PC infectada - Windows 10

Cris19 · 7 Mayo, 2020 15:39

Buenas, tengo problemas con mi PC.

Hace dos días noté que se instaló Google Chrome apenas inició Windows (es una instalación nueva de Windows 10 de hace unos días). Como no uso Google Chrome, me llamó la atención pero no le di importancia hasta que noté que se estaba ejecutando en segundo plano. Entonces lo desinstalé. Más tarde se volvió a instalar y asi pasó 2 o 3 veces.

Empecé a ver elementos extraños en el Administrador de tareas, y al querer ejecutar un análisis con Windows Defender vi que este ya no estaba funcionando.

También encontré que se habían creado carpetas con nombre de antivirus conocidos en “Archivos de programa” inaccesibles.

Por eso acá estoy.

Ejecuté Malwarebytes (tuve que instalarlo en una carpeta con otro nombre “Malwarebytes1”). Y ahora iba a seguir con Adwcleaner y Ccleaner.

Cuando termine de limpiar y solucionar lo del Windows Defender, conviene que instale otro antivirus o con el de Windows es suficiente?

Este es el reporte de Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/5/20
Hora del análisis: 12:23
Archivo de registro: a4a2758c-9076-11ea-ba85-485b39d241a4.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.23574
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.815)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-G0Q3JG5\Cristian

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 284798
Amenazas detectadas: 25
Amenazas en cuarentena: 25
Tiempo transcurrido: 2 min, 32 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 21
Backdoor.Agent, HKU\S-1-5-18\SOFTWARE\((Mutex)), En cuarentena, 845, 195706, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\1B581436B0ED7536755B8B1C81112509A5AAF6ED, En cuarentena, 6749, 804624, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\3C92C9274AB6D3DD520B13029A2490C4A1D98BC0, En cuarentena, 6749, 804620, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\58939B78BC28EF464220127BB754E3D130306988, En cuarentena, 6749, 804607, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\1B581436B0ED7536755B8B1C81112509A5AAF6ED, En cuarentena, 6749, 804624, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\775B373B33B9D15B58BC02B184704332B97C3CAF, En cuarentena, 6749, 436618, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\3C92C9274AB6D3DD520B13029A2490C4A1D98BC0, En cuarentena, 6749, 804620, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\88AD5DFE24126872B33175D1778687B642323ACF, En cuarentena, 6749, 436616, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\58939B78BC28EF464220127BB754E3D130306988, En cuarentena, 6749, 804607, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\775B373B33B9D15B58BC02B184704332B97C3CAF, En cuarentena, 6749, 436618, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\9A32249E9A6B9CF5C36B0749C81613524D37C594, En cuarentena, 6749, 804625, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\88AD5DFE24126872B33175D1778687B642323ACF, En cuarentena, 6749, 436616, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AD4C5429E10F4FF6C01840C20ABA344D7401209F, En cuarentena, 6749, 436604, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\9A32249E9A6B9CF5C36B0749C81613524D37C594, En cuarentena, 6749, 804625, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\BF9254919794C1075EA027889C5D304F1121C653, En cuarentena, 6749, 804621, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\AD4C5429E10F4FF6C01840C20ABA344D7401209F, En cuarentena, 6749, 436604, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\F75019695C0504E3ABEFEDCD8FBE500DA08EC8FA, En cuarentena, 6749, 804606, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\BF9254919794C1075EA027889C5D304F1121C653, En cuarentena, 6749, 804621, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\F83099622B4A9F72CB5081F742164AD1B8D048C9, En cuarentena, 6749, 436622, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\F75019695C0504E3ABEFEDCD8FBE500DA08EC8FA, En cuarentena, 6749, 804606, 1.0.23574, , ame, 
Trojan.DisabledAVSecurityCerts, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\F83099622B4A9F72CB5081F742164AD1B8D048C9, En cuarentena, 6749, 436622, 1.0.23574, , ame, 

Valor del registro: 1
Backdoor.XTRat, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Skype, En cuarentena, 4102, 62987, , , , 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 3
Trojan.Agent.Trace, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\((MUTEX)).DAT, En cuarentena, 3555, 247506, 1.0.23574, , ame, 
Trojan.Agent.Trace, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\MICROSOFT\WINDOWS\((MUTEX)).CFG, En cuarentena, 3555, 247505, 1.0.23574, , ame, 
Backdoor.XTRat, C:\WINDOWS\SERVICING\SKYPE.EXE, En cuarentena, 4102, 62987, 1.0.23574, 75603E38DF258562C51B4DA1, dds, 00709322

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Muchas Gracias.

JavierHF · 7 Mayo, 2020 17:25

Hola @Cris19 y Bienvenido al Foro…!!

Cuando hayas realizado el análisis con AdwCleaner ponlo para poder valorarlo.

Saludos.

Cris19 · 8 Mayo, 2020 14:13

AdwCleaner no encontro nada. Paso el resultado.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-08-2020
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [08/05/2020 00:02:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Tarde en subirlo porque antes volvi a correr el Malwarebytes completo en todas las unidades y tardó mas de 10 hs… supongo por la memoria RAM limitada de la PC.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/5/20
Hora del análisis: 12:47
Archivo de registro: 1535823c-907a-11ea-a17d-485b39d241a4.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.23576
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.815)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-G0Q3JG5\Cristian

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 760109
Amenazas detectadas: 30
Amenazas en cuarentena: 7
Tiempo transcurrido: 10 hr, 53 min, 29 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 30
HackTool.FilePatch, C:\USERS\CRISTIAN\DESKTOP\RHINO 5 + VRAY + MATERIALS\RHINO 5\CRACK\RHINOCEROS_5.0_X64.EXE, Sin acciones por parte del usuario, 7528, 281135, 1.0.23576, 3158F785688BBAFD64D0C2E9, dds, 00709384
Malware.Generic.4274155556, C:\WINDOWS\SERVICING\X.EXE, En cuarentena, 1000000, 0, 1.0.23576, 3FC0C91009D25B78FEC27024, dds, 00709493
Malware.Generic.586543792, C:\WINDOWS\SERVICING\WINCVS.EXE, En cuarentena, 1000000, 0, 1.0.23576, 5118628F4A73499D22F5F2B0, dds, 00709493
JokeTool.Buttons, E:\CRISTIAN\OTROS\BOLUDECES\CLICK.EXE, Sin acciones por parte del usuario, 8629, 147235, 1.0.23576, , ame, 
HackTool.Agent, E:\PROGRAMAS\RHINOCEROS 3D\STEP 5\FLAMINGO 2.0\FLAMINGO.V2.0.-.RHINO.PLUG-IN-PATCH.RAR, Sin acciones por parte del usuario, 3933, 1570, 1.0.23576, 1C8CEC2EB06EFF2188CB1DEA, dds, 00709549
HackTool.WPA, E:\PROGRAMAS\OFFICE 2007 PROF SPANISH\+ CRACKS\OFFOGA_171110.BY.BENITO07.RAR, Sin acciones por parte del usuario, 13107, 74355, 1.0.23576, , ame, 
RiskWare.Tool.CK, E:\PROGRAMAS\COREL DRAW\KEYGEN.EXE, Sin acciones por parte del usuario, 7360, 295456, 1.0.23576, , ame, 
Malware.Generic.3703784068, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\HULL SPEED.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 0E7EB4EDEE3140E9DCC34284, dds, 00709549
Malware.Generic.941532767, E:\PROGRAMAS\NOD 32\ESET SMART SECURITY & NOD32 (V3-V4) TRIALRESET V1.5 [RH]\ESET.3.4.TR.1.5_[RH].RAR, En cuarentena, 1000000, 0, 1.0.23576, C30670B48EA42DE1381EA65F, dds, 00709549
RiskWare.Tool.CK, E:\PROGRAMAS\3500 MICOSOFT PRODUCT ACTIVATION KEYS {SANPORK}.RAR, Sin acciones por parte del usuario, 7360, 133369, 1.0.23576, 1DF1C4559886C29D5791C26E, dds, 00709549
Malware.Generic.1367595551, E:\PROGRAMAS\RHINOCEROS 3D\STEP 1\RHINOCEROS V4 SR2 KEYGEN-X-FORCE.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 4B26AE01A07BB86E5183DA1F, dds, 00709549
HackTool.Agent, E:\PROGRAMAS\RHINOCEROS 3D\STEP 5\FLAMINGO 2.0\FLAMINGO.V2.0.-.RHINO.PLUG-IN-PATCH.EXE, Sin acciones por parte del usuario, 3933, 1570, 1.0.23576, 1C8CEC2EB06EFF2188CB1DEA, dds, 00709549
Malware.Generic.4160586746, E:\PROGRAMAS\ILLUSTRATOR Y PHOTOSHOP\ADOBE CS3 PHOTOSHOP EXTENDED AND ILLUSTRATOR - NEW CRACKED EDITION [APP]\CRACKED EXE\ADOBE_ILLUSTRATOR_CS3-KEYGEN.ZIP, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 4B8FB8D1EBD3E020F7FD83FA, dds, 00709549
PUP.Optional.IntroKeygen, E:\PROGRAMAS\ACROBAT\ADOBE ACROBAT 9 PRO EXTENDED PATCH BY CHATTCHITTO\ONY03O7K_ADOBE.ALL.PRODUCTS.V1.02.KEYMAKER.ONLY-CORE.RAR, Sin acciones por parte del usuario, 14500, 279993, 1.0.23576, , ame, 
HackTool.WpaKill, E:\PROGRAMAS\REMOVEWAT V2.2.5.2 BY CHATTCHITTO\REMOVEWAT V2.2.5.2.EXE, Sin acciones por parte del usuario, 8434, 75683, 1.0.23576, , ame, 
RiskWare.Tool.CK, E:\PROGRAMAS\GPS\GARMIN_XT_OMNIA\KEYGEN\GARMIN_KGEN_15.EXE, Sin acciones por parte del usuario, 7360, 137565, 1.0.23576, 3542267E52A09765FAE99283, dds, 00709549
RiskWare.Tool.CK, E:\PROGRAMAS\POWERISO V3.8\KEYGEN.EXE, Sin acciones por parte del usuario, 7360, 137735, 1.0.23576, 001ABEF7D1FFAB7FFB0586F7, dds, 00709549
Malware.Generic.1328462123, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\HYDROMAX PRO.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, B20010700B8FF8464F2EB92B, dds, 00709549
Malware.Generic.1328462123, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\PREFIT.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, B20010700B8FF8464F2EB92B, dds, 00709549
CrackTool.Agent, E:\PROGRAMAS\NOD 32\+ NOD32\NOD32 V.2.70.16 ESPAñOL+ FINAL WINXP 2000NT VISTA +SERIAL+ CRACK NOD FIX.RAR, En cuarentena, 5978, 299351, 1.0.23576, , ame, 
Malware.Generic.1328462123, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\HYDROMAX PRO.RAR, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, B20010700B8FF8464F2EB92B, dds, 00709549
Generic.Malware/Suspicious, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\WORKSHOP PRO.EXE, Sin acciones por parte del usuario, 0, 392686, 1.0.23576, , shuriken, 
Malware.Generic.3703784068, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\MAXSURF PRO 13.01.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 0E7EB4EDEE3140E9DCC34284, dds, 00709549
Backdoor.Agent, E:\PROGRAMAS\NOD 32\+ NOD32\NOD32 - FULL SETUP + KEYGEN.RAR, En cuarentena, 845, 133018, 1.0.23576, 000000000000000000000003, dds, 00709549
CrackTool.Agent, E:\PROGRAMAS\NOD 32\+ NOD32\NOD32 V.2.70.16 ESPANOL+ FINAL WINXP 2000NT VISTA +SERIAL+ CRACK NOD FIX.RAR, En cuarentena, 5978, 299351, 1.0.23576, , ame, 
Malware.Generic.3703784068, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\HYDROLINK.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 0E7EB4EDEE3140E9DCC34284, dds, 00709549
Malware.Generic.3703784068, E:\PROGRAMAS\MAXSURF 13\MAXSURF PRO 13.01 ALL 8 MODULE PATCH\SEAKEEPER.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 0E7EB4EDEE3140E9DCC34284, dds, 00709549
Malware.Generic.3977331707, E:\PROGRAMAS\NOD 32\NOD32_ANTIVIRUS_3.0.642(WITH_UNLIMITED_UPDATE_FIX)\NOD32 ANTIVIRUS 3.0.642(WITH UNLIMITED UPDATE FIX).RAR, En cuarentena, 1000000, 0, 1.0.23576, E47E68BDA58D77ABED1143FB, dds, 00709549
Malware.Generic.3703784068, D:\PROGRAM FILES (X86)\MAXSURF 13\HULL SPEED.EXE, Sin acciones por parte del usuario, 1000000, 0, 1.0.23576, 0E7EB4EDEE3140E9DCC34284, dds, 00709607
HackTool.FilePatch, D:\PENDRIVE KLASE A\RHINO 5 + VRAY + MATERIALS\RHINO 5\CRACK\RHINOCEROS_5.0_X64.EXE, Sin acciones por parte del usuario, 7529, 281135, 1.0.23576, 3158F785688BBAFD64D0C2E9, dds, 00709607

