Problemas post instalación SpyHunter 5

Buenas noches, como el titulo lo indica creo que me metí en un lío tremendo, después de instalar y tratar de desinstalar el programa Spyhunter 5 noté que mi pc se puso mas lenta de lo normal, ahora veo que no se dejó eliminar del todo y en el registro de mi pc aparece : Device\HarddiskVolume2\ProgramData\EnigmaSoft Limited\sh5_Installer.exe

Ademas empecé a utilizar una TIC llamada Cuadernía y después de un análisis mi antivirus me llevó a este mensaje : KLA10943 DENEGACIÓN DE VULNERABILIDAD DEL SERVICIO EN PHP Por si fuera poco al tratar de navegar en Firefox me sale el siguiente mensaje : No se ha conectado: Posible problema de seguridad

Firefox ha detectado una potencial amenaza de seguridad y no ha continuado a www.(youtube, twitter ,facebook, etc).com porque este sitio web requiere una conexión segura.

Datos : sistema operativo Win10 64 , RAM 4G, 3 discos duros de 500G Programas de seguridad instalados: -Kaspersky (activado por 90 días) -Malwarebytes versión Free -Adwarecleaner Y cada mes le paso el Eset online scanner

navegador Google, Opera (funcionan relativamente bien ) y Firefox (recién instalado) con el mensaje de arriba. Utilicé el KMSPiko para activar windows… Agradezco la ayuda que me puedan prestar…

Hola @Lord_Gecha

Realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas Uno a Uno, respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.

  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Malwarebytes

  • No olvides actualizarlo.
  • Lee detenidamente su Manual
  • Realiza un Análisis Personalizado marcando todas las unidades
  • Pulsa en “Eliminar Seleccionados” para enviar lo encontrado a la cuarentena.
  • Reinicias el Sistema.
  • En el apartado del manual “Historial” >> Registros de Aplicación >> Scan Log/Registro de Análisis encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta.

4.- Nota Importante:

En tu próxima respuesta debes pegar los reportes de AdwCleaner , ZHPCleaner y Malwarebytes.

Guía: ¿Como Pegar reportes en el Foro?

Nos comentas.

Salu2

Muchas gracias procedo de inmediato

Hola:

Perfecto por acá estaremos :coffee:

Salu2

ummmm después de un día, vuelvo ,pido excusas decidí utilizar el método 1 aquí va el primer informe : A 1 Adwarecleaner


Malwarebytes AdwCleaner 7.4.0.0

# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    07-27-2019
# Duration: 00:00:21
# OS:       Windows 10 Pro Education
# Scanned:  35810
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1250 octets] - [28/05/2019 20:17:29]
AdwCleaner[S01].txt - [1451 octets] - [29/05/2019 01:22:17]
AdwCleaner[C01].txt - [1599 octets] - [29/05/2019 01:46:01]
AdwCleaner[S02].txt - [1433 octets] - [29/05/2019 22:37:58]
AdwCleaner[S03].txt - [1494 octets] - [07/06/2019 22:08:55]
AdwCleaner[S04].txt - [1555 octets] - [07/06/2019 23:11:31]
AdwCleaner[S05].txt - [1616 octets] - [10/06/2019 21:54:35]
AdwCleaner[S06].txt - [1677 octets] - [10/06/2019 21:55:14]
AdwCleaner[S07].txt - [1738 octets] - [11/06/2019 00:55:32]
AdwCleaner[S08].txt - [1799 octets] - [14/06/2019 00:54:15]
AdwCleaner[S09].txt - [1860 octets] - [18/06/2019 01:22:52]
AdwCleaner[S10].txt - [1921 octets] - [18/06/2019 20:25:20]
AdwCleaner[S11].txt - [1982 octets] - [22/06/2019 14:12:12]
AdwCleaner[S12].txt - [2043 octets] - [27/06/2019 17:12:27]
AdwCleaner[S13].txt - [2269 octets] - [13/07/2019 19:58:31]
AdwCleaner[C13].txt - [2417 octets] - [13/07/2019 19:59:21]
AdwCleaner[S14].txt - [2235 octets] - [16/07/2019 11:50:54]
AdwCleaner[S15].txt - [2436 octets] - [18/07/2019 18:08:55]
AdwCleaner[C15].txt - [2584 octets] - [18/07/2019 18:10:48]
AdwCleaner[S16].txt - [2418 octets] - [23/07/2019 09:51:16]
AdwCleaner[S17].txt - [2555 octets] - [25/07/2019 17:49:55]
AdwCleaner[S18].txt - [2616 octets] - [26/07/2019 17:44:17]
AdwCleaner[S19].txt - [2677 octets] - [26/07/2019 23:52:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S20].txt ##########

Y qui va el segundo :

ZHP Cleaner : ~ ZHPCleaner v2019.7.26.107 by Nicolas Coolman (2019/07/26)
~ Run by LORD GECHA (Administrator)  (27/07/2019 11:41:29)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : 
~ Certificate ZHPCleaner: Legal
~ Type : Scanner
~ Report : C:\Users\LORD GECHA\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\LORD GECHA\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Pro Education, 64-bit  (Build 17763)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (21)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (7)
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\aria-debug-7308.log    =>.SUP.Temporary.OneDrive
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\CUsersLORD GECHAAppDataLocalProgramsOpera62.0.3331.72opera_autoupdate.download.lock    =>.SUP.Temporary.Opera
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\zam-shadow-copy-record.mbr    =>.SUP.Temporary.Zemana
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\zam-shadow-copy-record0.vbr    =>.SUP.Temporary.Zemana
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\zam-shadow-copy-record1.vbr    =>.SUP.Temporary.Zemana
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\zam-shadow-copy-record2.vbr    =>.SUP.Temporary.Zemana
ENCONTRADOS carpeta: C:\Users\LORD GECHA\AppData\Local\Temp\zam-shadow-copy-record3.vbr    =>.SUP.Temporary.Zemana


---\\  Registro ( Claves, Valores, Datos) (2)
ENCONTRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{769e91ac-9298-4855-a3be-038a6d527c24}\\DhcpNameServer [Bad : 181.70.124.110 200.13.249.101]  =>Hijacker.Browser
ENCONTRADOS dados: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer [Bad : 181.70.124.110 200.13.249.101]  =>Hijacker.Browser


---\\  Resumen de elementos en su estación de trabajo (4)
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.OneDrive
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Opera
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/  =>.SUP.Temporary.Zemana
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/  =>Hijacker.Browser


---\\ Resultado de la reparación.
~ ninguna reparación hecha


---\\ STATISTIQUES
~ Items escaneado : 102305
~ Items encontrado : 9
~ artículos cancelados : 0
~ Items opciones : 13/13
~ Ahorro de espacio (bytes) : 30990


~ End of search in 00h22mn57s

---\\  Reporte (5)
ZHPCleaner-[R]-26072019-20_27_47.txt
ZHPCleaner-[R]-27072019-00_08_24.txt
ZHPCleaner-[S]-26072019-20_19_39.txt
ZHPCleaner-[S]-27072019-00_06_03.txt
ZHPCleaner-[S]-27072019-12_04_26.txt

Y aqui va el tercero :

alwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 27/7/19
Hora del análisis: 12:13
Archivo de registro: c975f52a-b091-11e9-a048-0019d190ab7c.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11740
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17763.615)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-R699RE2\LORD GECHA

