09:48 - 000000000 ____D C:\FRST
2020-05-18 09:07 - 2020-05-18 09:07 - 000000000 ____D C:\Users\diego ruata\AppData\LocalLow\IGDump
2020-05-18 08:08 - 2020-05-18 08:08 - 000001554 _____ C:\Users\diego ruata\Desktop\pp.txt
2020-05-17 21:45 - 2020-05-17 21:45 - 002286080 _____ (Farbar) C:\Users\diego ruata\Desktop\FRST64.exe
2020-05-17 19:46 - 2020-05-17 20:16 - 000000000 ____D C:\Users\diego ruata\Downloads\- El Tigre vuelve al Ataque
2020-05-17 13:13 - 2020-05-17 13:17 - 091645963 _____ C:\Users\diego ruata\Downloads\Fimbulwinter - Servants Of Sorcery (1994) [320] [www.frostdomain.net].zip
2020-05-17 00:43 - 2020-05-17 01:01 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\ZHP
2020-05-17 00:43 - 2020-05-17 00:43 - 000000000 ____D C:\Users\diego ruata\AppData\Local\ZHP
2020-05-17 00:38 - 2020-05-17 00:38 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-17 00:38 - 2020-05-17 00:38 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-05-17 00:38 - 2020-05-17 00:38 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-17 00:37 - 2020-05-17 00:37 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-17 00:30 - 2020-05-17 00:30 - 003302784 _____ (Nicolas Coolman) C:\Users\diego ruata\Desktop\ZHPCleaner.exe
2020-05-17 00:24 - 2020-05-17 00:25 - 008196784 _____ (Malwarebytes) C:\Users\diego ruata\Desktop\adwcleaner_8.0.4.exe
2020-05-17 00:16 - 2020-05-17 00:17 - 000432320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-16 21:06 - 2020-05-16 23:20 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Winamp
2020-05-16 21:06 - 2020-05-16 21:07 - 000000000 ____D C:\Program Files (x86)\Winamp
2020-05-16 09:20 - 2020-05-16 09:21 - 000000000 ____D C:\Program Files\CCleaner
2020-05-16 09:20 - 2020-05-16 09:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-05-16 09:20 - 2020-05-16 09:20 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-05-16 09:20 - 2020-05-16 09:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-13 07:38 - 2020-05-13 07:38 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-13 01:46 - 2020-05-13 01:46 - 005098352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001556200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-05-13 01:46 - 2020-05-13 01:46 - 001417760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001344000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000852992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-05-13 01:46 - 2020-05-13 01:46 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConsoleLogon.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-13 01:46 - 2020-05-13 01:46 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2020-05-13 01:45 - 2020-05-13 01:46 - 025444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 022638592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 019851264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 007822888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 007267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 006525936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 006291456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 005340568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 004612608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 003513856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-13 01:45 - 2020-05-13 01:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-05-13 01:45 - 2020-05-13 01:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-05-13 01:45 - 2020-05-13 01:45 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 002073176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001990576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001952872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001637376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 001393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001306112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001214264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001195008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001099600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 001011712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000943640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000896000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000894016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000778552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000683288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000655360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000564480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000540200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000539184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000441584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000418816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000405424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000345016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-13 01:45 - 2020-05-13 01:45 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000301064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000299064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TaskApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000273744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbroker.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerPlatform.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000262848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchangeHost.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-05-13 01:45 - 2020-05-13 01:45 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-05-13 01:45 - 2020-05-13 01:45 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUxClient.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Management.Workplace.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000165176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Devices.Sensors.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\socialapis.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000099104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.Preview.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeopleAPIs.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticInvoker.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSa.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpSaProxy.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-13 01:45 - 2020-05-13 01:45 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-13 01:45 - 2020-05-13 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-13 01:44 - 2020-05-13 01:45 - 001654952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 009929528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 007902912 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 006710272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 006435328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 006168576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 005945856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 005280192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 005111296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 003807232 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 003655680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002736640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002354688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001975808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001825280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001737216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001646552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001510912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001505592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 001461760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001393960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001370112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001336832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001306424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001288648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001282560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001222656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001218560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001213440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001184256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001085752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000911872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000891392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000888352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000879064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000859944 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000843576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000796904 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000792808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputHost.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000777840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000752584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000716312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000693672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000685368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000650240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000602224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000594472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000581544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000547992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000524208 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000512512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-05-13 01:44 - 2020-05-13 01:44 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000460200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000451584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000390968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PickerPlatform.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRClient.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000311096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000310928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposerFramework.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000266552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemSettings.DataModel.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000260328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000245336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtcModel.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SwitcherDataModel.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000197432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.CapturePicker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\useractivitybroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\socialapis.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Haptics.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppExtension.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000132712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredDialogBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CaptureService.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeopleAPIs.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRBroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbussdapi.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceReactivation.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Printers.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coloradapterclient.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-13 01:44 - 2020-05-13 01:44 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ffbroker.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-13 01:44 - 2020-05-13 01:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\localui.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-05-13 01:44 - 2020-05-13 01:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-05-13 01:43 - 2020-05-13 01:44 - 002235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 009339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 007297536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 006232568 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 003581752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002854400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 002504440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002157056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002072576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 002060800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001885184 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001745208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001498624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001391104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001385176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001333248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001270784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001263616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputHost.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 001098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001059328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001027816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 001007928 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000957056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000916768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000819696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000768000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000759808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000738304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000706544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000634680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-13 01:43 - 2020-05-13 01:43 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRClient.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.ESim.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000410608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000380632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000339824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000318680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000273208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000238904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Workplace.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Devices.Sensors.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\useractivitybroker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Internal.Input.ExpressiveInput.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Haptics.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayEnhancementManagement.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppExtension.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.Preview.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRBroker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticInvoker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000088280 _____ (Microsoft Corporation) C:\WINDOWS\system32\coloradapterclient.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbussdapi.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\TsUsbGD.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveTask.exe
2020-05-13 01:43 - 2020-05-13 01:43 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-05-13 01:43 - 2020-05-13 01:43 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-13 01:43 - 2020-05-13 01:43 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-05-12 21:03 - 2020-05-12 21:03 - 000000000 ____D C:\Users\diego ruata\AppData\Local\MediaMonkey
2020-05-12 21:02 - 2020-05-17 03:15 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\MediaMonkey
2020-05-12 21:02 - 2020-05-12 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2020-05-12 21:02 - 2020-05-12 21:02 - 000000000 ____D C:\ProgramData\MediaMonkey
2020-05-12 21:02 - 2020-05-12 21:02 - 000000000 ____D C:\Program Files (x86)\MediaMonkey
2020-05-12 20:28 - 2020-05-12 20:30 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2020-05-12 20:28 - 2020-05-12 20:30 - 000000000 ____D C:\Users\TEMP
2020-05-11 17:25 - 2020-05-12 09:41 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Panda Security
2020-05-11 17:24 - 2020-05-11 17:24 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Adobe
2020-05-11 17:21 - 2020-05-12 09:42 - 000000000 ____D C:\ProgramData\Panda Security
2020-05-10 20:34 - 2020-05-10 20:42 - 218822168 _____ C:\Users\diego ruata\Desktop\qkrrb7w6.exe
2020-05-01 21:17 - 2020-05-01 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty - United Offensive
2020-05-01 21:12 - 2020-05-01 21:17 - 000000359 _____ C:\WINDOWS\CoDUO.INI
2020-05-01 21:10 - 2020-05-01 21:10 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Call of Duty
2020-05-01 21:08 - 2020-05-01 21:17 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2020-05-01 20:57 - 2020-05-01 21:10 - 000000745 _____ C:\WINDOWS\CoD.INI
2020-05-01 20:56 - 2020-05-01 20:56 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2020-05-01 20:56 - 2020-05-01 20:56 - 000000000 ____D C:\Users\diego ruata\AppData\Local\Disc_Soft_Ltd
2020-05-01 20:53 - 2020-05-07 20:33 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\DAEMON Tools Lite
2020-05-01 20:53 - 2020-05-01 20:53 - 000059360 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2020-05-01 20:53 - 2020-05-01 20:53 - 000042256 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2020-05-01 20:53 - 2020-05-01 20:53 - 000000000 ____D C:\Users\Public\Documents\Catch!
2020-05-01 20:53 - 2020-05-01 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2020-05-01 20:53 - 2020-05-01 20:53 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2020-05-01 20:53 - 2020-05-01 20:53 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2020-04-23 12:42 - 2020-05-17 00:32 - 000000968 _____ C:\Users\diego ruata\Documents\mari hamada.txt