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Sigue habiendo carpetas con nombres de antivirus conocidos bloqueadas y el Google Chrome se volvió a instalar solo cuando reinicié después de correr Malwarebytes por segunda vez.

Que más puedo hacer?

Me falto el resultado de Rkill

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/08/2020 12:16:51 AM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\servicing\rn.exe (PID: 4188) [WD-HEUR]
 * C:\Windows\servicing\chromedriver.exe (PID: 4240) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Automatic Updates Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
   "NoAutoUpdate" = dword:00000001

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 05/08/2020 12:17:38 AM
Execution time: 0 hours(s), 0 minute(s), and 47 seconds(s)

Buen día. Sigo combatiendo Malware…

ESET Online Scanner:

8/5/2020 10:56:25
Archivos explorados: 295077
Archivos detectados: 3
Archivos desinfectados: 3
Tiempo total de exploración 00:43:53
Estado de la exploración: Finalizado


C:\Users\Cristian\Desktop\Rhino 5 + vray + materials\Rhino 5\crack\rhinoceros_5.0_x64.exe	una variante de Win32/HackTool.Patcher.AD aplicación potencialmente no segura	desinfectado por eliminación
C:\Windows\servicing\secinit.exe	una variante de Generik.EEGEJAF troyano	desinfectado por eliminación
C:\Windows\servicing\sysreg.exe	una variante de Generik.MYOAZBD troyano	desinfectado por eliminación

También usé CCleaner. No se si deja registro en algún lado para copiarlo aca.

Constantemente se inicia Google Chrome en segundo plano y hace uso de recursos del sistema.

JavierHF · 8 Mayo, 2020 14:24

Hola.

Por favor, deja de hacer pasos por tu cuenta.

Dinos lo primero, como has instalado ese Windows 10 que dices instalaste hace unos días.

Y de donde has descargado Windows 10 y SI éste es con licencia…??

Y ademas realiza estos pasos :

Descarga y descomprime esta herramienta en tu escritorio Manual de Malwarebytes Anti-Rootkits Beta, y sigues los pasos que se indican para revisar el equipo :

Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe.
En la ventana que saldrá pulsas en Next.
Pulsar en Update, y cuando termine en Next.
Ahora inicias el análisis pulsando en el botón Scan.
Al terminar, si existe infección pulsamos en CleanUp y si no hay infección pulsamos en Exit.

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

Saludos.

Cris19 · 8 Mayo, 2020 15:09

Hola Javier.

Si, es que con esto del covid estoy trabajando desde casa y trato de resolverlo cuanto antes para poder trabajar tranquilo.

Es un Windows 10 sin licencia, lo instalé en esta PC que tenia cubierta en polvo hace unos años para poder trabajar en casa.

Estos son los resultados de Mbar:

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2020.05.08.07
  rootkit: v2020.05.08.07

Windows 10 x64 NTFS
Internet Explorer 11.778.18362.0
Cristian :: DESKTOP-G0Q3JG5 [administrator]

8/5/2020 11:53:59
mbar-log-2020-05-08 (11-53-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 173413
Time elapsed: 10 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Cristian\Desktop\Rhino 5 + vray + materials\Rhino 5\crack\rhinoceros_5.0_x64.exe (HackTool.FilePatch) -> No action taken. [13644b91973f46f04805ee5ac73df60a]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.778.18362.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.521000 GHz
Memory total: 2146619392, free: 545017856

Downloaded database version: v2020.05.08.07
Canceled update
Downloaded database version: v2020.05.08.07
Downloaded database version: v2020.05.08.07
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     05/08/2020 11:53:28
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\mssecflt.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\intelide.sys
\SystemRoot\System32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\atapi.sys
\SystemRoot\System32\drivers\ataport.SYS
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_307898c750ba9e44\BasicDisplay.sys
\SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_ba2a8de08ea0d469\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\Vid.sys
\SystemRoot\System32\drivers\winhvr.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_43ac632006e874bb\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_e566af5dd9858a0e\umbus.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rt640x64.sys
\SystemRoot\System32\drivers\usbuhci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\RTL85n64.sys
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\serial.sys
\SystemRoot\System32\drivers\serenum.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_1c567926e5b29133\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\HdAudio.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\System32\Drivers\MbamChameleon.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\winquic.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\drivers\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\system32\DRIVERS\mwac.sys
\SystemRoot\system32\DRIVERS\farflt.sys
\??\C:\Windows\system32\drivers\mbae64.sys
\??\C:\Windows\system32\DRIVERS\mbam.sys
\SystemRoot\system32\drivers\bindflt.sys
\??\C:\Windows\system32\drivers\236155E6.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2020.05.08.07
  rootkit: v2020.05.08.07

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffff96040b6b6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffff96040b4d08d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff96040b6b6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffff960409da3520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffff96040b4bb060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5070749F

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1024000
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1026048  Numsec = 233412608
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 120034123776 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffff96040b6b7060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffff96040b4cf8d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffff96040b6b7060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffff960409da5520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffff96040b4b9060, DeviceName: \Device\Ide\IdeDeviceP2T1L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: AC9EAC9E

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 286728057
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 286728120  Numsec = 201647880
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\config\SYSTEMPROFILE\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Infected: C:\Users\Cristian\Desktop\Rhino 5 + vray + materials\Rhino 5\crack\rhinoceros_5.0_x64.exe --> [HackTool.FilePatch]
Scan finished
User declined to cleanup malware.
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-1026048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-1-286728120-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

Las veces que ejecuté Rkill, terminó los mismos 2 procesos: rn.exe y chromedriver.exe

Tengo otro disco con Win7 sin problemas de virus, sirve de algo analizar el disco infectado iniciando desde Win7?

Gracias por la ayuda.

JavierHF · 8 Mayo, 2020 15:53

Hola.

No te preocupes, así estamos en todos lados.

NO, en tu caso NO sirve debemos hacerlo y descubrirlos desde el propio sistema de W10.

Y ahora realiza estos pasos :

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar )

Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer o Responsabilidad, pulsamos Yes/Si
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

Cris19 · 8 Mayo, 2020 18:30

Me olvidé de desconectar de internet, lo tengo que repetir?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2020
Ran by Cristian (administrator) on DESKTOP-G0Q3JG5 (08-05-2020 15:19:33)
Running from C:\Users\Cristian\Desktop
Loaded Profiles: Cristian (Available Profiles: Cristian)
Platform: Windows 10 Pro Version 1909 18363.815 (X64) Language: Inglés (Estados Unidos)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes1\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes1\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Robert McNeel and Associates -> Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
Failed to access process -> cf.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\ DisallowedCertificates: 18AA37360A0698E6A1F54A9E8268FB127B70E189 (AVG Netherlands B.V) <==== ATTENTION
HKLM\ DisallowedCertificates: 1F25DF887B158E34E2FCB13171924610C8F6BA2F (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 2CC344E13934A69AA993E80C8E20FF0ACCB33F1E (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 2F56FF8F95EE69A27C05DBB35924F847C86A66B4 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 31F5EE85DA34AD374D43776B54F6686E7E922737 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 42A8984E8B9C51F6B7274866F8726CA1E9057FAA (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: 5ACE40BD51EE148F299D37527AE1AD744CDE8EBB (U)
HKLM\ DisallowedCertificates: 5CA5F811E011742B05D014D03F85848D81F41A63 (Zemana) <==== ATTENTION
HKLM\ DisallowedCertificates: 622271AF668F99BD94AC12E5EBF86E48FD50AECB (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 6CD253D636A7B4D0E0981431BC064061A9853ED9 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 76FBABF1EADED3B91DD7A76A6678301F1F87AA97 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9900CFAABC45B4247F9D78EE7E12B102D25EA325 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 (Sophos Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: BEBFAE20957D4DE689A8B962AEE358EFE39F195F (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: E64232B7757A335C032414C6888633CC498E7CD6 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: F74407DCA8D49D42D72D88863C17AB905EB94D1C (U)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [152576 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.72\Installer\setup.exe [2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AD342A4-F0DC-425E-B338-2AE0D7DF4AA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
Task: {20785D08-B8A5-48A4-923B-15271260C6CE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {248B092B-F70E-4392-8643-AF35613F6914} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {25111922-5161-41AD-A4A4-77B0CAFD1F48} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {53FF64AC-7166-4E0B-A9D5-4B57135781E7} - System32\Tasks\GBTSSDCheckUpdate => C:\Program Files (x86)\GIGABYTE\SSDToolBox\ChkUpd.exe [301488 2019-07-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.42.4.204 200.49.130.52
Tcpip\..\Interfaces\{1ea2b345-53e5-4283-903a-e2f81ee9b26a}: [DhcpNameServer] 200.42.4.204 200.49.130.52
Tcpip\..\Interfaces\{6fddd18e-0471-4c5e-bc10-afaa54da6240}: [DhcpNameServer] 200.42.4.204 200.49.130.52

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
DownloadDir: C:\Users\Cristian\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-4276149515-3343185494-2045537785-1002 -> hxxps://www.google.com.ar/
Edge Session Restore: HKU\S-1-5-21-4276149515-3343185494-2045537785-1002 -> is enabled.
Edge DefaultProfile: Default
Edge Profile: C:\Users\Cristian\AppData\Local\Microsoft\Edge\User Data\Default [2020-05-08]
Edge DownloadDir: C:\Users\Cristian\Downloads
Edge HomePage: Default -> hxxps://www.google.com.ar/
Edge Session Restore: Default -> is enabled.

