Ventanas negras al inicio de Win, taskhost.exe

#1

Hola, al arranque de windows se abren ventanas con fondo negro y se cierran al segundo, son varias y despues de algunos minutos dejan de molestar, el ejecutable es taskhost.exe ubicado en C:windows/sistem32/taskhost.exe, busqué que era ese ejecutable y leí que es un proceso de windows, ni el adwcleaner ni el malwarebytes detectan nada, gracias por su ayuda.

#2

Hola @Marcelo_Bianchi

Las ventanas que mencionas parecen ser las de CMD.

Veamos que hay por allí, realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

3.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

#3

Hola Sandra, gracias por estar de nuevo ayudandome, no se que pasa aca, cosas raras, aqui van los reportes, por partes pq no me deja enviar todo por exceso de caracteres:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-05-2019
Ran by MARCELO (administrator) on MARCELO-PC (BIOSTAR Group N61PA-M2S) (02-05-2019 23:53:21)
Running from C:\Users\MARCELO\!!NO BORRAR\Downloads
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [170128 2019-04-10] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44024 2019-04-22] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)
BootExecute: autocheck autochk *  

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1980B2DD-05C6-468C-9589-5AC0E51D9206} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {20C23B6C-DA67-4BFB-8626-CC457B71A906} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1166572213-2147164125-1135358989-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-07] (Mega Limited -> Mega Limited)
Task: {2864F254-81D2-48B8-9984-E8555938FF88} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {297B8544-9FFC-4808-A0C9-116CFC742DCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60FE3F3F-D99E-4BA1-82CB-0FCF80A06FA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E59EDCE-2C78-4102-9786-8D9A9C8F786A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1051864 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E3C529E-403E-4BF3-82F3-3242083FE97D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {862C2F3E-3020-4449-9F0F-D4DEA53F8088} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {8B820CB7-3119-47BC-B22A-D7A00DE7C686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {90E5A160-0087-406A-8AB6-01F833F08DA9} - System32\Tasks\AutoRearm => C:\Windows\AutoRearm\AutoRearm.exe [5745664 2018-12-13] () [File not signed]
Task: {93672AFD-C44D-440E-8CC1-53B241CD3CA1} - System32\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {A58089FB-2FE8-4D7B-A329-63C1B58AD62D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF4ABBE4-36F6-4D05-8094-8E983DCD8E06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {CC386EE7-D53E-4C15-B827-ED0249B455A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F14C3C7E-52A7-418C-820A-EA529844A69C} - System32\Tasks\{BDB4B602-8DB0-43B2-A30E-14D8EEF89860} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {F1E91C11-F338-4BE9-BE34-190050217A0E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE:/EXE:{BED6025A-3492-412D-BE5A-4F9E441E93BF} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07796CC6-62EF-48F8-8467-28748D7CB128}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3088D10-33EA-4247-B2DA-61AC05100460}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: yjls2k4o.default-1556079140054
FF ProfilePath: C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\yjls2k4o.default-1556079140054 [2019-05-02]
FF Extension: (Malwarebytes Browser Extension) - C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\yjls2k4o.default-1556079140054\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2019-04-25]
FF HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\MARCELO\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1166572213-2147164125-1135358989-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\MARCELO\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.ar/
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default [2019-05-01]
CHR Extension: (Kaspersky Protection) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-05-01]
CHR Extension: (Documentos) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-13]
CHR Extension: (Google Drive) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-13]
CHR Extension: (YouTube) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-13]
CHR Extension: (Ace Script) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-04-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-13]
CHR Extension: (Gmail) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-28]
CHR HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1162616 2018-11-30] (Autodesk, Inc. -> Autodesk Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [1887640 2019-04-10] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [1887640 2019-04-10] (ESET, spol. s r.o. -> ESET)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [591800 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [223560 2016-04-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2019-02-25] (Flexera Software LLC -> Flexera Software LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
#4
===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [125056 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [147288 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [94856 2019-03-07] (ESET, spol. s r.o. -> ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2019-04-17] (Glarysoft LTD -> Glarysoft Ltd)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-05-02] (Malwarebytes Corporation -> Malwarebytes)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 23:53 - 2019-05-02 23:53 - 000000000 ____D C:\FRST