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 452751
Amenazas detectadas: 11
Amenazas en cuarentena: 0
Tiempo transcurrido: 4 hr, 15 min, 16 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 11
RiskWare.GameHack, G:\Z-VARIOS\TR\TOMB RAIDER GOTY EDITION\STEAM_API.DLL, Sin acciones por parte del usuario, [7520], [305544],1.0.11740
HackTool.Agent.KMS, E:\ISOS WINDOWS\ACTIVADORES\ACTIVADORES\MICROSOFT.TOOLKIT.V2.6.3-CODYQX4\KDUJWH\KMSPICO PORTABLE\KMSELDI.EXE, Sin acciones por parte del usuario, [8067], [700614],1.0.11740
PUP.Optional.iObitDriverBooster, E:\MANTENIMIENTO\DRIVERS\DRIVERS 2018\DRIVER BOOSTER\DRIVER_BOOSTER_SETUP.EXE, Sin acciones por parte del usuario, [5277], [651970],1.0.11740
PUP.Optional.iObitDriverBooster, E:\MANTENIMIENTO\DRIVERS\DRIVERS 2018\DRIVER BOOSTER\DRIVER\DRIVER BOOSTER 2018 - 1\IOBIT DRIVER BOOSTER 6 PRO V6 BY DESCARGASFULL\DRIVER_BOOSTER_SETUP_RC.EXE, Sin acciones por parte del usuario, [5277], [651970],1.0.11740
PUP.Optional.iObitDriverBooster, E:\MANTENIMIENTO\DRIVERS\DRIVERS 2018\DRIVER BOOSTER\DRIVER\DRIVER BOOSTER 2018 - 1\IOBIT DRIVER BOOSTER 6 PRO V6 BY DESCARGASFULL.RAR, Sin acciones por parte del usuario, [5277], [651970],1.0.11740
Trojan.MalPack.Generic, D:\JUEGOS\GGG\LUXOR\LUXOR\LUXORRES.DLL, Sin acciones por parte del usuario, [9783], [354617],1.0.11740
Trojan.MalPack.Generic, D:\JUEGOS\GGG\LUXOR\LUXORRES.DLL, Sin acciones por parte del usuario, [9783], [354617],1.0.11740
Trojan.MalPack.Generic, D:\JUEGOS\GGG\LUXOR\LUXOR.RAR, Sin acciones por parte del usuario, [9783], [354617],1.0.11740
Trojan.MalPack.Generic, D:\JUEGOS\GGG\LUXOR 1\LUXOR RAR\LUXOR\LUXORRES.DLL, Sin acciones por parte del usuario, [9783], [354617],1.0.11740
Trojan.MalPack.Generic, D:\JUEGOS\GGG\LUXOR 1\LUXOR RAR\LUXOR.RAR, Sin acciones por parte del usuario, [9783], [354617],1.0.11740
Trojan.MalPack.Generic, D:\JUEGOS\GGG\LUXOR 1\LUXOR RAR\LUXOR[1].RAR, Sin acciones por parte del usuario, [9783], [354617],1.0.11740

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola @Lord_Gecha

Debes ejecutar nuevamente Malwarebytes y eliminar todo lo que detecte ya que menciona Sin acciones por parte del usuario

Salu2

Ya eliminé de la cuarentena todo, tengo que volver a analizar todo?¿ o solo disco C ?¿

Hola:

Si eliminaste todo no es necesario, solo debes copiar el reporte de la eliminación ya que tu copiaste el del Scan antes del reinicio.


Luego realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 28/7/19
Hora del análisis: 15:18
Archivo de registro: dadfdee6-b174-11e9-bfc4-0019d190ab7c.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11760
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17763.615)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-R699RE2\LORD GECHA

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 285818
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 9 min, 9 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Desactivado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola:

Perfecto…Pega a continuación los reportes de FRST y Addition.

Salu2.

Tengo que cerrar el navegador?¿

Hola:

Si ejecuta FRST con todos los programas cerrados incluyendo los navegadores.

Salu2

Me sale un mensaje al intentar pegar el informe : Your post contains a word that´s not allowed: “pu-ta”
*lo tuve que escribir así, pero es sin comillas y sin separación