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-05-01] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes1\Anti-Malware\MBAMService.exe [6933272 2020-05-07] (Malwarebytes Inc -> Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67752 2012-10-25] (Robert McNeel and Associates -> Robert McNeel & Associates)
S2 Microsoft Hyper Integrations Services; C:\Windows\servicing\cf.exe [17920 2020-03-18] () [File not signed]
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\81.0.416.72\elevation_service.exe [1125264 2020-05-07] (Microsoft Corporation -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\Windows\System32\MixedRealityRuntime.dll [139952 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\Windows\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Registration for device management; C:\Windows\Logs\cmd.exe /c powershell.exe -windowstyle Hidden -noninteractive -executionpolicy bypass -file C:\Windows\Logs\Log\231546531\ssfr.ps1

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-05-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-05-08] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R3 RTL85n64; C:\Windows\System32\drivers\RTL85n64.sys [2055168 2019-03-19] (Microsoft Windows -> Realtek Semiconductor Corporation )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [394680 2020-05-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-08 15:19 - 2020-05-08 15:20 - 000013404 _____ C:\Users\Cristian\Desktop\FRST.txt
2020-05-08 15:18 - 2020-05-08 15:20 - 000000000 ____D C:\FRST
2020-05-08 15:07 - 2020-05-08 15:14 - 002283520 _____ (Farbar) C:\Users\Cristian\Desktop\FRST64.exe
2020-05-08 13:45 - 2020-05-08 13:45 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-05-08 11:53 - 2020-05-08 11:53 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\236155E6.sys
2020-05-08 11:49 - 2020-05-08 12:06 - 000000000 ____D C:\Users\Cristian\Desktop\mbar
2020-05-08 11:49 - 2020-05-08 12:06 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-05-08 11:48 - 2020-05-08 11:48 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Cristian\Desktop\mbar-1.10.3.1001.exe
2020-05-08 10:57 - 2020-05-08 10:57 - 000001164 _____ C:\Users\Cristian\Desktop\ESET 8-5-20 1056.txt
2020-05-08 09:30 - 2020-05-08 11:45 - 000000649 _____ C:\Users\Cristian\Desktop\ESET Online Scanner.lnk
2020-05-08 09:28 - 2020-05-08 09:28 - 000000766 _____ C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2020-05-08 09:28 - 2020-05-08 09:28 - 000000000 ____D C:\Users\Cristian\AppData\Local\ESET
2020-05-08 09:27 - 2020-05-08 09:30 - 014566496 _____ (ESET spol. s r.o.) C:\Users\Cristian\Desktop\ESETOnlineScanner_ESL.exe
2020-05-08 09:18 - 2020-05-08 09:18 - 000001314 _____ C:\Users\Cristian\Desktop\cc_20200508_091751.reg
2020-05-08 09:16 - 2020-05-08 09:17 - 000069422 _____ C:\Users\Cristian\Desktop\cc_20200508_091627.reg
2020-05-08 09:08 - 2020-05-08 09:08 - 025306104 _____ (Piriform Software Ltd) C:\Users\Cristian\Desktop\ccsetup566.exe
2020-05-08 09:06 - 2020-05-08 09:09 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-08 09:06 - 2020-05-08 09:09 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-08 09:06 - 2020-05-08 09:09 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-05-08 09:06 - 2020-05-08 09:06 - 000002894 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-05-08 09:06 - 2020-05-08 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-08 09:06 - 2020-05-08 09:06 - 000000000 ____D C:\Program Files\CCleaner
2020-05-08 00:16 - 2020-05-08 13:50 - 000002568 _____ C:\Users\Cristian\Desktop\Rkill.txt
2020-05-08 00:15 - 2020-05-08 00:16 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Cristian\Desktop\iexplorer.exe
2020-05-08 00:04 - 2020-05-08 00:04 - 000000000 ____D C:\Users\Cristian\AppData\Local\Google
2020-05-08 00:01 - 2020-05-08 00:02 - 000000000 ____D C:\AdwCleaner
2020-05-07 23:58 - 2020-05-07 23:58 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 23:58 - 2020-05-07 23:58 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 23:58 - 2020-05-07 23:58 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-07 23:56 - 2020-05-08 00:02 - 000003558 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-07 23:56 - 2020-05-08 00:02 - 000003434 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-07 23:56 - 2020-05-07 23:58 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-07 12:43 - 2020-05-07 12:43 - 008196784 _____ (Malwarebytes) C:\Users\Cristian\Desktop\adwcleaner_8.0.4.exe
2020-05-07 12:15 - 2020-05-07 12:15 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-05-07 12:15 - 2020-05-07 12:15 - 000002042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-05-07 12:15 - 2020-05-07 12:15 - 000002030 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-05-07 12:15 - 2020-05-07 12:15 - 000002030 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-05-07 12:15 - 2020-05-07 12:15 - 000000000 ____D C:\Users\Cristian\AppData\Local\mbamtray
2020-05-07 12:15 - 2020-05-07 12:15 - 000000000 ____D C:\Users\Cristian\AppData\Local\mbam
2020-05-07 12:15 - 2020-05-07 12:14 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-05-07 12:15 - 2020-05-07 12:14 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-05-07 12:14 - 2020-05-08 11:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-07 12:13 - 2020-05-07 12:13 - 000000000 ____D C:\Program Files\Malwarebytes1
2020-05-07 12:09 - 2020-05-07 12:09 - 001980016 _____ (Malwarebytes) C:\Users\Cristian\Desktop\MBSetup.exe
2020-05-06 15:04 - 2020-05-06 15:04 - 000000000 ____D C:\Users\Cristian\AppData\LocalLow\Temp
2020-05-05 08:45 - 2020-05-05 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-05-05 08:45 - 2020-05-05 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2020-05-05 08:45 - 2020-05-05 08:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-05-05 08:44 - 2020-05-05 08:44 - 000000000 ____D C:\Windows\system32\Tasks\OfficeSoftwareProtectionPlatform
2020-05-05 08:44 - 2020-05-05 08:44 - 000000000 ____D C:\Windows\PCHEALTH
2020-05-05 08:44 - 2020-05-05 08:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2020-05-05 08:43 - 2020-05-05 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2020-05-05 08:43 - 2020-05-05 08:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-05-05 08:43 - 2020-05-05 08:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2020-05-05 08:42 - 2020-05-06 16:15 - 000000000 ____D C:\Windows\SHELLNEW
2020-05-05 08:42 - 2020-05-05 18:30 - 000000000 ____D C:\Users\Cristian\AppData\Local\Microsoft Help
2020-05-05 08:42 - 2020-05-05 08:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-05 08:42 - 2020-05-05 08:42 - 000000000 __RHD C:\MSOCache
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Trend Micro Installer
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\ESET
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Common Files\adaware
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\BullGuard Ltd
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\AVAST Software
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\G DATA
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Baidu Security
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Avira
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\AVG
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\360
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\eset.temp
2020-05-04 21:54 - 2020-02-29 21:31 - 005836041 _____ (UserBenchmark.com) C:\Users\Cristian\Desktop\UserBenchMark.exe
2020-05-02 16:22 - 2020-05-05 20:44 - 000002140 _____ C:\Users\Cristian\Desktop\Counter Strike 1.6 No Steam.lnk
2020-05-02 16:22 - 2020-05-02 16:22 - 000002138 _____ C:\Users\Cristian\Desktop\Servidor Dedicado.lnk
2020-05-02 16:22 - 2020-05-02 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2020-05-02 16:20 - 2020-05-05 19:25 - 000000000 ____D C:\Program Files (x86)\Counter-Strike 1.6
2020-05-02 16:20 - 2020-05-02 16:20 - 000000016 _____ C:\ProgramData\mntemp
2020-05-02 16:19 - 2020-05-05 19:30 - 000001108 _____ C:\Users\Cristian\Desktop\Injected Anti-cheat.lnk
2020-05-02 16:19 - 2020-05-05 19:30 - 000000000 ____D C:\Program Files (x86)\sXe Injected
2020-05-02 16:19 - 2020-05-02 16:19 - 000000000 ____D C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\sXe Injected
2020-05-02 16:19 - 2020-05-02 16:19 - 000000000 ____D C:\Users\Cristian\AppData\Local\OneDrive
2020-05-01 23:05 - 2020-05-01 23:05 - 000000000 ____D C:\Users\Cristian\AppData\Local\PeerDistRepub
2020-05-01 17:19 - 2020-05-01 17:19 - 000001040 _____ C:\Users\Cristian\Desktop\Documentos Win7.lnk
2020-05-01 17:18 - 2020-05-01 17:18 - 000000980 _____ C:\Users\Cristian\Desktop\Escritorio Win7.lnk
2020-05-01 17:17 - 2020-05-08 13:16 - 000000000 ____D C:\Users\Cristian\Desktop\Home Office 2020
2020-05-01 17:16 - 2020-05-01 17:16 - 000000000 ____D C:\Users\Cristian\AppData\Roaming\McNeel
2020-05-01 17:16 - 2020-05-01 17:16 - 000000000 ____D C:\Users\Cristian\AppData\Local\McNeel
2020-05-01 17:16 - 2020-05-01 17:16 - 000000000 ____D C:\Users\Cristian\AppData\Local\AMD
2020-05-01 17:16 - 2020-05-01 17:16 - 000000000 ____D C:\Users\Cristian\AppData\Local\3dmouse
2020-05-01 17:14 - 2020-05-01 17:16 - 000000000 ____D C:\ProgramData\McNeel
2020-05-01 17:14 - 2020-05-01 17:14 - 000001173 _____ C:\Users\Public\Desktop\Rhinoceros 5.0 (64-bit).lnk
2020-05-01 17:14 - 2020-05-01 17:14 - 000001173 _____ C:\ProgramData\Desktop\Rhinoceros 5.0 (64-bit).lnk
2020-05-01 17:13 - 2020-05-01 17:15 - 000000000 ____D C:\Program Files\Rhinoceros 5.0 (64-bit)
2020-05-01 17:13 - 2020-05-01 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhinoceros 5.0
2020-05-01 17:13 - 2020-05-01 17:13 - 000000000 ____D C:\Program Files (x86)\McNeelUpdate
2020-05-01 17:11 - 2020-05-08 12:15 - 000000000 ____D C:\Users\Cristian\Desktop\Rhino 5 + vray + materials
2020-05-01 17:10 - 2020-05-01 17:10 - 000000000 ____D C:\Users\Cristian\AppData\Roaming\WinRAR
2020-05-01 17:10 - 2020-05-01 17:10 - 000000000 ____D C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-05-01 17:10 - 2020-05-01 17:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-05-01 17:10 - 2020-05-01 17:10 - 000000000 ____D C:\Program Files\WinRAR
2020-05-01 17:07 - 2020-05-01 17:07 - 003323944 _____ (Alexander Roshal) C:\Users\Cristian\Downloads\winrar-x64-590es.exe
2020-05-01 16:49 - 2020-05-01 16:49 - 000003534 _____ C:\Windows\system32\Tasks\GBTSSDCheckUpdate
2020-05-01 16:49 - 2020-05-01 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2020-05-01 16:49 - 2020-05-01 16:49 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2020-05-01 16:49 - 2020-05-01 16:49 - 000000000 ____D C:\Program Files (x86)\GIGABYTE
2020-05-01 16:44 - 2020-05-07 18:54 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-05-01 16:44 - 2020-05-07 18:54 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-05-01 16:44 - 2020-05-07 18:54 - 000002261 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-05-01 16:40 - 2020-05-02 16:45 - 000003580 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-05-01 16:40 - 2020-05-02 16:45 - 000003456 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-05-01 15:45 - 2020-05-01 15:45 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 022637056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 018028032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 014819328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 008013824 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 007899528 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 007267328 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 007257816 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 007011840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 006522840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 006434304 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 006291968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 006079184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 005757872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 005109760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 004858368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 004565456 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 004129424 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 004009472 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 004005376 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 003974376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 003822080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 003805696 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 003747328 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 003727872 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 003655168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 003371416 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 002774088 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002769000 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002584008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002461696 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002259664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002255136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002190648 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002147328 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 002087168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001999968 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001934824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001856000 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001734144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001719336 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001686016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001667600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001616912 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001559040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001507328 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001497416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001486336 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 001406464 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001397576 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 001393968 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001386296 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001245184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001178608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001154656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001151824 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001124352 _____ (Microsoft Corporation) C:\Windows\system32\CBDHSvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001077264 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 001047568 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001023128 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 001007104 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000979264 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000959800 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000945192 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000944640 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000915208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000892488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000891544 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000865280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000847168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 000827192 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000822272 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000816952 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000813568 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000801832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000783488 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000776792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000743224 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000736768 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000683848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000676072 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000673488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000673296 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000666424 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 000649016 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000643072 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000639400 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000592944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000580608 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000569856 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000568136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000552448 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000543824 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000530944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000513024 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000502784 _____ C:\Windows\system32\AssignedAccessCsp.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000501200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000494904 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000470016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000466344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000460408 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 000452608 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000396088 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000375520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000325432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000278080 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000259384 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\tapi32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000231224 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000230416 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000227328 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000223744 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000211472 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapi32.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000181560 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000172856 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000152416 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000142760 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\slc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000139952 _____ (Microsoft Corporation) C:\Windows\system32\MixedRealityRuntime.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingExperienceMEM.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000124504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000117048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadWamExtension.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\WaaSAssessment.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000107616 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000105840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MixedRealityRuntime.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000102216 _____ (Microsoft Corporation) C:\Windows\system32\changepk.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000089544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000073024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000066832 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000058880 _____ C:\Windows\system32\runexehelper.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000058696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2020-05-01 15:45 - 2020-05-01 15:45 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudNotifications.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\ddrawex.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddrawex.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000037688 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000022032 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsregtask.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2020-05-01 15:45 - 2020-05-01 15:45 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-05-01 15:45 - 2020-05-01 15:45 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-05-01 15:44 - 2020-05-01 15:44 - 017791488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 004624880 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 003983360 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 003712000 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 003587392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 002150232 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001943040 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001766400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001635840 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001497600 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001413712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000999616 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000920576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000874312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000824832 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000647168 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000637480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000631608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2020-05-01 15:44 - 2020-05-01 15:44 - 000589400 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000534528 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.UserService.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000415808 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000250696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManagerClient.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000147776 _____ (Microsoft Corporation) C:\Windows\system32\aadWamExtension.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000088352 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000069704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000060432 _____ (Microsoft Corporation) C:\Windows\system32\CloudNotifications.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-01 15:44 - 2020-05-01 15:44 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2020-05-01 15:44 - 2020-05-01 15:44 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-05-01 15:44 - 2020-05-01 15:44 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\dsregtask.dll
2020-05-01 01:02 - 2020-05-08 12:12 - 000007607 _____ C:\Users\Cristian\AppData\Local\Resmon.ResmonCfg
2020-05-01 00:56 - 2020-02-03 17:56 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-05-01 00:56 - 2020-02-03 17:56 - 000179608 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-01 00:53 - 2020-05-01 00:53 - 000000000 ____D C:\ProgramData\ssh
2020-05-01 00:43 - 2020-05-01 00:44 - 000000000 ____D C:\Windows\system32\MRT
2020-05-01 00:43 - 2020-05-01 00:43 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-05-01 00:37 - 2020-05-01 00:37 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 005502464 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 004308480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 001541632 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2020-05-01 00:37 - 2020-05-01 00:37 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\wbadmin.exe
2020-05-01 00:37 - 2020-05-01 00:37 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll