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-05-18 09:26 - 2019-08-15 08:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-18 08:08 - 2017-07-21 20:24 - 000000000 ____D C:\Users\diego ruata\AppData\Local\JDownloader v2.0
2020-05-18 03:58 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-17 22:59 - 2018-07-07 23:36 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\vlc
2020-05-17 16:57 - 2017-07-20 21:14 - 000000000 __SHD C:\Users\diego ruata\IntelGraphicsProfiles
2020-05-17 12:56 - 2020-03-20 16:51 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Mp3tag
2020-05-17 03:13 - 2018-06-16 19:52 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\audacity
2020-05-17 00:37 - 2019-08-15 08:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-17 00:36 - 2019-06-30 18:38 - 000000000 __SHD C:\AdwCleaner
2020-05-17 00:36 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-17 00:33 - 2019-10-27 00:49 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\BitTorrent
2020-05-17 00:33 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-17 00:33 - 2018-09-28 21:11 - 000000000 ____D C:\Users\diego ruata\AppData\Local\CrashDumps
2020-05-16 20:52 - 2017-07-19 18:50 - 000000000 ____D C:\ProgramData\Apple
2020-05-16 19:54 - 2020-04-13 22:42 - 000000000 ____D C:\Users\diego ruata\Desktop\China
2020-05-16 14:05 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-16 09:41 - 2017-07-19 18:51 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Apple Computer
2020-05-15 22:54 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-15 22:54 - 2017-12-22 00:08 - 000000000 ____D C:\Users\diego ruata\AppData\Local\Packages
2020-05-15 22:36 - 2017-12-22 14:18 - 000000000 ____D C:\Users\diego ruata\AppData\Local\PlaceholderTileLogoFolder
2020-05-15 21:58 - 2017-12-22 05:06 - 000000000 ___RD C:\Users\diego ruata\3D Objects
2020-05-15 14:08 - 2019-08-15 06:00 - 000000000 ____D C:\Users\diego ruata
2020-05-15 09:53 - 2019-08-15 08:21 - 001775182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-15 09:53 - 2019-03-19 05:59 - 000788560 _____ C:\WINDOWS\system32\perfh00A.dat
2020-05-15 09:53 - 2019-03-19 05:59 - 000155850 _____ C:\WINDOWS\system32\perfc00A.dat
2020-05-13 07:52 - 2016-11-01 17:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-13 07:35 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-13 07:35 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-13 07:35 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-13 07:35 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-13 07:35 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-13 07:34 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-13 07:34 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-13 07:34 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-13 07:34 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-13 07:34 - 2019-03-18 22:52 - 000000000 ____D C:\PerfLogs
2020-05-13 01:52 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-12 20:18 - 2019-06-30 18:38 - 000000000 __SHD C:\Program Files (x86)\Panda Security
2020-05-12 18:29 - 2018-03-16 17:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-12 18:26 - 2017-12-14 21:34 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-11 07:23 - 2017-07-20 21:14 - 000000000 ____D C:\Users\diego ruata\AppData\Local\ConnectedDevicesPlatform
2020-05-10 20:51 - 2019-01-20 06:07 - 000000000 __SHD C:\ProgramData\Doctor Web
2020-05-07 20:55 - 2017-07-21 18:30 - 000000282 __RSH C:\ProgramData\ntuser.pol
2020-05-07 20:55 - 2017-07-21 18:29 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2020-05-07 20:55 - 2016-11-01 16:39 - 000000000 ____D C:\ProgramData\TEMP
2020-05-07 18:48 - 2017-07-19 18:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-05 18:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-05-01 21:17 - 2016-11-01 16:31 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-05-01 12:00 - 2018-03-28 23:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-21 08:15 - 2020-02-05 01:52 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Archivos en la raíz de algunos directorios ========