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by LORD GECHA (29-07-2019 00:34:35)
Running from C:\Users\LORD GECHA\Downloads
Windows 10 Pro Education Version 1809 17763.615 (X64) (2019-05-28 22:52:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3002798588-1030820221-4016565404-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3002798588-1030820221-4016565404-503 - Limited - Disabled)
Invitado (S-1-5-21-3002798588-1030820221-4016565404-501 - Limited - Disabled)
LORD GECHA (S-1-5-21-3002798588-1030820221-4016565404-1001 - Administrator - Enabled) => C:\Users\LORD GECHA
WDAGUtilityAccount (S-1-5-21-3002798588-1030820221-4016565404-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Total Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
Adobe Photoshop CS6 versión 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
C-Media PCI Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008738}) (Version: 1.00.0003 - )
CrystalDiskInfo 8.1.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
cuadernia 3 (HKLM-x32\...\{238217FC-1B07-45B9-9636-7D759C3F1CBB}) (Version: 3.0.0.0 - Castilla-La Mancha)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.5.0.6 - IObit)
Kaspersky Internet Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (HKLM\...\{34FE5428-54F4-3883-9372-AD81FFD14F69}) (Version: 12.0.20617 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (HKLM\...\{8DCF8C8F-4ADA-3395-BF10-A3437F9929D4}) (Version: 12.0.20617 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (HKLM-x32\...\{74D52476-2E1E-3F1B-8460-E4ECF2FB6491}) (Version: 12.0.20617 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (HKLM-x32\...\{1F2DC3EA-9682-3AAA-BB63-D9BC1AC17960}) (Version: 12.0.20617 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 68.0.1 (x64 es-ES)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.0.1 - Mozilla)
Opera Stable 62.0.3331.72 (HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\Opera 62.0.3331.72) (Version: 62.0.3331.72 - Opera Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8573 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1040 - SUPERAntiSpyware.com)
Tom Clancy's Splinter Cell (HKLM-x32\...\GOGPACKSPLINTERCELL_is1) (Version: 2.0.0.12 - GOG.com)
Tom Clancys Splinter Cell Chaos Theory MULTi6 - ElAmigos versión 1.05.157 (HKLM-x32\...\{B26428C7-19FA-41C9-8948-DA42A80738D4}_is1) (Version: 1.05.157 - Ubisoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-0012-0000-1000-0000000FF1CE}_Office16.STANDARD_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.STANDARD_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> [CC]{836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> [CC]{836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> [CC]{836AB26C-2DE4-41D3-AC24-4C6C2699B960} =>  -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\shellex.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-05-30 16:01 - 2019-05-30 16:01 - 000032256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\f1f7bd49eea45dfc3e2f2dd0ef6681fb\A4.Foundation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\d404e325f3e7f244813fab09e42fe51f\AEM.Actions.CCAA.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\dcd29cf711ceb9293005b82c39bb0a82\AEM.Plugin.EEU.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\4991f9815edd6a885595c908d624563f\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-07-10 13:09 - 2019-07-10 13:09 - 000275968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\87f4693b922965d4fa1fc3b50300a36d\AEM.Plugin.Source.Kit.Server.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\dcc8c7ce7a9cbef4e38b1e39d25023da\AEM.Plugin.WinMessages.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\f9c62608e628693023d41de54be18510\AEM.Plugin.REG.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\86e399bec305e72963af4a1138e71deb\AEM.Plugin.GD.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\65407c4ff29b7e6f1a08408a78c67028\AEM.Server.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\4d1e4451b64ec0ca8b50210c02dcf01c\AEM.Server.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\5c49fff8ac9dd1f79dc5b9855b5fd44e\APM.Foundation.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\04f3f8ba8fd42dcd34882423d138226d\ATICCCom.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\e7a9563799f1864bc6739fd33d234fac\CCC.Implementation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC\70bbcb1912f1bd12d6a1e55f9f04c420\CCC.ni.exe
2019-05-30 16:01 - 2019-05-30 16:01 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\8eac81eacb809d7f43c9766ad31ef477\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\78f7befa687f1b20fb5a99fbf37ff339\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\e118fba09a86b90868b83d7034f87c83\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\bc52c5be6b247881ab1084347ec2d015\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000206336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\f4a09a042cd00762c701b436e50f3fd6\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\5810f871d6afad04323487d607dab698\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\e389fe51bae6cce90aaf8c0454b3bd38\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\0797004b8c5fd36c4c2fbf7d7a23313e\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\58770cb53a077f03e86fab0c5f119e1f\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\8d44f947f27c1e24f9c249af0a2458cf\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000355840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\702a626536b4524497a1eb84979ae48f\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000062976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\3a763781043d5aa809da697c59e5594f\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 000666112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\717a0f244479ebca2f603f34dac4cfae\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 000310784 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.87ad5c75#\c1db609969371a49e6553d742c8b4758\CLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000727552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0aa832508990ef6c3f7c833aa7ffbd19\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 000446464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\897085b4499721c2b3141d563ba8ba64\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\2b6399442a14b51c8c5371e13f760189\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\bbe4c56cb409350820044b458f533d30\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\ef6e89698a62e25500b5f72d24c3fd67\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\7383a27db8b5b155e8d6439d72394eb3\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\08598bb8be7efc7d8cfac32af5c3d927\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 000066560 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\fc15cd4e57300743e3e19dd33289dea0\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\8b15a756623d72457f892d0e02004b15\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\4f74645b376c4b748dac0f005aa719d2\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 000270848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\2751f73f421d436c4192ff49600fa602\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 003282432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\81f1eefa9209233b1c005d9740135646\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000236032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\a72dcc0d5f271e1c9591feb9e0f064c8\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\0142c9a578ca4e6530dd89fd39a6881e\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\94ff92b0b9fe81b64834dc495b7e094b\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\42cb867217244cd763d998b81f63d1aa\CLI.Caste.A4.Runtime.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\9eea1a4f844e809722e5bfc596262c86\CLI.Caste.A4.Shared.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\5cf8b081b90045782415a13405849c53\CLI.Caste.A4.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\7b4fa96e9a09d993c7a2716b58938026\CLI.Caste.Fuel.Shared.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\30b360cadad48a5b9d879e3c828a45ab\CLI.Caste.Fuel.Runtime.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\51e3efd4fab1a1f8996ed19c9c15bfb7\CLI.Caste.Fuel.Dashboard.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\7cc8aee3231425d8fde9889d669e7374\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 001537536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\fd2dca23e057e36b0115331fb3203948\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 000574976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\1937455fb7640db31d7c36a84db43410\CLI.Caste.Graphics.Dashboard.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\22afae94de5f3003f1e8e057a1717790\CLI.Caste.HydraVision.Runtime.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\a03f7a6bd354650402d2bddbc61f0bac\CLI.Caste.HydraVision.Shared.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\ccd6b53a7578dad3a1fa5b2b7287818e\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\c853ebcf410d2c877eae81a37847e209\CLI.Caste.Platform.Shared.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\ac85e48a177b9feeb6722d2c7b5bc586\CLI.Caste.Platform.Runtime.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\bdb98b86e4d209b2d0e23e6d6c77eaba\CLI.Caste.Platform.Dashboard.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\e17196ea18ac140e8913905f2adf5670\CLI.Component.Runtime.Shared.ni.dll
2019-07-10 13:13 - 2019-07-10 13:13 - 000884736 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\43284a6e29641d1f9b751d13ce297c85\CLI.Component.Systemtray.ni.dll
2019-07-10 13:13 - 2019-07-10 13:13 - 000168960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\9379b07d90080de979fc6e35fd20e230\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\a5232a6dd8af2e948d6937e5affbfb3d\CLI.Component.Runtime.Shared.Private.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\d80c4a476961f89b4d44ba0df20418db\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 001605632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\25053c678223e6597b5e13b3c5d09ab4\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\85c4097da1b766d06ead5f1345f12561\CLI.Component.Client.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000086016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\e830e3abedf5ae8041fcf8d4f2589bee\CLI.Component.Dashboard.Shared.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\5c14d7d2642d67665d57b30a4c9ed3e1\CLI.Foundation.Private.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\dfec139c27ecaa8282a5aee9d80dea96\CLI.Foundation.XManifest.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\f96e32dad80b37ef4813f60c964c8d41\CLI.Foundation.CoreAudioAPI.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 001052672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\662a77d1543cd355877dbb33e456db2b\CLI.Foundation.Client.ni.dll
2019-07-10 13:09 - 2019-07-10 13:09 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\70364ffd5769a5c1ea3bee6839f3fdf2\CLI.Foundation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\e67713f98e8247089ce0f010899a2fea\DEM.Foundation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\736d78feb194a4a348102ebd1532d5b9\DEM.Graphics.I0601.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\89f9ffda679bc120eaf6a1db29a8d798\DEM.Graphics.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\cffd1d53ac88d142e1cc74ee891a3020\Fuel.Foundation.ni.dll
2019-07-10 13:13 - 2019-07-10 13:13 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\55bf0efa161fd0a4f92f04ae18cdc28f\LOG.Foundation.Implementation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\4afb518f1aecfb57a4c18023b5d02f69\LOG.Foundation.Private.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\541b65c501f8ebe5fa5b2e590da245ab\LOG.Foundation.Implementation.Private.ni.dll
2019-07-10 13:09 - 2019-07-10 13:09 - 000132096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\2842c851c13e29be41bafee36cab7b39\LOG.Foundation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\0ff4d8b43ff3a7be591c2b3802e53179\MOM.Foundation.ni.dll
2019-05-30 16:04 - 2019-05-30 16:04 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\975f45cf5a4407c40afd6e7520fa87e2\MOM.Implementation.ni.dll
2019-05-30 16:04 - 2019-05-30 16:04 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM\094c1023644d6009ef309566ed8ea4b5\MOM.ni.exe
2019-05-30 16:01 - 2019-05-30 16:01 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\ecbc44e3c4e8ccc3018ec1875c7702e8\NEWAEM.Foundation.ni.dll
2015-11-04 16:40 - 2015-11-04 16:40 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\2f2c7ae1e2b9768a170c13b318065c68\ADL.Foundation.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\a4ef4c30f50b6295c5ed3ca3abb97245\APM.Server.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000290816 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\1d3b1dd091ff07f13be14e533d169d41\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 001642496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\ce1602ea14323460ad57cadfb9465f13\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-07-10 13:11 - 2019-07-10 13:11 - 006323200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\5ca2e8136c5c0429605d4b4171894d74\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 007986176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\653fcf06c4880e91f785f431274beb83\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-07-10 13:12 - 2019-07-10 13:12 - 001131008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\364222f8712d5a5140fab1f3fdfe8ee6\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 000133632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\62f4d11b5455767ad8192014afc8f1f0\CLI.Component.Client.Shared.Private.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\4c7c53fdf2f9a4ec07563cc2951da4a9\CLI.Component.Runtime.ni.dll
2019-07-10 13:13 - 2019-07-10 13:13 - 000910336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\c96acc1db00c357235852b69a0b125de\CLI.Component.Dashboard.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000017920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0703\1ee550d3e8b5f9617cdd537579b2006e\DEM.Graphics.I0703.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\1570720eca263c44202dc9376be4579e\DEM.Graphics.I0706.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\812c37611ef161a0a970475dc659e4be\DEM.Graphics.I0709.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\3b39988002025cc97fe6b01b8549fd81\DEM.Graphics.I0712.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\01ff4d1f3e3edbdaffdd488a710bc8be\DEM.Graphics.I0804.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\598be6e9eff4bedefcfd8cb32f6a968f\DEM.Graphics.I0805.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\58ed732111cdea0fbb53d638209616ec\DEM.Graphics.I0812.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\995749161a5b201fd97b0fca315e5106\DEM.Graphics.I0906.ni.dll
2019-05-30 16:02 - 2019-05-30 16:02 - 000014848 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\16d31ad42edca848ce16225fddf07122\DEM.Graphics.I0912.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\0567c329ab30ddaee0068abd324437d4\DEM.Graphics.I1010.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 001144320 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\77cd0bcf294cff051d4a09139314c802\Localization.Foundation.Private.ni.dll
2019-07-10 13:14 - 2019-07-10 13:14 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\bdd1b04f8ca9de6b6cb8633ad8514f06\ResourceManagement.Foundation.Implementation.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\41798ebdb97a1e9cbf08c562f51a5066\ResourceManagement.Foundation.Private.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 000090112 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\22ffdb95431b2996248b12537a237a8c\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 002786304 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\39bc84786ed5f88b6b276a90d6c5dd63\CLI.Caste.Graphics.Shared.ni.dll
2019-05-30 16:03 - 2019-05-30 16:03 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\672c65a27b6d41c01b63b302812a863a\CLI.Caste.Graphics.Runtime.ni.dll
2019-05-30 16:01 - 2019-05-30 16:01 - 000332800 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\2a0bddae2f1f3ac7690539a295c563f8\Microsoft.WindowsAPICodePack.ni.dll
2019-07-10 13:10 - 2019-07-10 13:10 - 002498048 _____ (Microsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\a1575970a80dcbbfaf779e951874d020\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:ECC979BD [109]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 02:31 - 2018-09-15 02:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\Control Panel\Desktop\\Wallpaper -> D:\IMAGENES\Fondos\Mejores wallpapers\pipes-1875809_960_720.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\StartupApproved\StartupFolder: => "ubisoft register.lnk"
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{37C9D493-A1C4-4267-BF92-F97E51546287}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{1F3BE411-9A06-4707-A063-7FD9DF72E612}C:\program files (x86)\castilla-la mancha\cuadernia 3\server\nginx.exe] => (Allow) C:\program files (x86)\castilla-la mancha\cuadernia 3\server\nginx.exe () [File not signed]
FirewallRules: [UDP Query User{1007B7A4-5640-4419-AE51-4192DF0A7425}C:\program files (x86)\castilla-la mancha\cuadernia 3\server\nginx.exe] => (Allow) C:\program files (x86)\castilla-la mancha\cuadernia 3\server\nginx.exe () [File not signed]
FirewallRules: [{3DA9CDF8-FD5F-4F0E-8D89-EDC53781D0AD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D19E5E48-4A13-4EF3-B870-CA0238B8A2C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