Cris19 · 8 Mayo, 2020 18:31

2020-05-01 00:37 - 2020-05-01 00:37 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.XamlHost.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.XamlHost.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2020-05-01 00:37 - 2020-05-01 00:37 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2020-05-01 00:37 - 2020-05-01 00:37 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2020-05-01 00:36 - 2020-05-01 00:36 - 025900544 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 007756800 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 005910016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 004611584 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 004348408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 003525592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 003512320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 003243296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002951832 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002800640 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-05-01 00:36 - 2020-05-01 00:36 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-05-01 00:36 - 2020-05-01 00:36 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002399232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002369576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002315680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002230232 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002158080 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001870408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001659408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001413840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001283600 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-05-01 00:36 - 2020-05-01 00:36 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001273856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001272360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001264640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001218632 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001216000 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001195008 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001190912 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001185792 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001126912 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001106944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001083392 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001059840 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 001031680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001013000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000996352 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000983040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000890368 _____ (Microsoft Corporation) C:\Windows\system32\HolographicExtensions.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000882688 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000836608 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000828216 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000788992 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000775696 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000762880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000673792 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000671232 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000571392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000555008 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2020-05-01 00:36 - 2020-05-01 00:36 - 000537608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000529408 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000516544 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000500736 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-05-01 00:36 - 2020-05-01 00:36 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000494080 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000476672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000456192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2020-05-01 00:36 - 2020-05-01 00:36 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000453632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000432256 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\fhcfg.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000423936 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000422008 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-05-01 00:36 - 2020-05-01 00:36 - 000420152 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\DispBroker.Desktop.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000399360 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000384000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcLayers.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000366416 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000363840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\AcLayers.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000300392 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ManagedEventLogging.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpviewerax.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000266752 _____ (Microsoft Corporation) C:\Windows\system32\DAFMCP.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000234496 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2020-05-01 00:36 - 2020-05-01 00:36 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\wscinterop.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\DiagSvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CmUtil.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2020-05-01 00:36 - 2020-05-01 00:36 - 000186880 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000178176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000153912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVfs.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000145208 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000138040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppVStrm.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000136328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\WinHvPlatform.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\sdshext.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000099712 _____ (Microsoft Corporation) C:\Windows\system32\FsIso.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000093712 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcXtrnal.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000084488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000084280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2020-05-01 00:36 - 2020-05-01 00:36 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncController.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2020-05-01 00:36 - 2020-05-01 00:36 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\srumapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000061240 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\reg.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000059221 _____ C:\Windows\system32\srms.dat
2020-05-01 00:36 - 2020-05-01 00:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppCore.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\SrTasks.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CabUtil.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.EventLogMessages.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\UevAgentPolicyGenerator.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iaspolcy.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\ias.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000030720 _____ C:\Windows\system32\uwfservicingapi.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-05-01 00:36 - 2020-05-01 00:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ias.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.WmiAccess.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Management.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000021520 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncCommon.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msauserext.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.WinRT.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\wiatrace.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.LocalSyncProvider.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiatrace.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\AcXtrnal.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernSync.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDJPN.DLL
2020-05-01 00:36 - 2020-05-01 00:36 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateBaselineGenerator.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\UevTemplateConfigItemGenerator.exe
2020-05-01 00:36 - 2020-05-01 00:36 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SmbSyncProvider.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.MonitorSyncProvider.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbd106.dll
2020-05-01 00:36 - 2020-05-01 00:36 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.SyncConditions.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 005943296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 004150272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 004140544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 004048896 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 003742544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 003547648 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 003387392 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 002875904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002871608 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 002861568 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002740736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 002576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 002021888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001985104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001972536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 001945600 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001918976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001823232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001757096 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-05-01 00:35 - 2020-05-01 00:35 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001726264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001665216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001656904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001646048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001612800 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001587712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001562424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001512832 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 001505592 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001484384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 001477112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001427456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001396152 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001378528 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001372160 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001368576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-05-01 00:35 - 2020-05-01 00:35 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001330952 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001318912 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001300280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 001264128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001261808 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001260544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001257472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001243648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001213752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 001170960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001071184 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001051448 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001020032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001009152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 001007672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000993280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000986936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000982840 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000980832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000974336 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSSO.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000935040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000929144 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000912896 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000904504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000892416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApiPublic.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000857088 _____ C:\Windows\system32\MBR2GPT.EXE
2020-05-01 00:35 - 2020-05-01 00:35 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000842552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000824848 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000822208 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000822072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000811320 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000796904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000768528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000768488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000759272 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000758800 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000748032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000747320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000741392 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000729600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000704512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000684560 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000678928 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000674280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000673464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\DevicesFlowBroker.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000642560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000638480 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000637440 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000628616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000627216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000618296 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