2019-06-19 10:52 - 2019-06-16 06:36 - 000010674 _____ () C:\ProgramData\1.bat
2019-06-19 10:52 - 2016-07-23 10:19 - 000000458 _____ () C:\ProgramData\install.bat
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\kz.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\lsass.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\lsass2.exe
2019-06-19 10:52 - 2019-04-07 07:21 - 000865792 _____ () C:\ProgramData\move.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\olly.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\script.exe
2019-06-19 10:52 - 2016-03-05 20:40 - 000000249 _____ () C:\ProgramData\uninstall.bat
2017-07-19 21:08 - 2020-03-27 23:08 - 000007606 _____ () C:\Users\diego ruata\AppData\Local\Resmon.ResmonCfg

==================== FCheck ================================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

FCheck: C:\WINDOWS\boy.exe [2019-06-30] <==== ATENCIÓN (cero bytes Archivo/Carpeta)

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

@SanMar Lo tuve que poner en varias partes, pues no se que tanto tengo en la PC.

Hola @diegos

Revisando el reporte de FRST se ve en el que tienes una cuenta de usuario con derechos de administrador activada:

john (S-1-5-21-1486343048-83721877-620847005-1002 - Administrator - Enabled) => C:\Users\john.DESKTOP-T0QSL8N

No reconoces esa cuenta??


Con mucha atención sigue estos pasos:

1.- Muy Importante >>> Realizar nuevamente una copia de Seguridad de su Registro.