28-07-2019 21:41:48 ZHPcleaner

==================== Faulty Device Manager Devices =============

Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2019 05:58:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 10.0.17763.592, marca de tiempo: 0xe27bfbb1
Nombre del módulo con errores: UninstallExplorer.dll, versión: 1.0.7.16, marca de tiempo: 0x556c36ef
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000012954e
Identificador del proceso con errores: 0x924
Hora de inicio de la aplicación con errores: 0x01d5455e49b7f393
Ruta de acceso de la aplicación con errores: C:\Windows\Explorer.EXE
Ruta de acceso del módulo con errores: C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
Identificador del informe: 9454b610-03a0-4b32-b597-fba3e845435b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/28/2019 05:06:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WWAHost.exe (versión 10.0.17763.404) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 1578

Hora de Inicio: 01d545908b40fb11

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\System32\WWAHost.exe

Id. de informe: d72f44cc-890f-43e0-9411-5ffaa3b62be8

Nombre completo del paquete con errores: Microsoft.Windows.CloudExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Activation

Error: (07/27/2019 04:30:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: svchost.exe_WpnUserService, versión: 10.0.17763.1, marca de tiempo: 0xb900eeff
Nombre del módulo con errores: wpnuserservice.dll, versión: 10.0.17763.1, marca de tiempo: 0xcb4f608f
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x0000000000008a6d
Identificador del proceso con errores: 0x15e4
Hora de inicio de la aplicación con errores: 0x01d54498d2eaa835
Ruta de acceso de la aplicación con errores: C:\Windows\system32\svchost.exe
Ruta de acceso del módulo con errores: c:\windows\system32\wpnuserservice.dll
Identificador del informe: 25fc0837-e4d2-4327-9144-c1671de6c451
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/27/2019 11:27:49 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (07/27/2019 11:25:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SDScan.exe, versión: 2.7.64.191, marca de tiempo: 0x5ad9a8f3
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x00021ce9
Identificador del proceso con errores: 0x174
Hora de inicio de la aplicación con errores: 0x01d544940137fcfe
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: fd75d44e-f6a2-4c5a-bfef-a603b42d7aad
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/27/2019 11:06:38 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (07/27/2019 10:56:20 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (07/27/2019 01:08:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbam.exe, versión: 3.1.0.1838, marca de tiempo: 0x5d13b1a3
Nombre del módulo con errores: mbam.exe, versión: 3.1.0.1838, marca de tiempo: 0x5d13b1a3
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000ea594
Identificador del proceso con errores: 0x2130
Hora de inicio de la aplicación con errores: 0x01d544395a6f7f6c
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Identificador del informe: 7a3d2c4c-c2e5-4526-8825-b83c476a90a8
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (07/29/2019 12:27:20 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R699RE2)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-R699RE2\LORD GECHA con SID (S-1-5-21-3002798588-1030820221-4016565404-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/28/2019 11:53:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R699RE2)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-R699RE2\LORD GECHA con SID (S-1-5-21-3002798588-1030820221-4016565404-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/28/2019 11:44:00 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (07/28/2019 11:05:02 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (07/28/2019 10:29:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (07/28/2019 09:00:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: El dispositivo, \Device\Harddisk2\DR2, tiene un bloque defectuoso.

Error: (07/28/2019 03:29:21 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R699RE2)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-R699RE2\LORD GECHA con SID (S-1-5-21-3002798588-1030820221-4016565404-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/28/2019 03:02:39 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R699RE2)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario DESKTOP-R699RE2\LORD GECHA con SID (S-1-5-21-3002798588-1030820221-4016565404-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-05-28 19:22:21.817
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3008,ProcessStart:132035627934759103; service:_Service KMSELDI
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Versión de motor: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2019-05-28 19:21:15.549
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_C:\Program Files\KMSpico\Service_KMS.exe; process:_pid:3008,ProcessStart:132035627934759103
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\KMSpico\Service_KMS.exe
Versión de firma: AV: 1.273.933.0, AS: 1.273.933.0, NIS: 1.273.933.0
Versión de motor: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2019-07-03 13:59:53.438
Description: 
Antivirus de Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80004004
Descripción del error: Operación anulada 
Versión de firma: 1.273.933.0;1.273.933.0
Versión de motor: 1.1.15100.1

==================== Memory info =========================== 

BIOS: Intel Corp. PRG3110H.86A.0071.2010.0318.1704 03/18/2010
Motherboard: Intel Corporation DG31PR
Processor: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz
Percentage of memory in use: 69%
Total physical RAM: 4092.9 MB
Available physical RAM: 1249.9 MB
Total Virtual: 11632.62 MB
Available Virtual: 8030.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:99.46 GB) (Free:36.64 GB) NTFS
Drive d: (DATOS) (Fixed) (Total:365.76 GB) (Free:72.56 GB) NTFS
Drive e: (PROGRAMAS) (Fixed) (Total:100 GB) (Free:22.61 GB) NTFS
Drive f: (PELICULAS) (Fixed) (Total:365.63 GB) (Free:50.55 GB) NTFS
Drive g: (MIS SERIES) (Fixed) (Total:465.63 GB) (Free:53.19 GB) NTFS