Cris19 · 8 Mayo, 2020 18:32

2020-05-01 00:35 - 2020-05-01 00:35 - 000606720 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000605896 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000604984 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000598528 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000597816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000587064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000586768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000558592 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000552448 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000545432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000542288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000538160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000522384 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000518456 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000516648 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000515600 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000513576 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000510792 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000507152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000492032 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000487784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000478792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-05-01 00:35 - 2020-05-01 00:35 - 000477184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000467952 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000465208 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000461320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000456504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000453432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000446464 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000441072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000416056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000415760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2020-05-01 00:35 - 2020-05-01 00:35 - 000410112 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000406480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Enumeration.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000405632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000400696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000380944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000374784 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000372752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000369504 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000353960 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000350720 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_SpeechPrivacy.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000343552 _____ (Microsoft Corporation) C:\Windows\system32\wpr.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000335448 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000324408 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000324096 _____ (Microsoft Corporation) C:\Windows\system32\rdpviewerax.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000320312 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\ConhostV1.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000274464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000268008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000260920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000259776 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000251704 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000251512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000235008 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000234984 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\Winlangdb.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000213984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\wincredui.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000203776 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000201744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000190048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000186672 _____ (Microsoft Corporation) C:\Windows\system32\BCP47mrm.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000185952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000181248 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000179720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000178192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000165832 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000164776 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000159232 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Winlangdb.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000150536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000147696 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000143160 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000133944 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000133464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47mrm.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000133256 _____ (Microsoft Corporation) C:\Windows\system32\profapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000132624 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\globinputhost.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000120048 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Taskbar.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\EaseOfAccessDialog.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000117264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000113160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\NetDriverInstall.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000107832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000107832 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GraphicsCapture.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000105488 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000102760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000098104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\globinputhost.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000094720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EaseOfAccessDialog.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000089616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\AtBroker.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthSystray.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetDriverInstall.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000079360 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000071480 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000068408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AtBroker.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000047616 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Websocket.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguageProfileCallback.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000042336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcicda.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000037392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wimmount.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Websocket.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000036152 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\posetup.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000033080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000028344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciwave.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000024792 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\wci.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\msauserext.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\sbservicetrigger.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000020352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\applockerfltr.sys
2020-05-01 00:35 - 2020-05-01 00:35 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\bindflt.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Custom.ps.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2020-05-01 00:35 - 2020-05-01 00:35 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2020-05-01 00:35 - 2020-05-01 00:35 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 007849216 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 007278592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 006231200 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 005890048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 004471296 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 003260928 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 003143168 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 003109376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 003084800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002717184 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 002522112 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002474496 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002157056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002131456 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002114560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 002071552 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001960448 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001841152 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001719808 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001603584 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001481216 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001428992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 001263856 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001136128 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApiPublic.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001127424 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001084216 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001071616 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001069064 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 001006904 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000833616 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000804872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000737280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000732200 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntime.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000722072 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000716288 _____ (Microsoft Corporation) C:\Windows\system32\agentactivationruntimewindows.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000657424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000654912 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000642216 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000551736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2020-05-01 00:34 - 2020-05-01 00:34 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-05-01 00:34 - 2020-05-01 00:34 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000524264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000437560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000429880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000422712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\WpcApi.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000339304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Acx01000.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000322504 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000297272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000291256 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.AppDefaults.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountCloudAP.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000256000 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000254776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000231912 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000224056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000222520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000208696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000204816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000199992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000193848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000184832 _____ (Microsoft Corporation) C:\Windows\system32\AarSvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000183608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000180232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000151352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scmbus.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\GraphicsCapture.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000141840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000132096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationControlCSP.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\mssecuser.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2020-05-01 00:34 - 2020-05-01 00:34 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000089912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000066336 _____ (Microsoft Corporation) C:\Windows\system32\wlrmdr.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguageProfileCallback.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000059192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000056632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\MSAProfileNotificationHandler.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mcicda.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000048256 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000047000 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\WpcProxyStubs.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS
2020-05-01 00:34 - 2020-05-01 00:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\DevQueryBroker.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\mciwave.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000030008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000029712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicPS.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\flpydisk.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\lstelemetry.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Custom.ps.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000019984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\mpnotify.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sfloppy.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000016912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2020-05-01 00:34 - 2020-05-01 00:34 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\dstokenclean.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\wscadminui.exe
2020-05-01 00:34 - 2020-05-01 00:34 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2020-05-01 00:34 - 2020-05-01 00:34 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUserRes.dll
2020-05-01 00:22 - 2020-03-17 00:57 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-05-01 00:22 - 2020-03-17 00:56 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-04-30 21:38 - 2020-05-08 13:50 - 000747144 _____ C:\Windows\system32\perfh00A.dat
2020-04-30 21:38 - 2020-05-08 13:50 - 000144952 _____ C:\Windows\system32\perfc00A.dat
2020-04-30 21:38 - 2020-04-30 21:38 - 000000000 ____D C:\Windows\SysWOW64\es
2020-04-30 21:38 - 2020-04-30 21:37 - 000346834 _____ C:\Windows\system32\perfi00A.dat
2020-04-30 21:38 - 2020-04-30 21:37 - 000043954 _____ C:\Windows\system32\perfd00A.dat
2020-04-30 21:37 - 2020-04-30 21:37 - 000000000 ____D C:\Windows\system32\es
2020-04-30 21:37 - 2020-04-30 21:37 - 000000000 ____D C:\Users\Cristian\AppData\Local\Comms
2020-04-30 21:32 - 2019-03-18 15:19 - 009893376 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000a.dll
2020-04-30 21:32 - 2019-03-18 15:05 - 009689600 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll
2020-04-30 21:32 - 2019-03-18 15:02 - 009572352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData000a.dll
2020-04-30 21:28 - 2020-04-30 21:26 - 000744808 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2020-04-30 21:25 - 2020-04-30 21:25 - 000000000 ____D C:\Users\Cristian\AppData\Roaming\ATI
2020-04-30 21:25 - 2020-04-30 21:25 - 000000000 ____D C:\Users\Cristian\AppData\Local\ATI
2020-04-30 21:25 - 2020-04-30 21:25 - 000000000 ____D C:\ProgramData\ATI
2020-04-30 21:23 - 2020-05-01 00:26 - 000000000 ____D C:\Users\Cristian\AppData\Local\PlaceholderTileLogoFolder
2020-04-30 21:22 - 2020-05-01 21:23 - 000003386 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4276149515-3343185494-2045537785-1002
2020-04-30 21:22 - 2020-05-01 21:23 - 000000000 ___RD C:\Users\Cristian\OneDrive
2020-04-30 21:21 - 2020-04-30 21:21 - 000000000 ____D C:\Users\Cristian\AppData\Local\D3DSCache
2020-04-30 21:20 - 2020-04-30 21:20 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-30 21:20 - 2020-04-30 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2020-04-30 21:20 - 2020-04-30 21:20 - 000000000 ____D C:\Program Files\ATI Technologies
2020-04-30 21:20 - 2020-04-30 21:20 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2020-04-30 21:19 - 2020-04-30 21:19 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2020-04-30 21:19 - 2020-04-30 21:19 - 000000000 ____D C:\Program Files\AMD
2020-04-30 21:19 - 2020-04-30 21:19 - 000000000 ____D C:\AMD
2020-04-30 21:19 - 2020-04-30 21:19 - 000000000 _____ C:\Windows\ativpsrm.bin
2020-04-30 21:17 - 2020-04-30 21:42 - 000000000 ____D C:\Users\Cristian\AppData\Local\Publishers
2020-04-30 21:17 - 2020-04-30 21:17 - 000000000 ___HD C:\Users\Cristian\MicrosoftEdgeBackups
2020-04-30 21:17 - 2020-04-30 21:17 - 000000000 ____D C:\Users\Cristian\AppData\Local\MicrosoftEdge
2020-04-30 21:16 - 2020-05-01 16:32 - 000000000 ___RD C:\Users\Cristian\3D Objects
2020-04-30 21:16 - 2020-05-01 00:38 - 000000000 ____D C:\Users\Cristian\AppData\Local\Packages
2020-04-30 21:16 - 2020-04-30 21:17 - 000000000 ____D C:\Users\Cristian\AppData\Local\ConnectedDevicesPlatform
2020-04-30 21:16 - 2020-04-30 21:16 - 000000000 ____D C:\Users\Cristian\AppData\Roaming\Adobe
2020-04-30 21:16 - 2020-04-30 21:16 - 000000000 ____D C:\Users\Cristian\AppData\Local\VirtualStore
2020-04-30 21:12 - 2020-05-06 23:03 - 000000000 ____D C:\Users\Cristian
2020-04-30 21:12 - 2020-05-01 21:23 - 000002376 _____ C:\Users\Cristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-30 21:12 - 2020-04-30 21:12 - 000000020 ___SH C:\Users\Cristian\ntuser.ini
2020-04-30 21:09 - 2020-04-30 21:09 - 000000000 ____D C:\Windows\CSC
2020-04-30 21:04 - 2020-04-30 21:04 - 000002856 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4276149515-3343185494-2045537785-500

Cris19 · 8 Mayo, 2020 18:33


==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-08 15:15 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-08 14:46 - 2019-11-15 20:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-05-08 14:00 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\AppReadiness
2020-05-08 13:50 - 2019-11-22 01:26 - 001678444 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-08 13:50 - 2019-03-19 01:50 - 000000000 ____D C:\Windows\INF
2020-05-08 13:46 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\servicing
2020-05-08 13:45 - 2019-11-15 20:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-08 12:43 - 2019-03-19 01:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-05-08 09:12 - 2019-11-15 20:58 - 000000000 ____D C:\Windows\Panther
2020-05-07 21:26 - 2019-03-19 01:37 - 000000000 ____D C:\Windows\CbsTemp
2020-05-07 12:15 - 2019-03-19 01:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-05-07 07:54 - 2019-11-15 20:59 - 000453768 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-06 16:07 - 2019-03-19 01:49 - 000000167 _____ C:\Windows\win.ini
2020-05-05 08:43 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-05-01 16:32 - 2019-11-15 21:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-01 16:30 - 2019-03-19 03:23 - 000000000 ___SD C:\Windows\system32\AppV
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\TextInput
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SystemResources
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\es-MX
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Dism
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\Provisioning
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\PolicyDefinitions
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\bcastdvr
2020-05-01 16:30 - 2019-03-19 01:52 - 000000000 ____D C:\PerfLogs
2020-05-01 12:03 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\appcompat
2020-05-01 02:01 - 2019-03-19 01:49 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2020-05-01 01:00 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-01 00:53 - 2019-03-19 03:23 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\UNP
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ___RD C:\Windows\PrintDialog
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\oobe
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\setup
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\oobe
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\migwiz
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\appraiser
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ShellComponents
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\DiagTrack
2020-05-01 00:53 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-05-01 00:40 - 2019-11-15 21:02 - 000000000 ____D C:\ProgramData\Packages
2020-05-01 00:13 - 2019-11-15 20:59 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\SysWOW64\winrm
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\SysWOW64\WCN
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\SysWOW64\slmgr
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\system32\winrm
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\system32\WCN
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\system32\slmgr
2020-04-30 21:38 - 2019-03-19 03:20 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2020-04-30 21:38 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\SysWOW64\F12
2020-04-30 21:38 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2020-04-30 21:38 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\F12
2020-04-30 21:38 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\SysWOW64\Com
2020-04-30 21:38 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Sysprep
2020-04-30 21:37 - 2019-03-19 03:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-04-30 21:37 - 2019-03-19 03:23 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-04-30 21:37 - 2019-03-19 01:52 - 000000000 ___SD C:\Windows\system32\dsc
2020-04-30 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\Com
2020-04-30 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\IME
2020-04-30 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\System
2020-04-30 21:37 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-04-30 21:32 - 2019-03-19 03:22 - 000000000 ____D C:\Windows\OCR
2020-04-30 21:09 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\spool
2020-04-30 21:09 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-04-30 21:08 - 2019-03-19 01:52 - 000000000 ____D C:\Windows\ServiceState

==================== Files in the root of some directories ========

2020-05-02 16:18 - 2020-05-02 16:18 - 014932720 _____ (Alejandro Cortés) C:\Program Files (x86)\Common Files\InjectedSetup.exe
2020-05-01 01:02 - 2020-05-08 12:12 - 000007607 _____ () C:\Users\Cristian\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Cris19 · 8 Mayo, 2020 18:33