  • Descarga/Ejecuta DelFix desde el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

Luego ve a::

2.- Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {1250daee-3d4c-11ea-b661-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {1250dc65-3d4c-11ea-b661-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {13cbbf94-4b55-11ea-b665-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {13cbc0a7-4b55-11ea-b665-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1486343048-83721877-620847005-1001 -> DefaultScope {9CEBA58E-3758-4AC5-B319-9BA402304476} URL = 
SearchScopes: HKU\S-1-5-21-1486343048-83721877-620847005-1001 -> {9CEBA58E-3758-4AC5-B319-9BA402304476} URL = 
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
2020-05-11 17:25 - 2020-05-12 09:41 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Panda Security
2020-05-11 17:21 - 2020-05-12 09:42 - 000000000 ____D C:\ProgramData\Panda Security
2020-05-12 20:18 - 2019-06-30 18:38 - 000000000 __SHD C:\Program Files (x86)\Panda Security
2020-05-10 20:51 - 2019-01-20 06:07 - 000000000 __SHD C:\ProgramData\Doctor Web
2019-06-19 10:52 - 2019-06-16 06:36 - 000010674 _____ () C:\ProgramData\1.bat
2019-06-19 10:52 - 2016-07-23 10:19 - 000000458 _____ () C:\ProgramData\install.bat
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\kz.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\lsass.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\lsass2.exe
2019-06-19 10:52 - 2019-04-07 07:21 - 000865792 _____ () C:\ProgramData\move.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\olly.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\script.exe
2019-06-19 10:52 - 2016-03-05 20:40 - 000000249 _____ () C:\ProgramData\uninstall.bat
FCheck: C:\WINDOWS\boy.exe [2019-06-30] <==== ATENCIÓN (cero bytes Archivo/Carpeta)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
lternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143]
AlternateDataStreams: C:\ProgramData\TEMP:D735933A [394]
VirusTotal: C:\Users\diego ruata\Desktop\qkrrb7w6.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

3.- Inicie su ordenador en >>> Modo Seguro con Red >>> Aplicable a Windows 10. o Windows 7.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix/Corregir y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Luego de reiniciar nos comentas como va el equipo.

Salu2

@SanMar Acá esta, hice todo como me dijeron. Espero todo este bien. La Pc Anda con normalidad. :smiley:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 13-05-2020 01
Ejecutado por diego ruata (19-05-2020 09:26:23) Run:1
Ejecutado desde C:\Users\diego ruata\Desktop
Perfiles cargados: diego ruata
Modo de Inicio: Safe Mode (with Networking)
==============================================

fixlist contenido:
*****************
Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {1250daee-3d4c-11ea-b661-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {1250dc65-3d4c-11ea-b661-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {13cbbf94-4b55-11ea-b665-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1486343048-83721877-620847005-1001\...\MountPoints2: {13cbc0a7-4b55-11ea-b665-e4029b97df38} - "E:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
GroupPolicy: Restricción - Chrome <==== ATENCIÓN
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1486343048-83721877-620847005-1001 -> DefaultScope {9CEBA58E-3758-4AC5-B319-9BA402304476} URL = 
SearchScopes: HKU\S-1-5-21-1486343048-83721877-620847005-1001 -> {9CEBA58E-3758-4AC5-B319-9BA402304476} URL = 
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
2020-05-11 17:25 - 2020-05-12 09:41 - 000000000 ____D C:\Users\diego ruata\AppData\Roaming\Panda Security
2020-05-11 17:21 - 2020-05-12 09:42 - 000000000 ____D C:\ProgramData\Panda Security
2020-05-12 20:18 - 2019-06-30 18:38 - 000000000 __SHD C:\Program Files (x86)\Panda Security
2020-05-10 20:51 - 2019-01-20 06:07 - 000000000 __SHD C:\ProgramData\Doctor Web
2019-06-19 10:52 - 2019-06-16 06:36 - 000010674 _____ () C:\ProgramData\1.bat
2019-06-19 10:52 - 2016-07-23 10:19 - 000000458 _____ () C:\ProgramData\install.bat
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\kz.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\lsass.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\lsass2.exe
2019-06-19 10:52 - 2019-04-07 07:21 - 000865792 _____ () C:\ProgramData\move.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\olly.exe
2019-06-30 18:37 - 2019-06-30 18:37 - 000000000 _____ () C:\ProgramData\script.exe
2019-06-19 10:52 - 2016-03-05 20:40 - 000000249 _____ () C:\ProgramData\uninstall.bat
FCheck: C:\WINDOWS\boy.exe [2019-06-30] <==== ATENCIÓN (cero bytes Archivo/Carpeta)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Ningún archivo
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> Ningún archivo
lternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143]
AlternateDataStreams: C:\ProgramData\TEMP:D735933A [394]
VirusTotal: C:\Users\diego ruata\Desktop\qkrrb7w6.exe