\\?\Volume{7002a311-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 7002A311)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Resulta que tengo un archivo pdf en mi escritorio del libro de Fernando Vallejo llamado “la pu-ta de Babilonia”… imagino que ese es el problema, puedo eliminar esa linea del reporte?¿ es esta linea :smile: 2019-07-25 19:13 - 2019-07-25 19:13 - 000728815 _____ C:\Users\LORD GECHA\Desktop\Vallejo,Fernando,La p*** de Babilonia.pdf: grin:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by LORD GECHA (administrator) on DESKTOP-R699RE2 (29-07-2019 00:31:49)
Running from C:\Users\LORD GECHA\Downloads
Loaded Profiles: LORD GECHA (Available Profiles: LORD GECHA)
Platform: Windows 10 Pro Education Version 1809 17763.615 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CmPCIaudio] => C:\Windows\Syswow64\CMICNFG3.dll [12935168 2012-08-27] (C-Media Corporation) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [584128 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\Run: [uTorrent] => E:\GESTOR DE DESCARGAS\UTORRENT\Nueva carpeta\App\uTorrent\uTorrent.exe [2244032 2017-06-17] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-06-25] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\...\MountPoints2: {4781a677-90b1-11e9-81ca-0019d190ab7c} - "H:\setup.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
Startup: C:\Users\LORD GECHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ubisoft register.lnk [2019-06-20]
ShortcutTarget: ubisoft register.lnk -> C:\Program Files (x86)\Ubi Soft\Register\schedule.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0177C18E-A22C-433C-A7D3-65DB717B5DB7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {2A266864-B88E-438B-961C-2850F9CC73C9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2FFA58E8-EAF1-435D-85DF-BC584A4CF801} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {33724061-0B51-42AF-A45E-7341911466AC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4BC4523B-56DA-4A29-AB1A-1C9017455613} - System32\Tasks\Uninstaller_SkipUac_LORD_GECHA => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5286672 2019-04-26] (IObit Information Technology -> IObit)
Task: {5E3EB6CE-0767-4664-9F5C-67590F601746} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-28] (Google Inc -> Google LLC)
Task: {75C7A0A4-7A10-4EE9-A2A0-86C3E1AFF931} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {8BF52F9C-9116-4D59-A478-9E6EF5CF4FE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-28] (Google Inc -> Google LLC)
Task: {91A32D6F-E8E1-49E7-AE9C-8DA5C9F0469B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABEBA98E-12E6-41A6-9D94-7CD7A481E374} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {BD623237-8848-4C07-8688-FD6A929D0A08} - System32\Tasks\Opera scheduled Autoupdate 1563751067 => C:\Users\LORD GECHA\AppData\Local\Programs\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {C3E14B03-F863-4557-8C93-B429D7E56926} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-22] (Adobe Inc. -> Adobe)
Task: {E7787B08-0087-44AA-B997-201887E51305} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F433C41B-851E-40D2-AA79-6A10B0528E65} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-22] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{769e91ac-9298-4855-a3be-038a6d527c24}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3002798588-1030820221-4016565404-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit Information Technology -> IObit)
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 6fsv81i5.default
FF ProfilePath: C:\Users\LORD GECHA\AppData\Roaming\Mozilla\Firefox\Profiles\dc199zfj.default-release [2019-07-28]
FF ProfilePath: C:\Users\LORD GECHA\AppData\Roaming\Mozilla\Firefox\Profiles\6fsv81i5.default [2019-07-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-05-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.com.co/","hxxps://www.google.com/"
CHR Profile: C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default [2019-07-29]
CHR Extension: (Presentaciones) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-28]
CHR Extension: (Documentos) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-28]
CHR Extension: (Google Drive) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-28]
CHR Extension: (YouTube) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-28]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-28]
CHR Extension: (Hojas de cálculo) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-28]
CHR Extension: (Kaspersky Protection) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2019-05-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-28]
CHR Extension: (AdBlock) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-07-08]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-07-24]
CHR Extension: (Kaspersky Password Manager) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaoblbjfmcalcjjaifickaoccjmhlal [2019-05-28]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-05-28]
CHR Extension: (Gmail) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\LORD GECHA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit Information Technology -> IObit)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5356848 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [3848192 2012-09-04] (C-MEDIA ELECTRONICS INC. -> C-Media Inc)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (Kaspersky Lab -> AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2019-06-18] (DT Soft Ltd -> DT Soft Ltd)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-21] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-10-16] (IObit Information Technology -> IObit)
S3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-10-16] (IObit Information Technology -> IObit)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [92864 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37472 2019-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [197216 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [1214752 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [197760 2019-07-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1022048 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (Kaspersky Lab -> AO Kaspersky Lab)
S3 kltap; C:\Windows\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [99152 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [302368 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116104 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [198768 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_swmon; C:\Windows\System32\Drivers\klupd_klif_swmon.sys [216632 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [139968 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199640 2019-05-28] (Kaspersky Lab -> AO Kaspersky Lab)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2019-05-15] (Intel Corporation -> )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [47704 2019-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [367032 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-22] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-07-27] (Zemana Ltd. -> Zemana Ltd.)
S3 cpuz140; \??\C:\Users\LORDGE~1\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-29 00:31 - 2019-07-29 00:33 - 000024542 _____ C:\Users\LORD GECHA\Downloads\FRST.txt
2019-07-29 00:31 - 2019-07-29 00:31 - 000000000 ____D C:\FRST
2019-07-29 00:30 - 2019-07-29 00:30 - 002095104 _____ (Farbar) C:\Users\LORD GECHA\Downloads\FRST64.exe
2019-07-29 00:29 - 2019-07-29 00:29 - 001446912 _____ (Farbar) C:\Users\LORD GECHA\Downloads\FRST.exe
2019-07-29 00:08 - 2019-07-29 00:08 - 000001556 _____ C:\Users\LORD GECHA\Desktop\malwarebytes.txt
2019-07-28 21:25 - 2019-07-28 21:26 - 000000880 _____ C:\Users\LORD GECHA\Desktop\ZHPCleaner.lnk
2019-07-28 21:13 - 2019-07-28 21:18 - 000002434 _____ C:\Users\LORD GECHA\Desktop\Rkill.txt
2019-07-28 19:57 - 2019-07-28 21:57 - 000002034 _____ C:\Users\LORD GECHA\Desktop\SUPERAntiSpyware Free Edition.lnk
2019-07-28 19:57 - 2019-07-28 20:00 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2019-07-28 19:57 - 2019-07-28 19:59 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-07-28 16:51 - 2019-07-28 16:55 - 284606464 _____ C:\Users\LORD GECHA\Desktop\LibreOffice_6.1.6_Win_x64.msi
2019-07-28 16:10 - 2019-07-28 16:10 - 004327485 _____ C:\Users\LORD GECHA\Desktop\ikii.mp4
2019-07-28 15:28 - 2019-07-28 23:49 - 000000000 ____D C:\Users\LORD GECHA\AppData\LocalLow\Adobe
2019-07-28 12:17 - 2019-07-28 12:17 - 000627705 _____ C:\Users\LORD GECHA\Desktop\8ee2c58b-299c-4191-99df-2f24a767d30b.mp4
2019-07-28 12:17 - 2019-07-28 12:17 - 000548229 _____ C:\Users\LORD GECHA\Desktop\7a1758d9-fcc2-4238-915e-f6efa413a46a.mp4
2019-07-28 03:49 - 2019-07-28 03:56 - 524288000 _____ C:\Users\LORD GECHA\Downloads\10AVNGR-72p.part1.rar
2019-07-27 16:38 - 2019-07-27 16:38 - 000003062 _____ C:\Users\LORD GECHA\Desktop\malw.txt
2019-07-27 12:10 - 2019-07-28 21:43 - 000002822 _____ C:\Users\LORD GECHA\Desktop\ZHPCleaner (R).txt
2019-07-27 12:04 - 2019-07-28 21:57 - 000001924 _____ C:\Users\LORD GECHA\Desktop\ZHPCleaner (S).txt
2019-07-27 11:40 - 2019-07-27 11:40 - 000002738 _____ C:\Users\LORD GECHA\Desktop\AdwCleaner[S20].txt
2019-07-27 11:27 - 2019-07-27 11:27 - 000000085 _____ C:\Windows\wininit.ini
2019-07-27 10:56 - 2019-07-27 10:56 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2019-07-27 10:55 - 2019-07-27 11:27 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-07-27 10:54 - 2019-07-29 00:31 - 000312602 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-07-27 10:54 - 2019-07-27 11:26 - 000107886 _____ C:\Windows\ZAM.krnl.trace
2019-07-27 10:54 - 2019-07-27 10:54 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-07-27 10:54 - 2019-07-27 10:54 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\Zemana
2019-07-26 23:08 - 2019-07-26 23:08 - 014851957 _____ C:\Users\LORD GECHA\Downloads\php-7.3.7.tar.bz2
2019-07-26 23:04 - 2019-07-26 23:04 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\ESET
2019-07-26 22:44 - 2019-07-27 08:58 - 000001302 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-07-26 22:44 - 2019-07-27 00:09 - 000000000 ____D C:\Users\LORD GECHA\AppData\LocalLow\Mozilla
2019-07-26 22:44 - 2019-07-26 22:44 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-26 22:44 - 2019-07-26 22:44 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\Mozilla
2019-07-26 22:44 - 2019-07-26 22:44 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\Mozilla
2019-07-26 22:44 - 2019-07-26 22:44 - 000000000 ____D C:\ProgramData\Mozilla
2019-07-26 22:44 - 2019-07-26 22:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-26 22:43 - 2019-07-26 22:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-26 22:41 - 2019-07-26 22:41 - 000285496 _____ (Mozilla) C:\Users\LORD GECHA\Downloads\Firefox Installer.exe
2019-07-26 22:39 - 2019-07-26 22:39 - 021556792 _____ (Adobe) C:\Users\LORD GECHA\Downloads\flashplayer_32_ppapi_debug.exe
2019-07-26 22:36 - 2019-07-26 22:36 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-26 22:35 - 2019-07-27 09:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-07-26 22:34 - 2019-07-26 22:34 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-07-26 21:59 - 2019-07-26 21:59 - 000003027 _____ C:\Users\LORD GECHA\Desktop\cuadernia 3.lnk
2019-07-26 21:59 - 2019-07-26 21:59 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cuadernia 3
2019-07-26 21:58 - 2019-07-26 21:58 - 000000000 ____D C:\Program Files (x86)\Castilla-La Mancha
2019-07-26 21:37 - 2019-07-26 21:37 - 020891464 _____ (Piriform Software Ltd) C:\Users\LORD GECHA\Downloads\ccsetup560.exe
2019-07-26 20:07 - 2019-07-28 21:57 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\ZHP
2019-07-26 20:07 - 2019-07-26 20:07 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\ZHP
2019-07-26 18:06 - 2019-07-26 18:06 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2019-07-26 18:06 - 2019-07-26 18:06 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2019-07-26 18:05 - 2019-07-26 18:05 - 000000000 ____D C:\sh5ldr
2019-07-25 20:01 - 2019-07-26 21:57 - 000000000 ____D C:\Users\LORD GECHA\Desktop\CUADERNIA TOTAL