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2020
Ran by Cristian (08-05-2020 15:21:25)
Running from C:\Users\Cristian\Desktop
Windows 10 Pro Version 1909 18363.815 (X64) (2020-05-01 00:08:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4276149515-3343185494-2045537785-500 - Administrator - Disabled)
Cristian (S-1-5-21-4276149515-3343185494-2045537785-1002 - Administrator - Enabled) => C:\Users\Cristian
DefaultAccount (S-1-5-21-4276149515-3343185494-2045537785-503 - Limited - Disabled)
Guest (S-1-5-21-4276149515-3343185494-2045537785-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4276149515-3343185494-2045537785-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Injected Anti-cheat (HKLM-x32\...\Injected Anti-cheat) (Version: 17.2.0.0 - Alejandro Cortés)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 81.0.416.72 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.127.21 - )
Microsoft Office Language Pack 2010 - Spanish/Español (HKLM-x32\...\Office14.OMUI.es-es) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Project 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{8A8F117F-8EDB-440D-B679-F08909D729F7}) (Version:  - Microsoft)
Microsoft Project Language Pack 2010 - Spanish/Español (HKLM-x32\...\Office14.PMUI.es-es) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPRO) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Rhinoceros 5.0 (64-bit) (HKLM\...\{BB435434-EDC8-4E54-B32D-28452CACAEC6}) (Version: 5.1.20927.2230 - Robert McNeel & Associates)
SSDToolBox (HKLM-x32\...\{C75B1BE9-F064-49B6-B614-3D5B1679B7B0}) (Version: 1.19.0823.1 - GIGABYTE) Hidden
SSDToolBox (HKLM-x32\...\InstallShield_{C75B1BE9-F064-49B6-B614-3D5B1679B7B0}) (Version: 1.19.0823.1 - GIGABYTE)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-05-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.35.2.0_x86__kgqvnymyfvs32 [2020-04-30] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-11-15] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-11-15] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0 [2020-05-01] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes1\Anti-Malware\mbshlext.dll [2020-05-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes1\Anti-Malware\mbshlext.dll [2020-05-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Cristian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2020-05-01 23:05 - 2020-05-01 23:05 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\f6d7a9ca8b37bd6fabca765a8311b115\A4.Foundation.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\dc56cb9c25bed0651db6666b8d6970d3\AEM.Actions.CCAA.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\05db353a59559a5dcfeb644e6bac4e38\AEM.Plugin.EEU.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\8336bfc15883a394bf43f36fbc26ab14\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\cf323bda4f8e903bd27b02abd06861af\AEM.Plugin.Source.Kit.Server.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\df3dd4759c9695f0ce2b014e942c74da\AEM.Plugin.WinMessages.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\65152ffc0c554f60b90f83c214800ec3\AEM.Plugin.REG.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\e7ecb5509af0bf7ae2cac51164626a3c\AEM.Plugin.GD.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\4d0b11eff418ba2c39e3ca5d5cc31556\AEM.Server.Shared.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\cb390b59870b2568dc992cf9ba52dcdf\AEM.Server.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\66e3b1f1772e885c360d1d12471e7343\APM.Foundation.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\050e8fcea72dbcc55e8bac3e6f2a5a31\ATICCCom.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\3d1ec0798e826692af7c86b417378561\CCC.Implementation.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\284abed4eaaffde22056f7c04395c4b8\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\8a9a27aa427f6e12a5955d25db8a48ff\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\0bc3bac6fb41b6957f15564e7dc749fc\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\a8a9696e8641957f0653662b7e6a7dfe\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\2f621c506b3a9cd4f1750de5f027457f\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\a2205424f722caeb30dcb6a39db43238\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\ca0d398605b052603af1e9003568b550\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\38491b2db8b4675d549140e5733766e6\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\1ff1ab69b5adbbd291ac28a461560081\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\9249ba84949e7a4f499a9ef1d7ab91ff\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000320512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\e778e6ff23fe29cfe3083e42016ef17f\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\5a7fec2e0bcb38cb9589bc3c743b5210\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\c953e4122ff273d1855501a0a373c409\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\da04742496359c7ce582af8564fa0658\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\bf7810a4cb5097ff1da588317bf0c6f7\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\12e94478108d9761e930e726f3feb5e7\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\9fd0511e295290cf23a548dd140bb3ab\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\783097c327425bfd9d037c6e4f6456e0\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\08900b9be45c106f5144b67235e5346c\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\e90f4693b6bb2d429f76607f6606bd95\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\43af33a89a79607d247232e3c1d78abe\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\bf1ce3a87436e0d74ea6572c863ddc30\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\31f0da9464535741d254b8161791be83\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\01c8dc8fa8d98bc2c185d78e854bde08\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\2e6f5af9013559db091e26526d0c8ae9\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\7fb9ea65374781a41560683d91206702\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\b73ca5140ffefe2e1d02b2831524bc70\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\5621e73df33b761b5d17b27e9e545b11\CLI.Caste.A4.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\962177f3e8fa323ae3c0c75bb5712d7e\CLI.Caste.A4.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\1b824d92639a9932ead5403d0445a4dc\CLI.Caste.A4.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\4dd47e9c35d51e5b211218a37ca541df\CLI.Caste.Fuel.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\7ff398d6e2e6f0a75f532ee91a8db8ed\CLI.Caste.Fuel.Runtime.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\8a415535cb43033fd60ecdc46baf4053\CLI.Caste.Fuel.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\ed10ab3799ac2035628bb8c2db31ef2e\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\3e7e5491fcfd96bba18a2d32b9561c39\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\5be39ac152043cf97407b351ecbd62dd\CLI.Caste.Graphics.Dashboard.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\42495e6c91e2458cdcbaeb79fed6e8c5\CLI.Caste.HydraVision.Runtime.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\7679cb009be0972d66ac3f60e9931919\CLI.Caste.HydraVision.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\5d06f22f7d22738a17338ebeeaa07612\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\7a28fe112a60000448e2eb6794c9f380\CLI.Caste.Platform.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\c8aeb804bfc6fe94c9559d817d54a7b4\CLI.Caste.Platform.Runtime.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\ad7f50eb37723397c2d3ed481f045bd1\CLI.Caste.Platform.Dashboard.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\ff11cadf3d426a00916d400513ea7f83\CLI.Component.Runtime.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\45cfce4b5d6ea7d02e529fb98c9dc2e9\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\8c8b2603663abd094436ca17a5df9499\CLI.Component.Runtime.Shared.Private.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\e768cb7bb9675c56808839f1a684669c\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\e7e09cfdca77c370d4f153cea65d11d3\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\ccd7f670d393a9e1472cf501cdba567d\CLI.Component.Client.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\96aeaaa240e38b8b05197636001e2bf2\CLI.Component.Dashboard.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\fabc28a996cbaf6901488bc0c1f815cf\CLI.Foundation.Private.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\d282e2c0a592c52d804353b452dc753b\CLI.Foundation.XManifest.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\075259a2e55684761a083df2938ad2ff\CLI.Foundation.CoreAudioAPI.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\1c9804febbcb4978cc0f86281f22dba1\CLI.Foundation.Client.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\b3f43c591ee089cddaf677bb8a09a252\CLI.Foundation.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\ec1df1265b13a6cb8f328e75d4c38cb8\DEM.Foundation.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\69af88254807652500778cf1dfd4864f\DEM.Graphics.I0601.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\678020ec65e772bb06a4300d6ad51cce\DEM.Graphics.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\36b2f7eaf0cffba3fc509213c55fd71e\Fuel.Foundation.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\1601ef40e9b0a66f8c1671bc54beba6e\LOG.Foundation.Implementation.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\b7c331a4f005681e98a4bbe39082dfd8\LOG.Foundation.Private.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\8ec16254e6138fc58349aa2d6aacb251\LOG.Foundation.Implementation.Private.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\46e0371c63be4c383d62da88bc191383\LOG.Foundation.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\a3f58f6f297293c64379df251ecb5b27\MOM.Foundation.ni.dll
2020-05-01 23:08 - 2020-05-01 23:08 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b40f754ba06b608f121d0155965add4c\MOM.Implementation.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\6141bd456933832e71dafa1b3b2f81f9\NEWAEM.Foundation.ni.dll
2020-05-01 23:05 - 2020-05-01 23:05 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\778db0efea8acfb50a1e3c2b48dc52c9\ADL.Foundation.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\b94fd7c3c784a7bcc8a5a5b78c0aab1e\APM.Server.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\2fa9d5519660f396171266e3220fe97a\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\6d88de5bd43f641aa1c8a1942e2e843f\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\0dc6eac5958539d610ee61e3cb3392c1\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\26c6880bcceb8356ec0abfa076401839\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\148fe5d5d2403264326f30f0bf16ee08\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\302981fdf2a74165c688443a0231c4ba\CLI.Component.Client.Shared.Private.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\af98bb46bad091a597d0367c411e15ee\CLI.Component.Runtime.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\76d80a65c12673094b5a3443b4d9fc76\CLI.Component.Dashboard.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000016896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\16000ef7f3c634934fc6e1343ce89eee\DEM.Graphics.I0703.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\f0fb0d51adcecc766434399e89e7ac59\DEM.Graphics.I0706.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\a4edb168ecf07f964cd4c44c6eace76f\DEM.Graphics.I0709.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\cc7c5706f36e0782aa82567c41843d0b\DEM.Graphics.I0712.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\7edb2c059ba054ee1b2b9a51b37e5b5b\DEM.Graphics.I0804.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\8dbc3efdd4f1b1e65a9dc3007113f131\DEM.Graphics.I0805.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\da7dd4be3ea30b613c90b5f108901dff\DEM.Graphics.I0812.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\acd1db00f20b48dcf935d56a36fc3a23\DEM.Graphics.I0906.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\3d20ef44876398db1b795f1d92a95f57\DEM.Graphics.I0912.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\dfe0caaf33cfc963b15ed0e9d0ecd18c\DEM.Graphics.I1010.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\b2ba1fe7d01d1e81d746807c7bf5eaaf\Localization.Foundation.Private.ni.dll
2020-05-01 23:08 - 2020-05-01 23:08 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\5253b386e89e9233fe4886549c3a4107\ResourceManagement.Foundation.Implementation.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\b3eabeb20d23a8af657848d8768baf23\ResourceManagement.Foundation.Private.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\449e2d951592bb02c530d7bbb30644c3\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\5276e35824cc8512aa5db84d83249b2c\CLI.Caste.Graphics.Shared.ni.dll
2020-05-01 23:07 - 2020-05-01 23:07 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\0852a07bcc6a75aaad5c836ab7b15fd8\CLI.Caste.Graphics.Runtime.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 000335360 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\28badc7c998305af27e7a95314c5d401\Microsoft.WindowsAPICodePack.ni.dll
2020-05-01 23:06 - 2020-05-01 23:06 - 002546688 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\477a4a70ff87eefbea3e5feae9f64c8f\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 01:49 - 2019-03-19 01:49 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\Control Panel\Desktop\\Wallpaper -> D:\Users\Cris\Pictures\20200218_192339.jpg
DNS Servers: 200.42.4.204 - 200.49.130.52
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Skype"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{777E02D2-E3D3-4061-8D82-31E7C2BC24FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{075435AE-9818-40C7-8762-F60C06DBE187}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{657397BB-0C5C-40F9-A3CF-816BB0EDA74D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{26E36DFF-33EE-4901-B3ED-3BCDBFFCB1DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CB40707D-2B74-4BAD-80EE-13B8E80BA873}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A34766B0-75DE-4664-9120-177C6C50327B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F8A3807-52E1-4646-98A1-FF0E7BA14066}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0240D379-2B55-401A-B25B-87CF6B6FC34F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.131.703.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1496D995-2476-4666-BE3F-962965E5058E}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{D46987DF-915A-469D-9C61-15327CE2D823}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [{BAC036B9-B858-49D4-948D-BB8BD1D559B1}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C8AD5D-A4AD-4080-A195-49929E8ECCF4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.3 GB) (Free:70.01 GB) (63%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/08/2020 03:15:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: malwarebytes_assistant.exe, versión: 4.0.0.638, marca de tiempo: 0x5ea213b4
Nombre del módulo con errores: Qt5Core.dll, versión: 5.14.1.0, marca de tiempo: 0x5e8272e4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000219d05
Identificador del proceso con errores: 0x1ba8
Hora de inicio de la aplicación con errores: 0x01d625649a6c3e7d
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes1\Anti-Malware\malwarebytes_assistant.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes1\Anti-Malware\Qt5Core.dll
Identificador del informe: 7f465a39-f601-4532-bb6b-df24f46e4d90
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/08/2020 02:16:00 PM) (Source: ChkUpd) (EventID: 0) (User: )
Description: La conversión especificada no es válida.