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Procesos cerrados correctamente.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN => restaurado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1250daee-3d4c-11ea-b661-e4029b97df38} => eliminado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1250dc65-3d4c-11ea-b661-e4029b97df38} => eliminado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13cbbf94-4b55-11ea-b665-e4029b97df38} => eliminado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{13cbc0a7-4b55-11ea-b665-e4029b97df38} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
HKLM\SOFTWARE\Policies\Mozilla => eliminado correctamente
HKLM\SOFTWARE\Policies\Google => eliminado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => valor restaurado correctamente
"HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => eliminado correctamente
HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CEBA58E-3758-4AC5-B319-9BA402304476} => eliminado correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
C:\Program Files\VideoLAN\VLC\npvlc.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => no encontrado
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => no encontrado
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => eliminado correctamente
C:\Users\diego ruata\AppData\Roaming\Panda Security => movido correctamente
C:\ProgramData\Panda Security => movido correctamente
C:\Program Files (x86)\Panda Security => movido correctamente
C:\ProgramData\Doctor Web => movido correctamente
C:\ProgramData\1.bat => movido correctamente
C:\ProgramData\install.bat => movido correctamente
C:\ProgramData\kz.exe => movido correctamente
C:\ProgramData\lsass.exe => movido correctamente
C:\ProgramData\lsass2.exe => movido correctamente
C:\ProgramData\move.exe => movido correctamente
C:\ProgramData\olly.exe => movido correctamente
C:\ProgramData\script.exe => movido correctamente
C:\ProgramData\uninstall.bat => movido correctamente
C:\WINDOWS\boy.exe => movido correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => eliminado correctamente
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => eliminado correctamente
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => eliminado correctamente
lternateDataStreams: C:\ProgramData\TEMP:5C321E34 [143] => Error: Ninguna corrección automática encontrada para esta entrada.
C:\ProgramData\TEMP => ":D735933A" ADS eliminado correctamente
VirusTotal: C:\Users\diego ruata\Desktop\qkrrb7w6.exe => (3) Error

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local* 3 mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 2:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de LAN inal mbrica Conexi¢n de  rea local* 3:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : lan
   V¡nculo: direcci¢n IPv6 local. . . : fe80::10ed:d82e:43db:f56d%10
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.3
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= Final de CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= Final de CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= Final de CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1486343048-83721877-620847005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16020848 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 10532 B
Edge => 11776 B
Chrome => 473867027 B
Firefox => 23103703 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 28894 B
NetworkService => 37946 B
defaultuser0 => 45114 B
diego ruata => 11450715 B
john.DESKTOP-T0QSL8N => 11459517 B

RecycleBin => 7686322330 B
EmptyTemp: => 7.7 GB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 09:27:23 ====

@SanMar sobre la carpeta john.DESKTOP-T0QSL8N, no estoy muy seguro si fue un ejemplo de cuando reinicie windows y así lo deje, la verdad no estoy seguro. Abra alguna forma de quitarlo?

Saludos.

Hola @diegos

Buenisimo…:+1:

No es una simple carpeta, es algo relacionado a una cuenta con Derechos de Administrador, luego te dejo los pasos para tratar de eliminar la cuenta.

Por el momento siguiendo la ruta busca y sube el siguiente archivo a VirusTotal:

  • C:\Users\diego ruata\Desktop\qkrrb7w6.exe

Manual de Virus Total.

No olvides re-analizar la muestra.

Salu2

@SanMar https://www.virustotal.com/gui/file/db889a8649736581c317cfa6f5235880b2232ea869fda3ba9141727704cfa34c/detection Acá esta, ese archivo es Dr web pero ahorita lo elimine.

Hola @diegos

Perfecto, me despisto el nombre aleatorio… :joy:

Para eliminar la otra cuenta Administrador:

https://answers.microsoft.com/es-es/windows/forum/all/windows-10-eliminar-una-cuenta-de-administrador/f2fcfe19-015e-4e4b-9490-c1b2b2b25942

Nos comentas.

Salu2

@SanMar No me aparece nada :smiley:

y aun tengo esa carpeta

Y si la elimino solo así??

Hola @diegos

Pense que ya habías probado eliminarla manualmente a la carpeta.

Intenta y nos comentas.

Realiza los pasos 2 y 3 del Siguiente enlace:

Tomas imágenes y las subes.

Salu2