2019-07-23 21:40 - 2019-07-29 00:15 - 000000000 ____D C:\Users\LORD GECHA\Desktop\picachú
2019-07-23 19:25 - 2019-07-23 19:25 - 000057641 _____ C:\Users\LORD GECHA\Downloads\fgf.mp4
2019-07-23 18:38 - 2019-07-23 18:38 - 001639965 _____ C:\Users\LORD GECHA\Downloads\criss Windows Loader.rar
2019-07-23 18:35 - 2019-07-23 18:37 - 006054346 _____ C:\Users\LORD GECHA\Downloads\lo quieren matar por esto.mp4
2019-07-22 13:54 - 2019-07-22 13:54 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\Macromedia
2019-07-22 10:20 - 2019-07-22 10:20 - 000004584 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-22 10:20 - 2019-07-22 10:20 - 000004378 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-07-21 22:44 - 2019-07-21 22:44 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer
2019-07-21 22:44 - 2019-07-21 22:44 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-07-21 22:44 - 2019-07-21 22:44 - 000000000 ____D C:\Program Files\MSBuild
2019-07-21 22:44 - 2019-07-21 22:44 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-07-21 22:42 - 2018-08-29 17:56 - 000780376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2019-07-21 22:42 - 2018-08-29 17:56 - 000104560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-07-21 22:42 - 2018-08-29 17:56 - 000036896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2019-07-21 22:41 - 2018-09-09 17:17 - 001167960 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2019-07-21 22:41 - 2018-09-09 17:16 - 000126064 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-07-21 22:41 - 2018-09-09 17:16 - 000035440 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2019-07-21 18:59 - 2019-07-21 18:59 - 000000000 ____D C:\Users\LORD GECHA\Desktop\ggggg
2019-07-21 18:18 - 2019-07-21 18:18 - 000004254 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1563751067
2019-07-21 18:17 - 2019-07-27 09:12 - 000001548 _____ C:\Users\LORD GECHA\Desktop\Opera.lnk
2019-07-21 18:17 - 2019-07-21 18:17 - 000001480 _____ C:\Users\LORD GECHA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-07-21 18:14 - 2019-07-21 18:18 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\Opera Software
2019-07-21 18:14 - 2019-07-21 18:14 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\Opera Software
2019-07-19 17:11 - 2019-07-28 20:02 - 000000000 ____D C:\Users\LORD GECHA\Desktop\FONDOS
2019-07-18 21:47 - 2019-07-18 21:47 - 007025435 _____ C:\Users\LORD GECHA\Downloads\e.mp4
2019-07-18 21:08 - 2019-07-18 21:08 - 002934193 _____ C:\Users\LORD GECHA\Downloads\rr.mp4
2019-07-18 20:38 - 2019-07-15 12:24 - 772183368 _____ C:\Users\LORD GECHA\Downloads\Michael Jackson Buscando Neverland (2017) HD 720p Latino Dual.mkv
2019-07-18 20:38 - 2015-04-07 19:03 - 000000048 _____ C:\Users\LORD GECHA\Downloads\Leeme.txt
2019-07-18 15:24 - 2019-07-18 15:25 - 002510039 _____ C:\Users\LORD GECHA\Downloads\gge.mp4
2019-07-18 14:47 - 2019-07-18 14:49 - 004080791 _____ C:\Users\LORD GECHA\Downloads\ffk.mp4
2019-07-17 20:06 - 2019-07-16 13:37 - 1053886005 _____ C:\Users\LORD GECHA\Downloads\Hellboy.2019.mkv
2019-07-16 15:39 - 2019-07-16 15:39 - 005699955 _____ C:\Users\LORD GECHA\Downloads\dddd.mp4
2019-07-15 13:36 - 2019-07-15 13:36 - 001153396 _____ C:\Users\LORD GECHA\Downloads\ff.mp4
2019-07-14 14:59 - 2019-07-14 15:00 - 000000000 ___RD C:\Users\LORD GECHA\Desktop\Eset
2019-07-14 14:57 - 2019-07-14 14:57 - 000001250 _____ C:\Users\LORD GECHA\Desktop\Paint.lnk
2019-07-13 14:02 - 2019-07-13 14:02 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\PeerDistRepub
2019-07-12 16:36 - 2019-07-25 17:08 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-07-12 16:36 - 2019-07-12 16:45 - 000000000 ____D C:\Windows\CSC
2019-07-12 16:36 - 2019-07-12 16:36 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2019-07-12 16:36 - 2019-07-12 16:36 - 000000000 ___SD C:\Windows\system32\AppV
2019-07-12 16:36 - 2019-07-12 16:36 - 000000000 ____D C:\Windows\RemotePackages
2019-07-11 19:47 - 2019-07-11 19:47 - 000000000 ____D C:\Users\LORD GECHA\.android
2019-07-10 21:11 - 2018-10-21 22:15 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2019-07-10 21:11 - 2018-10-21 22:15 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2019-07-10 21:11 - 2018-10-21 22:15 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2019-07-10 21:11 - 2018-10-21 22:15 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2019-07-10 21:11 - 2018-10-21 22:15 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2019-07-10 21:06 - 2019-07-10 21:06 - 000000000 ____D C:\Users\LORD GECHA\Documents\HiSuite
2019-07-10 21:06 - 2018-10-21 22:15 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2019-07-10 21:06 - 2018-10-21 22:15 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2019-07-10 21:06 - 2018-10-21 22:15 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 007727336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 005436696 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 005115384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 003550384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 002469432 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 001266192 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-07-09 19:41 - 2019-07-09 19:41 - 001254400 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2019-07-09 19:41 - 2019-07-09 19:41 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000798736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2019-07-09 19:41 - 2019-07-09 19:41 - 000747568 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2019-07-09 19:41 - 2019-07-09 19:41 - 000743216 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2019-07-09 19:41 - 2019-07-09 19:41 - 000687896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2019-07-09 19:41 - 2019-07-09 19:41 - 000673520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2019-07-09 19:41 - 2019-07-09 19:41 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000317456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2019-07-09 19:41 - 2019-07-09 19:41 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2019-07-09 19:41 - 2019-07-09 19:41 - 000092592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2019-07-09 19:40 - 2019-07-09 19:40 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 023454208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 019012096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 012938752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 012243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 008900608 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 007921664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 007876096 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 005587976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 004880896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 003738624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 002714624 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 002393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 002278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-07-09 19:40 - 2019-07-09 19:40 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-07-09 19:40 - 2019-07-09 19:40 - 002013696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001465464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001159168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 001132032 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000964608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000833536 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000828728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000804744 _____ (Microsoft Corporation) C:\Windows\system32\BioIso.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000660032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000463872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\CXHProvisioningServer.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000290304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-07-09 19:40 - 2019-07-09 19:40 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-07-09 19:40 - 2019-07-09 19:40 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\CompMgmtLauncher.exe
2019-07-09 19:40 - 2019-07-09 19:40 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-07-09 19:40 - 2019-07-09 19:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\spaceman.exe
2019-07-09 19:39 - 2019-07-09 19:39 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 006545304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 006308232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 003818416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-07-09 19:39 - 2019-07-09 19:39 - 003427328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 002778760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 002693120 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001863168 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001668752 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001477648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001427592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001257472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001162320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001125416 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 001075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000956416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000807480 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-07-09 19:39 - 2019-07-09 19:39 - 000791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000652528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000617784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000425984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-07-09 19:39 - 2019-07-09 19:39 - 000414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-07-09 19:39 - 2019-07-09 19:39 - 000333128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000279920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000219448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000188416 _____ (Microsoft Corporation) C:\Windows\system32\DMPushRouterCore.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000175104 _____ (Microsoft Corporation) C:\Windows\system32\NcaSvc.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Radios.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000137864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-07-09 19:39 - 2019-07-09 19:39 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-07-09 19:38 - 2019-07-09 19:39 - 000771584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 022115472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 009683472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 007645600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 006925312 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 005528064 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 005297664 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 004588752 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 004303872 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 004056576 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 003636224 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 003630592 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Service.