Error: (05/08/2020 02:16:00 PM) (Source: ChkUpd) (EventID: 0) (User: )
Description: FileAccessSet : GetRegColor fail

Error: (05/08/2020 01:45:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: cf.exe, versión: 0.0.0.0, marca de tiempo: 0x5e7238c5
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.18362.815, marca de tiempo: 0x67005c2a
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x00114402
Identificador del proceso con errores: 0x898
Hora de inicio de la aplicación con errores: 0x01d625581e297e63
Ruta de acceso de la aplicación con errores: C:\Windows\servicing\cf.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\KERNELBASE.dll
Identificador del informe: 49db0644-fa6c-49b7-bb3d-59bfbf9deb5b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/08/2020 01:45:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: cf.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.IOException
   en System.IO.__Error.WinIOError(Int32, System.String)
   en System.IO.__Error.WinIOError()
   en System.Console+ControlCHooker.Unhook()
   en System.Console+ControlCHooker.Finalize()

Error: (05/08/2020 09:29:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ESETOnlineScanner_ESL.exe, versión: 3.2.6.0, marca de tiempo: 0x5de10969
Nombre del módulo con errores: ESETOnlineScanner_ESL.exe, versión: 3.2.6.0, marca de tiempo: 0x5de10969
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0002859c
Identificador del proceso con errores: 0x7a4
Hora de inicio de la aplicación con errores: 0x01d625344de11fb9
Ruta de acceso de la aplicación con errores: C:\Users\Cristian\Desktop\ESETOnlineScanner_ESL.exe
Ruta de acceso del módulo con errores: C:\Users\Cristian\Desktop\ESETOnlineScanner_ESL.exe
Identificador del informe: aac0a431-a919-4a74-98c9-ad81eb8f9932
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/08/2020 09:28:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ESETOnlineScanner_ESL.exe, versión: 3.2.6.0, marca de tiempo: 0x5de10969
Nombre del módulo con errores: ESETOnlineScanner_ESL.exe, versión: 3.2.6.0, marca de tiempo: 0x5de10969
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0005286b
Identificador del proceso con errores: 0x1418
Hora de inicio de la aplicación con errores: 0x01d6253438c2ee25
Ruta de acceso de la aplicación con errores: C:\Users\Cristian\Desktop\ESETOnlineScanner_ESL.exe
Ruta de acceso del módulo con errores: C:\Users\Cristian\Desktop\ESETOnlineScanner_ESL.exe
Identificador del informe: bbaae328-7014-48de-b42e-2ddddcce0bf0
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (05/08/2020 09:03:15 AM) (Source: ChkUpd) (EventID: 0) (User: )
Description: La conversión especificada no es válida.


System errors:
=============
Error: (05/08/2020 01:46:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Registration for device management no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/08/2020 01:46:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Registration for device management.

Error: (05/08/2020 01:45:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Microsoft Hyper Integrations Services no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.

Error: (05/08/2020 01:45:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (45000 ms) para la conexión con el servicio Microsoft Hyper Integrations Services.

Error: (05/08/2020 11:42:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/08/2020 11:42:53 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Cristian\AppData\Local\Temp\ehdrv.sys

Error: (05/08/2020 11:42:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio eapihdrv no pudo iniciarse debido al siguiente error: 
Se ha bloqueado la descarga de este controlador

Error: (05/08/2020 11:42:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Cristian\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2020-05-03 12:33:27.086
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {A6A613BD-B005-4E7D-AC16-088F1AF2B757}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-05-07 11:26:15.791
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.315.176.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17000.7
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-05-07 08:04:59.919
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2918.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-05-06 15:57:34.031
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2918.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-05-06 08:31:41.625
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2918.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

Date: 2020-05-05 14:55:27.508
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.2918.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80070422
Descripción del error: No se puede iniciar el servicio, porque está deshabilitado o porque no tiene dispositivos habilitados asociados a él. 

CodeIntegrity:
===================================

Date: 2020-05-08 15:10:07.977
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:19.887
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:19.514
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:18.862
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:18.422
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:17.756
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:17.471
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-08 15:07:16.907
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes1\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0602 09/11/2009
Motherboard: ASUSTeK Computer INC. P5KPL-AM SE
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 81%
Total physical RAM: 2047.18 MB
Available physical RAM: 382.13 MB
Total Virtual: 8047.18 MB
Available Virtual: 6109.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:70.01 GB) NTFS
Drive d: () (Fixed) (Total:136.72 GB) (Free:37.39 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:96.15 GB) (Free:0.67 GB) NTFS

\\?\Volume{5070749f-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 5070749F)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: AC9EAC9E)
Partition 1: (Active) - (Size=136.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=96.2 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

JavierHF · 8 Mayo, 2020 21:50

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\ DisallowedCertificates: 18AA37360A0698E6A1F54A9E8268FB127B70E189 (AVG Netherlands B.V) <==== ATTENTION
HKLM\ DisallowedCertificates: 1F25DF887B158E34E2FCB13171924610C8F6BA2F (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 2CC344E13934A69AA993E80C8E20FF0ACCB33F1E (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 2F56FF8F95EE69A27C05DBB35924F847C86A66B4 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 31F5EE85DA34AD374D43776B54F6686E7E922737 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 42A8984E8B9C51F6B7274866F8726CA1E9057FAA (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: 5ACE40BD51EE148F299D37527AE1AD744CDE8EBB (U)
HKLM\ DisallowedCertificates: 5CA5F811E011742B05D014D03F85848D81F41A63 (Zemana) <==== ATTENTION
HKLM\ DisallowedCertificates: 622271AF668F99BD94AC12E5EBF86E48FD50AECB (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 6CD253D636A7B4D0E0981431BC064061A9853ED9 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 76FBABF1EADED3B91DD7A76A6678301F1F87AA97 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9900CFAABC45B4247F9D78EE7E12B102D25EA325 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 (Sophos Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: BEBFAE20957D4DE689A8B962AEE358EFE39F195F (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: E64232B7757A335C032414C6888633CC498E7CD6 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: F74407DCA8D49D42D72D88863C17AB905EB94D1C (U)
HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
Task: {1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
Task: {F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
S2 Microsoft Hyper Integrations Services; C:\Windows\servicing\cf.exe [17920 2020-03-18] () [File not signed]
HKLM\ DisallowedCertificates: 18AA37360A0698E6A1F54A9E8268FB127B70E189 (AVG Netherlands B.V) <==== ATTENTION
HKLM\ DisallowedCertificates: 1F25DF887B158E34E2FCB13171924610C8F6BA2F (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 2CC344E13934A69AA993E80C8E20FF0ACCB33F1E (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 2F56FF8F95EE69A27C05DBB35924F847C86A66B4 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 31F5EE85DA34AD374D43776B54F6686E7E922737 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 42A8984E8B9C51F6B7274866F8726CA1E9057FAA (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: 5ACE40BD51EE148F299D37527AE1AD744CDE8EBB (U)
HKLM\ DisallowedCertificates: 5CA5F811E011742B05D014D03F85848D81F41A63 (Zemana) <==== ATTENTION
HKLM\ DisallowedCertificates: 622271AF668F99BD94AC12E5EBF86E48FD50AECB (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 6CD253D636A7B4D0E0981431BC064061A9853ED9 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 76FBABF1EADED3B91DD7A76A6678301F1F87AA97 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9900CFAABC45B4247F9D78EE7E12B102D25EA325 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 (Sophos Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: BEBFAE20957D4DE689A8B962AEE358EFE39F195F (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: E64232B7757A335C032414C6888633CC498E7CD6 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: F74407DCA8D49D42D72D88863C17AB905EB94D1C (U)
HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
Task: {1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
Task: {F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
S2 Microsoft Hyper Integrations Services; C:\Windows\servicing\cf.exe [17920 2020-03-18] () [File not signed]
2020-05-08 00:04 - 2020-05-08 00:04 - 000000000 ____D C:\Users\Cristian\AppData\Local\Google
2020-05-07 23:58 - 2020-05-07 23:58 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 23:58 - 2020-05-07 23:58 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 23:58 - 2020-05-07 23:58 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-07 23:56 - 2020-05-08 00:02 - 000003558 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-07 23:56 - 2020-05-08 00:02 - 000003434 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-07 23:56 - 2020-05-07 23:58 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-07 12:15 - 2020-05-07 12:15 - 000000000 ____D C:\Users\Cristian\AppData\Local\mbamtray
2020-05-07 12:15 - 2020-05-07 12:15 - 000000000 ____D C:\Users\Cristian\AppData\Local\mbam
2020-05-07 12:14 - 2020-05-08 11:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Trend Micro Installer
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\ESET
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Common Files\adaware
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\BullGuard Ltd
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\AVAST Software
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\G DATA
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Baidu Security
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Avira
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\AVG
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\360
2020-05-02 16:18 - 2020-05-02 16:18 - 014932720 _____ (Alejandro Cortés) C:\Program Files (x86)\Common Files\InjectedSetup.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX/Corregir y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Des-instalar Google Chrome desde el panel de programas de Windows.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Cris19 · 9 Mayo, 2020 22:45

Hola Javier.

Ejecuté FRST en modo seguro y se congeló durante el proceso. Figuraba como “no responde”.

Lo dejé un buen rato así, pero no cambió.

Lo cerré y volví a abrir. El boton “Fix” decía “Fixing”. Entonces lo deje y luego de unos minutos terminó.

Este es el log.