2019-05-02 21:38 - 2019-05-02 21:38 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-29 22:12 - 2019-05-01 23:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-04-29 22:12 - 2019-04-29 22:13 - 000000000 ____D C:\Program Files\Kaspersky Lab
2019-04-29 21:59 - 2019-04-29 21:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-04-29 21:44 - 2019-04-29 21:44 - 000000000 ___HD C:\Windows\PIF
2019-04-27 20:50 - 2019-04-27 20:50 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-04-27 20:50 - 2019-04-27 20:50 - 000000000 ____D C:\Windows\system32\appraiser
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2019-04-27 18:18 - 2011-03-11 02:39 - 000143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2019-04-27 18:18 - 2011-03-11 02:39 - 000117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2019-04-27 18:18 - 2011-03-11 02:38 - 000332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2019-04-27 18:18 - 2011-03-11 02:38 - 000080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2019-04-27 18:18 - 2011-03-11 02:38 - 000022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2019-04-27 18:18 - 2011-03-11 02:33 - 001699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-04-27 18:18 - 2011-03-11 02:31 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-04-27 18:14 - 2019-03-28 00:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-27 18:14 - 2019-03-26 02:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-27 18:14 - 2019-03-26 02:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-27 18:14 - 2019-03-26 02:01 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-27 18:14 - 2019-03-26 01:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-27 18:14 - 2019-03-26 01:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-27 18:14 - 2019-03-26 01:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-27 18:14 - 2019-03-26 01:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-27 18:14 - 2019-03-26 01:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-27 18:14 - 2019-03-26 01:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-27 18:14 - 2019-03-26 01:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-27 18:14 - 2019-03-26 01:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-27 18:14 - 2019-03-26 01:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-27 18:14 - 2019-03-26 01:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-27 18:14 - 2019-03-26 01:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-27 18:14 - 2019-03-26 01:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-27 18:14 - 2019-03-26 01:43 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-27 18:14 - 2019-03-26 01:39 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-27 18:14 - 2019-03-26 01:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-27 18:14 - 2019-03-26 01:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-27 18:14 - 2019-03-26 01:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-27 18:14 - 2019-03-26 01:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-27 18:14 - 2019-03-26 01:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-27 18:14 - 2019-03-26 01:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-27 18:14 - 2019-03-26 01:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-27 18:14 - 2019-03-26 01:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-27 18:14 - 2019-03-26 01:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-27 18:14 - 2019-03-26 01:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-27 18:14 - 2019-03-26 01:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-27 18:14 - 2019-03-26 01:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-27 18:14 - 2019-03-26 01:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-27 18:14 - 2019-03-26 01:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-27 18:14 - 2019-03-26 01:21 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-27 18:14 - 2019-03-26 01:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-27 18:14 - 2019-03-26 01:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-27 18:14 - 2019-03-26 01:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-27 18:13 - 2019-04-01 22:55 - 002406400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-27 18:13 - 2019-03-28 22:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-27 18:13 - 2019-03-20 23:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-27 18:13 - 2019-03-20 23:03 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-04-27 18:13 - 2019-03-20 23:03 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-27 18:13 - 2019-03-20 23:03 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-27 18:13 - 2019-03-20 23:03 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-04-27 18:13 - 2019-03-20 23:03 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-27 18:13 - 2019-03-20 23:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-04-27 18:13 - 2019-03-20 23:02 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:40 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-27 18:13 - 2019-03-20 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-27 18:13 - 2019-03-20 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-27 18:13 - 2019-03-20 22:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-27 18:13 - 2019-03-20 22:40 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-27 18:13 - 2019-03-20 22:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-27 18:13 - 2019-03-20 22:38 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-27 18:13 - 2019-03-20 22:38 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-27 18:13 - 2019-03-20 22:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-27 18:13 - 2019-03-20 22:35 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-27 18:13 - 2019-03-20 22:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-27 18:13 - 2019-03-16 01:01 