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 003081728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 002982400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 002871816 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 002701000 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 002626872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 002421760 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 002073472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 002050048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001966904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001837136 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001794048 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001721352 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001702088 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-09 19:38 - 2019-07-09 19:38 - 001622016 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001605632 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001516544 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 001472808 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 001466368 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001345168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-09 19:38 - 2019-07-09 19:38 - 001316352 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001259520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 001160704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001145856 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001054928 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 001052672 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001038336 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 001010688 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000998928 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000833024 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000810504 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000740664 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000730936 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000637968 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000616960 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000553992 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\QuietHours.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000514136 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000513536 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000464912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000439096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000436024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000431416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000397688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000351432 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000347136 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000324624 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\sppcommdlg.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\TDLMigration.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\CapabilityAccessManager.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000278528 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000220672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Radios.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-09 19:38 - 2019-07-09 19:38 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000164368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000157024 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000149232 _____ (Microsoft Corporation) C:\Windows\system32\LicensingUI.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000121896 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000115120 _____ (Microsoft Corporation) C:\Windows\system32\phoneactivate.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2019-07-09 19:38 - 2019-07-09 19:38 - 000071696 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-07-09 19:38 - 2019-07-09 19:38 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\UpgradeResultsUI.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 007687784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 005561312 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 004351448 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 003385856 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 003335216 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002766136 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002633216 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002593336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002406928 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002200080 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001929728 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001893376 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001715000 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001713976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001674752 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001662480 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001522488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001397048 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001321784 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001308672 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001199616 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 001007616 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000987736 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000895552 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000865272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000850992 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-09 19:37 - 2019-07-09 19:37 - 000799776 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000770096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000758896 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000756224 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000731104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-07-09 19:37 - 2019-07-09 19:37 - 000680176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000651792 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000580024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-07-09 19:37 - 2019-07-09 19:37 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000521728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000511504 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000506408 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000482104 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000470528 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000425472 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000423480 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000415752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000305664 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000294000 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000281600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000263680 _____ (Microsoft Corporation) C:\Windows\system32\WiFiCloudStore.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000241944 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2019-07-09 19:37 - 2019-07-09 19:37 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000203272 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000197832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2019-07-09 19:37 - 2019-07-09 19:37 - 000192824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000163840 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000141216 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000132608 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000117720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2019-07-09 19:37 - 2019-07-09 19:37 - 000036360 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-07-09 19:37 - 2019-07-09 19:37 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-07-09 19:36 - 2019-07-09 19:36 - 002706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 002645504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 001676288 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-07-09 19:36 - 2019-07-09 19:36 - 001225216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 001052984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-07-09 19:36 - 2019-07-09 19:36 - 001043968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2019-07-09 19:36 - 2019-07-09 19:36 - 000871784 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000768224 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000652296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000467984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2019-07-09 19:36 - 2019-07-09 19:36 - 000310288 _____ (Microsoft Corporation) C:\Windows\system32\computestorage.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000298296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 000292152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 000274432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 000198456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-07-09 19:36 - 2019-07-09 19:36 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-07-09 19:36 - 2019-07-09 19:36 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-07-09 19:36 - 2019-07-09 19:36 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-08 21:22 - 2019-07-08 21:22 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\Ubisoft
2019-07-08 21:22 - 2019-07-08 21:22 - 000000000 ____D C:\ProgramData\Ubisoft
2019-07-08 21:20 - 2019-07-08 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splinter Cell Chaos Theory
2019-07-03 23:34 - 2019-07-21 23:20 - 000001339 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-03 23:34 - 2019-07-03 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-03 23:34 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-07-03 23:34 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-03 14:32 - 2019-07-04 00:31 - 000001537 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2019-07-03 14:32 - 2019-07-03 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2019-07-03 14:12 - 2019-07-03 14:04 - 000592616 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-28 23:51 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-28 23:42 - 2019-05-28 19:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-07-28 22:35 - 2019-05-29 01:22 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\vlc
2019-07-28 22:10 - 2019-06-04 22:50 - 000071680 ____H C:\Users\LORD GECHA\Desktop\photothumb.db
2019-07-28 21:19 - 2019-05-28 20:06 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\CrashDumps
2019-07-28 21:19 - 2018-09-15 02:31 - 000000000 ____D C:\Windows\INF
2019-07-28 21:11 - 2019-05-28 17:43 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-07-28 20:03 - 2019-06-08 20:52 - 000000000 ____D C:\Users\LORD GECHA\Desktop\Chernobyl
2019-07-28 19:59 - 2019-06-11 23:06 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\SUPERAntiSpyware.com
2019-07-28 19:57 - 2019-06-11 23:05 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-07-28 15:38 - 2019-06-21 18:02 - 000000000 ____D C:\Users\LORD GECHA\Desktop\Nueva carpeta
2019-07-28 15:28 - 2019-06-11 23:02 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\Adobe
2019-07-28 15:28 - 2019-06-11 23:02 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\Adobe
2019-07-28 15:28 - 2019-05-28 18:00 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\Packages
2019-07-28 01:37 - 2019-05-28 20:08 - 000004210 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-27 16:31 - 2019-05-28 17:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-27 11:30 - 2018-09-15 01:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-07-27 10:57 - 2019-05-28 17:59 - 000000000 ____D C:\Users\LORD GECHA
2019-07-27 10:53 - 2019-05-29 01:00 - 000000000 ___RD C:\Users\LORD GECHA\Desktop\Adw
2019-07-27 10:50 - 2019-05-29 11:15 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\PhotoScape
2019-07-27 09:08 - 2019-06-11 23:02 - 000000000 ____D C:\ProgramData\Adobe
2019-07-26 22:50 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\NDF
2019-07-26 22:43 - 2019-05-28 20:08 - 000001174 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-26 21:44 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-26 21:44 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\AppReadiness
2019-07-26 21:27 - 2018-09-15 01:09 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-07-26 19:59 - 2019-05-28 22:00 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\ElevatedDiagnostics
2019-07-26 19:21 - 2019-05-28 20:08 - 000000000 ____D C:\Program Files\CCleaner
2019-07-26 09:14 - 2019-05-29 00:37 - 000000000 ___RD C:\Users\LORD GECHA\Desktop\game
2019-07-25 17:08 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-07-25 01:43 - 2018-05-01 10:10 - 000000000 ____D C:\Users\LORD GECHA\Desktop\revuelta
2019-07-23 21:46 - 2019-06-03 20:45 - 000000000 ____D C:\Users\LORD GECHA\Desktop\Fwd-S05E01
2019-07-22 14:50 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-22 11:02 - 2019-05-28 17:43 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-07-22 11:02 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-07-22 10:20 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-21 23:18 - 2019-05-28 18:00 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\VirtualStore