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-05-2020
Ran by Cristian (09-05-2020 18:08:44) Run:1
Running from C:\Users\Cristian\Desktop
Loaded Profiles: Cristian (Available Profiles: Cristian)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\ DisallowedCertificates: 18AA37360A0698E6A1F54A9E8268FB127B70E189 (AVG Netherlands B.V) <==== ATTENTION
HKLM\ DisallowedCertificates: 1F25DF887B158E34E2FCB13171924610C8F6BA2F (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 2CC344E13934A69AA993E80C8E20FF0ACCB33F1E (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 2F56FF8F95EE69A27C05DBB35924F847C86A66B4 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 31F5EE85DA34AD374D43776B54F6686E7E922737 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 42A8984E8B9C51F6B7274866F8726CA1E9057FAA (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: 5ACE40BD51EE148F299D37527AE1AD744CDE8EBB (U)
HKLM\ DisallowedCertificates: 5CA5F811E011742B05D014D03F85848D81F41A63 (Zemana) <==== ATTENTION
HKLM\ DisallowedCertificates: 622271AF668F99BD94AC12E5EBF86E48FD50AECB (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 6CD253D636A7B4D0E0981431BC064061A9853ED9 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 76FBABF1EADED3B91DD7A76A6678301F1F87AA97 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9900CFAABC45B4247F9D78EE7E12B102D25EA325 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 (Sophos Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: BEBFAE20957D4DE689A8B962AEE358EFE39F195F (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: E64232B7757A335C032414C6888633CC498E7CD6 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: F74407DCA8D49D42D72D88863C17AB905EB94D1C (U)
HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
Task: {1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
Task: {F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
S2 Microsoft Hyper Integrations Services; C:\Windows\servicing\cf.exe [17920 2020-03-18] () [File not signed]
HKLM\ DisallowedCertificates: 18AA37360A0698E6A1F54A9E8268FB127B70E189 (AVG Netherlands B.V) <==== ATTENTION
HKLM\ DisallowedCertificates: 1F25DF887B158E34E2FCB13171924610C8F6BA2F (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: 2CC344E13934A69AA993E80C8E20FF0ACCB33F1E (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 2F56FF8F95EE69A27C05DBB35924F847C86A66B4 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 31F5EE85DA34AD374D43776B54F6686E7E922737 (SurfRight B.V.) <==== ATTENTION
HKLM\ DisallowedCertificates: 42A8984E8B9C51F6B7274866F8726CA1E9057FAA (ESET) <==== ATTENTION
HKLM\ DisallowedCertificates: 5ACE40BD51EE148F299D37527AE1AD744CDE8EBB (U)
HKLM\ DisallowedCertificates: 5CA5F811E011742B05D014D03F85848D81F41A63 (Zemana) <==== ATTENTION
HKLM\ DisallowedCertificates: 622271AF668F99BD94AC12E5EBF86E48FD50AECB (Qihu 360 Software Co. Limited) <==== ATTENTION
HKLM\ DisallowedCertificates: 6CD253D636A7B4D0E0981431BC064061A9853ED9 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 76FBABF1EADED3B91DD7A76A6678301F1F87AA97 (Comodo Security Solutions) <==== ATTENTION
HKLM\ DisallowedCertificates: 84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 (Check Point Software Technologies Ltd.) <==== ATTENTION
HKLM\ DisallowedCertificates: 9900CFAABC45B4247F9D78EE7E12B102D25EA325 (Avira Operations GmbH & Co. KG) <==== ATTENTION
HKLM\ DisallowedCertificates: 9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 (Sophos Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: BEBFAE20957D4DE689A8B962AEE358EFE39F195F (Symantec Corporation) <==== ATTENTION
HKLM\ DisallowedCertificates: BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 (Emsisoft Ltd) <==== ATTENTION
HKLM\ DisallowedCertificates: E64232B7757A335C032414C6888633CC498E7CD6 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: F74407DCA8D49D42D72D88863C17AB905EB94D1C (U)
HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
Task: {1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
Task: {F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
S2 Microsoft Hyper Integrations Services; C:\Windows\servicing\cf.exe [17920 2020-03-18] () [File not signed]
2020-05-08 00:04 - 2020-05-08 00:04 - 000000000 ____D C:\Users\Cristian\AppData\Local\Google
2020-05-07 23:58 - 2020-05-07 23:58 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 23:58 - 2020-05-07 23:58 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 23:58 - 2020-05-07 23:58 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-07 23:56 - 2020-05-08 00:02 - 000003558 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-07 23:56 - 2020-05-08 00:02 - 000003434 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-07 23:56 - 2020-05-07 23:58 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-07 12:15 - 2020-05-07 12:15 - 000000000 ____D C:\Users\Cristian\AppData\Local\mbamtray
2020-05-07 12:15 - 2020-05-07 12:15 - 000000000 ____D C:\Users\Cristian\AppData\Local\mbam
2020-05-07 12:14 - 2020-05-08 11:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Trend Micro Installer
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\ESET
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Common Files\adaware
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\BullGuard Ltd
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files\AVAST Software
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\G DATA
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Baidu Security
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\Avira
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\AVG
2020-05-05 08:27 - 2020-05-05 08:27 - 000000000 ____D C:\Program Files (x86)\360
2020-05-02 16:18 - 2020-05-02 16:18 - 014932720 _____ (Alejandro Cortés) C:\Program Files (x86)\Common Files\InjectedSetup.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}\\SystemComponent" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\18AA37360A0698E6A1F54A9E8268FB127B70E189 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1F25DF887B158E34E2FCB13171924610C8F6BA2F => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2CC344E13934A69AA993E80C8E20FF0ACCB33F1E => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2F56FF8F95EE69A27C05DBB35924F847C86A66B4 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31F5EE85DA34AD374D43776B54F6686E7E922737 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\42A8984E8B9C51F6B7274866F8726CA1E9057FAA => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5ACE40BD51EE148F299D37527AE1AD744CDE8EBB => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5CA5F811E011742B05D014D03F85848D81F41A63 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\622271AF668F99BD94AC12E5EBF86E48FD50AECB => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6CD253D636A7B4D0E0981431BC064061A9853ED9 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\76FBABF1EADED3B91DD7A76A6678301F1F87AA97 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9900CFAABC45B4247F9D78EE7E12B102D25EA325 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BEBFAE20957D4DE689A8B962AEE358EFE39F195F => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E64232B7757A335C032414C6888633CC498E7CD6 => removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F74407DCA8D49D42D72D88863C17AB905EB94D1C => removed successfully
"HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\Microsoft Hyper Integrations Services => removed successfully
Microsoft Hyper Integrations Services => service removed successfully
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\18AA37360A0698E6A1F54A9E8268FB127B70E189 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\1F25DF887B158E34E2FCB13171924610C8F6BA2F => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2CC344E13934A69AA993E80C8E20FF0ACCB33F1E => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\2F56FF8F95EE69A27C05DBB35924F847C86A66B4 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\31F5EE85DA34AD374D43776B54F6686E7E922737 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\42A8984E8B9C51F6B7274866F8726CA1E9057FAA => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5ACE40BD51EE148F299D37527AE1AD744CDE8EBB => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\5CA5F811E011742B05D014D03F85848D81F41A63 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\622271AF668F99BD94AC12E5EBF86E48FD50AECB => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\6CD253D636A7B4D0E0981431BC064061A9853ED9 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\76FBABF1EADED3B91DD7A76A6678301F1F87AA97 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\84C08B7A367422AF5FEF8D353B36191ECE9DBAF7 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9900CFAABC45B4247F9D78EE7E12B102D25EA325 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\9C2479D4BEF807FEFE3CE2B6B2D7FC4C71E0EBA5 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BEBFAE20957D4DE689A8B962AEE358EFE39F195F => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\BFA87DC996BD6BCB02B6F530D2C646A0B5A0D5A9 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E64232B7757A335C032414C6888633CC498E7CD6 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\F74407DCA8D49D42D72D88863C17AB905EB94D1C => not found
"HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => not found
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F99EC9B-BEC4-4EE3-A802-66DA5D787CFF}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6C28378-AE4F-4BEB-86CF-FB7B8B1B376D}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
Microsoft Hyper Integrations Services => service not found.
C:\Users\Cristian\AppData\Local\Google => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk => moved successfully
C:\Users\Public\Desktop\Google Chrome.lnk => moved successfully
"C:\ProgramData\Desktop\Google Chrome.lnk" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Program Files (x86)\Google => moved successfully
C:\Users\Cristian\AppData\Local\mbamtray => moved successfully
C:\Users\Cristian\AppData\Local\mbam => moved successfully

"C:\ProgramData\Malwarebytes" folder move:

Could not move "C:\ProgramData\Malwarebytes" => Scheduled to move on reboot.

C:\ProgramData\Trend Micro Installer => moved successfully
C:\ProgramData\Kaspersky Lab Setup Files => moved successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\Program Files\Malwarebytes => moved successfully
C:\Program Files\ESET => moved successfully
C:\Program Files\Common Files\adaware => moved successfully
C:\Program Files\BullGuard Ltd => moved successfully
C:\Program Files\Bitdefender Agent => moved successfully
C:\Program Files\AVAST Software => moved successfully
C:\Program Files (x86)\Panda Security => moved successfully
C:\Program Files (x86)\G DATA => moved successfully
C:\Program Files (x86)\CheckPoint => moved successfully
C:\Program Files (x86)\Baidu Security => moved successfully
C:\Program Files (x86)\Avira => moved successfully
C:\Program Files (x86)\AVG => moved successfully
C:\Program Files (x86)\360 => moved successfully
C:\Program Files (x86)\Common Files\InjectedSetup.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4276149515-3343185494-2045537785-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Wi-Fi mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::e0d6:15cf:78cb:7553%6
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.100
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14923863 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 339569748 B
Edge => 592211 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 47654 B
NetworkService => 52430 B

Result of scheduled files to move (Boot Mode: Safe Mode (with Networking)) (Date&Time: 09-05-2020 19:15:33)

==> ATTENTION: System is not rebooted.
C:\ProgramData\Malwarebytes => Could not move

==== End of Fixlog 19:16:16 ====

No pude desinstalar Google Chrome porque FRST ya lo había puesto en quarentena, la carpeta del programa ya no está. Sin embargo sigue en la lista de programas.

Hasta ahora no volvió a instalarse. Noté que el proceso “chromedriver.exe” que siempre aparecía en Administrador de tareas ya no está.

Se eliminaron las carpetas con nombres de antivirus conocidos como “AVG” sin acceso.

Solo hay una “eset.temp” en el disco C. Pero tal vez este relacionada con el antivirus que tengo instalado en el otro SO.

JavierHF · 10 Mayo, 2020 00:14

Y NO te deja que le puedas desinstalar desde la lista de programas…??

Intenta ademas eliminar manualmente la carpeta “eset.temp” que en teoría NO debería pertenecer al antivirus de ESET.

Luego nos comentas.

Saludos.

Cris19 · 10 Mayo, 2020 03:48

Al querer desinstalar Google Chrome desde la lista de programas, me dice que no se puede encontrar el archivo “setup.exe”.

Ya eliminé manualmente la carpeta eset.temp.

Cuando empezó el problema, se instalaba sólo Google Chrome, había carpetas falsas de antivirus y Windows Defender había dejado de funcionar.

Las 2 primeras parece que están resueltas, sólo me queda probar Windows Defender que supongo esta deshabilitado porque tengo Malwarebytes instalado.

Qué me recomendas? alcanza sólo con Windows Defender o tengo que instalar algún otro antivirus?

Saludos

En Windows Update me salen estos mensaje:

*Tu organización administra algunas opciones de configuración

*Tu organización desactivó las actualizaciones automáticas

Subo unas imágenes:

JavierHF · 10 Mayo, 2020 10:30

Hola.

Veamos… esas opciones que indicas que figuran de esa manera “se supone” que están así por tener instalado otro antivirus distinto a Windows Defender, en este caso Malwarebytes.

Lo que SI tienes que poder hacer es desde >> Configuración >> Actualizaciones y seguridad >> Windows Update y “Buscar Actualizaciones”, compruébalo y realiza TODAS las que puedas tener pendientes hasta cerciorarte que NO queda ninguna.

Bien… y ahora haces lo siguiente, descarga e instala este programa Manual de Revo Uninstaller

Y úsalo para desinstalar TODO lo que encuentres relativo a Google Chrome, cuando Revo te pida, que selecciones el método de desinstalación, seleccionas “Avanzado”.

Si durante el proceso te solicita “Reiniciar” NO lo hagas, dile que NO y deja que Revo siga trabajando.

Cuando termines todos los procesos de desinstalación ya REINICIAS tú el ordenador.

Compruebas y nos comentas.

Cuando terminemos de analizar tu equipo hablamos de que antivirus puedes poner en ese equipo.

Saludos.

Cris19 · 10 Mayo, 2020 20:28

Hola Javier.

Ya desinstalé todo lo relativo a Google Chrome con Revo.

Con respecto a Windows Update, me aparece una lista de actualizaciones todas relacionadas al Office. Algunas figuran como “Instalación pendiente”, las demas “Descargando: 0%” y una en 4%.

Pero no avanza el porcentaje, y al reiniciar dice “No se pudo actualizar” y “Reintentar”.

Podría desactivar la actualizaciones de Office ya que sólo me interesa mantener Windows actualizado.

JavierHF · 10 Mayo, 2020 23:33

Hola.

Cuanto tiempo estuviste esperando…??

En ocasiones tarda mucho en terminar de hacerse…??

Déjalas al menos 4/5 horas de tiempo…??

Salidos.

Cris19 · 11 Mayo, 2020 14:04

Ok, voy a probar dejarlo más tiempo.

No se cuánto tiempo fue, pero más de 1 hora y no cambió ni 1%.

Buenas…

Después de dejarlo más tiempo, y darle al botón reintentar un par de veces, se instalaron las actualizaciones que figuraban como “Instalación pendiente”.

Pero las que aparecen como “Descargando” terminan con un error.

Buscando en internet el código de error…

https://answers.microsoft.com/es-es/windows/forum/all/windows-10-error-0x80d02002-al-instalar/4291af5a-9399-47f0-80ae-22040e72b1f0

Sigo esos pasos?

Otro tema… Noté que al iniciar Windows se ejecuta en segundo plano Windows Defender, hace alguna tarea y luego se cierra.

También me apareció esta ventana mientras usaba el explorador Edge. Le di a Cancelar.

Saludos.

JavierHF · 11 Mayo, 2020 14:45

Hola.

Hiciste un REINICIO despues de que se instalaran esas que estaban pendientes…??

Si las otras te siguen dando problemas despues del REINICIO intenta seguir los pasos que se dan en ese tema que pusiste y en concreto los del punto 4.

Cuando la hayas usado REINICIAS el equipo y compruebas.

En cuanto al mensaje del Firewall en relación a Edge tienes que darle permiso.

Prueba y nos comentas.

Saludos.