2019-07-21 22:51 - 2018-09-15 02:23 - 000000000 ____D C:\Windows\CbsTemp
2019-07-21 22:45 - 2018-09-15 11:36 - 000788554 _____ C:\Windows\system32\perfh00A.dat
2019-07-21 22:45 - 2018-09-15 11:36 - 000155844 _____ C:\Windows\system32\perfc00A.dat
2019-07-21 22:44 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\MUI
2019-07-21 22:44 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\MUI
2019-07-21 21:47 - 2019-05-28 20:31 - 000000000 ____D C:\ProgramData\ProductData
2019-07-20 11:56 - 2019-05-29 11:15 - 000220160 ____H C:\Users\LORD GECHA\Downloads\photothumb.db
2019-07-18 18:18 - 2019-06-18 20:35 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\DAEMON Tools Lite
2019-07-18 18:10 - 2019-05-28 20:30 - 000000000 ____D C:\ProgramData\IObit
2019-07-18 18:09 - 2019-05-28 20:30 - 000000000 ____D C:\Users\LORD GECHA\AppData\Roaming\IObit
2019-07-16 18:45 - 2019-05-28 18:39 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 01:51 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-15 11:20 - 2019-05-28 18:04 - 000000000 ____D C:\Users\LORD GECHA\AppData\Local\PlaceholderTileLogoFolder
2019-07-13 20:02 - 2019-05-28 20:55 - 000000000 ____D C:\Program Files (x86)\Intel
2019-07-13 20:02 - 2019-05-28 18:04 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-12 16:36 - 2018-09-15 11:36 - 000000000 ____D C:\Windows\system32\es
2019-07-12 16:36 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SystemApps
2019-07-12 16:36 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\security
2019-07-12 16:36 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\schemas
2019-07-12 16:35 - 2018-09-15 02:39 - 000312832 _____ (Microsoft Corporation) C:\Windows\system32\SrpUxNativeSnapIn.dll
2019-07-12 16:35 - 2018-09-15 02:39 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2019-07-12 16:35 - 2018-09-15 02:39 - 000109056 _____ C:\Windows\system32\RDVGHelper.exe
2019-07-12 16:35 - 2018-09-15 02:38 - 000147439 _____ C:\Windows\system32\gpedit.msc
2019-07-12 16:35 - 2018-09-15 02:38 - 000043566 _____ C:\Windows\system32\rsop.msc
2019-07-12 16:35 - 2018-09-15 02:37 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\AuditNativeSnapIn.dll
2019-07-12 16:35 - 2018-09-15 02:37 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\auditpolmsg.dll
2019-07-12 16:35 - 2018-09-15 02:37 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\AuditPolicyGPInterop.dll
2019-07-12 16:35 - 2015-12-16 20:07 - 000023552 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2019-07-12 16:34 - 2018-09-15 02:41 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SrpUxNativeSnapIn.dll
2019-07-12 16:34 - 2018-09-15 02:41 - 000294912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppIdPolicyEngineApi.dll
2019-07-12 16:34 - 2018-09-15 02:40 - 000429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2019-07-12 16:34 - 2018-09-15 02:40 - 000219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditNativeSnapIn.dll
2019-07-12 16:34 - 2018-09-15 02:40 - 000147439 _____ C:\Windows\SysWOW64\gpedit.msc
2019-07-12 16:34 - 2018-09-15 02:40 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpolmsg.dll
2019-07-12 16:34 - 2018-09-15 02:40 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuditPolicyGPInterop.dll
2019-07-12 16:34 - 2018-09-15 02:40 - 000043566 _____ C:\Windows\SysWOW64\rsop.msc
2019-07-12 16:34 - 2018-09-15 02:39 - 000404480 _____ (Microsoft Corporation) C:\Windows\system32\AppIdPolicyEngineApi.dll
2019-07-12 16:34 - 2018-09-15 02:39 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smbdirect.sys
2019-07-12 16:34 - 2018-09-15 02:39 - 000140304 _____ (Microsoft Corporation) C:\Windows\system32\hvsigpext.dll
2019-07-12 16:34 - 2018-09-15 02:39 - 000120458 _____ C:\Windows\system32\secpol.msc
2019-07-12 16:34 - 2018-09-15 02:39 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2019-07-12 16:34 - 2018-09-15 02:39 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\baaupdate.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\srmlib.dll
2019-07-12 16:34 - 2018-09-15 02:39 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2019-07-12 16:34 - 2018-09-15 02:39 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\lstelemetry.dll
2019-07-12 16:34 - 2018-09-15 02:39 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2019-07-12 16:34 - 2018-09-15 02:39 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2019-07-12 16:34 - 2018-09-15 02:38 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\srmclient.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\pwcreator.exe
2019-07-12 16:34 - 2018-09-15 02:38 - 000808960 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\srmscan.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000544256 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000534528 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\ddputils.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000280064 _____ (Microsoft Corporation) C:\Windows\system32\srm.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\srmstormod.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2019-07-12 16:34 - 2018-09-15 02:38 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\srmshell.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.SecureAssessment.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\ddptrace.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\adrclient.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\srmtrace.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\PackageInspector.exe
2019-07-12 16:34 - 2018-09-15 02:38 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\PrintBrmUi.exe
2019-07-12 16:34 - 2018-09-15 02:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\ddp_ps.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\srm_ps.dll
2019-07-12 16:34 - 2018-09-15 02:38 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2019-07-12 16:34 - 2018-09-15 02:37 - 001180672 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe
2019-07-12 16:34 - 2018-09-15 02:37 - 000482816 _____ C:\Windows\system32\AssignedAccessCsp.dll
2019-07-12 16:34 - 2018-09-15 02:37 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\appvetwsharedperformance.dll
2019-07-12 16:34 - 2018-09-15 02:37 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\AppvClientEventLog.dll
2019-07-12 16:34 - 2018-09-15 02:37 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll
2019-07-12 16:34 - 2018-09-15 02:37 - 000041272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UevAgentDriver.sys
2019-07-12 16:34 - 2018-09-15 02:37 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AgentDriverEvents.dll
2019-07-12 16:34 - 2018-09-15 02:37 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\BdeSysprep.dll
2019-07-12 16:33 - 2018-09-15 02:41 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmlib.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000684544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgmts.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2019-07-12 16:33 - 2018-09-15 02:40 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CIWmi.dll
2019-07-12 16:33 - 2018-09-15 02:40 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NcaApi.dll
2019-07-12 16:33 - 2018-09-15 02:39 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2019-07-12 16:33 - 2018-09-15 02:39 - 000163328 _____ (Microsoft Corporation) C:\Windows\system32\fveprompt.exe
2019-07-12 16:33 - 2018-09-15 02:39 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2019-07-12 16:33 - 2018-09-15 02:39 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2019-07-12 16:33 - 2018-09-15 02:39 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2019-07-12 16:33 - 2018-09-15 02:38 - 000811008 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2019-07-12 16:33 - 2018-09-15 02:38 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\appmgmts.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000162304 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000161280 ____R (Microsoft Corporation) C:\Windows\system32\SecureAssessmentHandlers.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000148000 _____ (Microsoft Corporation) C:\Windows\system32\iotstartup.exe
2019-07-12 16:33 - 2018-09-15 02:38 - 000146389 _____ C:\Windows\system32\printmanagement.msc
2019-07-12 16:33 - 2018-09-15 02:38 - 000145424 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000141328 _____ (Microsoft Corporation) C:\Windows\system32\hvsievaluator.exe
2019-07-12 16:33 - 2018-09-15 02:38 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\dggpext.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000078648 _____ (Microsoft Corporation) C:\Windows\system32\windowsdefenderapplicationguardcsp.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2019-07-12 16:33 - 2018-09-15 02:38 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2019-07-12 16:33 - 2018-09-15 02:37 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\AppManagementConfiguration.dll
2019-07-12 16:33 - 2018-09-15 02:37 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tsusbhub.sys
2019-07-12 16:33 - 2018-09-15 02:37 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\RemoteAppLifetimeManager.exe
2019-07-12 16:33 - 2018-09-15 02:37 - 000091648 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppVMgmtCSP.dll
2019-07-12 16:33 - 2018-09-15 02:37 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessShellProxy.dll
2019-07-12 16:33 - 2018-09-15 02:37 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\CIWmi.dll
2019-07-12 16:33 - 2018-09-15 02:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\RemoteAppLifetimeManagerProxyStub.dll
2019-07-12 16:33 - 2018-09-15 02:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessproviderevents.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000960000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmclient.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000477696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmscan.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmstormod.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmshell.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adrclient.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srmtrace.dll
2019-07-12 16:32 - 2018-09-15 02:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srm_ps.dll
2019-07-12 16:32 - 2018-09-15 02:40 - 000129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppManagementConfiguration.dll
2019-07-12 16:32 - 2018-09-15 02:39 - 000347648 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_AssignedAccess.dll
2019-07-12 16:32 - 2018-09-15 02:38 - 000030720 _____ C:\Windows\system32\uwfservicingapi.dll
2019-07-10 12:50 - 2019-05-28 18:02 - 001684240 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-10 12:48 - 2019-05-28 18:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 12:48 - 2019-05-28 18:00 - 000000000 ___RD C:\Users\LORD GECHA\3D Objects
2019-07-10 12:45 - 2019-05-28 17:43 - 000447712 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-10 01:19 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-07-10 01:19 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-10 01:18 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\oobe
2019-07-10 01:18 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-10 01:18 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-07-10 01:18 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\ShellComponents
2019-07-10 01:18 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\Provisioning
2019-07-10 01:18 - 2018-09-15 02:33 - 000000000 ____D C:\Windows\bcastdvr
2019-07-10 01:18 - 2018-09-15 01:09 - 000000000 ____D C:\Windows\system32\Dism
2019-07-09 19:59 - 2019-05-29 01:17 - 000000000 ____D C:\Windows\system32\MRT
2019-07-09 19:51 - 2019-05-29 01:17 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-09 19:30 - 2018-09-15 02:40 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2019-07-09 19:30 - 2018-09-15 02:37 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll
2019-07-03 23:34 - 2018-09-15 02:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-07-03 14:49 - 2019-05-28 19:24 - 000000000 ____D C:\Program Files\Common Files\AV

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Hola @Lord_Gecha

No te preocupes por esa línea el foro es quisquilloso con algunas palabritas😊

Como es muuuy tarde por aquí mañana te dejo el script.

Salu2