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-27 18:13 - 2019-03-16 00:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-27 18:13 - 2019-03-16 00:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-27 18:13 - 2019-03-16 00:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-27 18:13 - 2019-03-13 12:02 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-27 18:13 - 2019-03-13 11:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2019-04-27 18:13 - 2019-03-13 11:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-27 18:13 - 2019-03-11 18:19 - 000920576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-27 18:13 - 2019-03-11 18:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-27 18:13 - 2019-03-11 18:19 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-04-27 18:13 - 2019-03-05 22:04 - 000918408 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000066000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000021968 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000018880 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000017360 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000015824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000015296 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000013768 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000013264 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000012264 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-04-27 18:13 - 2019-03-04 23:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-04-27 18:13 - 2019-03-04 23:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-04-27 18:13 - 2019-03-04 23:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-04-27 18:13 - 2019-02-21 12:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-27 18:13 - 2019-02-21 12:36 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-27 18:13 - 2019-02-16 02:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-04-27 18:13 - 2019-02-16 02:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-04-27 18:13 - 2019-02-16 01:10 - 000419608 _____ C:\Windows\system32\locale.nls
2019-04-27 18:13 - 2019-02-15 12:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-04-27 18:13 - 2019-02-15 12:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-04-27 18:13 - 2019-02-15 12:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-04-27 18:13 - 2019-02-15 12:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-04-27 18:13 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-04-27 18:13 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-04-27 18:13 - 2019-02-12 12:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-27 18:13 - 2019-02-12 12:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-27 18:13 - 2019-02-10 13:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-04-27 18:13 - 2019-02-08 13:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-27 18:13 - 2019-02-08 12:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-04-27 18:13 - 2019-02-07 12:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-04-27 18:13 - 2019-02-07 12:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-04-27 18:13 - 2019-02-07 12:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-04-27 18:13 - 2019-02-07 12:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-04-27 18:13 - 2019-02-03 12:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-04-27 18:13 - 2019-01-04 13:00 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-04-27 18:13 - 2019-01-04 12:56 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-04-27 18:13 - 2019-01-04 11:04 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-04-27 18:13 - 2018-12-07 23:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-04-27 18:13 - 2018-12-07 23:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-04-27 18:13 - 2018-12-07 23:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-04-27 18:13 - 2018-12-07 23:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-04-27 18:13 - 2018-12-07 23:41 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-04-27 18:13 - 2018-12-07 23:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-04-27 18:13 - 2018-12-07 23:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-04-27 18:13 - 2018-12-07 23:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-04-27 18:13 - 2018-12-07 23:41 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-04-27 18:13 - 2018-12-04 12:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-04-27 18:13 - 2018-12-04 12:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-04-27 18:13 - 2018-11-11 13:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-04-27 18:13 - 2018-10-27 00:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2019-04-27 18:13 - 2018-10-27 00:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2019-04-27 18:13 - 2018-10-27 00:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2019-04-27 18:13 - 2018-10-27 00:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2019-04-27 18:13 - 2018-10-27 00:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2019-04-27 18:13 - 2018-10-27 00:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2019-04-27 18:13 - 2018-10-27 00:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2019-04-27 18:13 - 2018-10-06 12:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-04-27 18:13 - 2018-10-06 12:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-04-27 18:13 - 2018-10-06 12:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-04-27 18:13 - 2018-10-06 12:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-04-27 18:13 - 2018-10-06 12:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-04-27 18:13 - 2018-10-06 12:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-04-27 18:13 - 2018-10-06 10:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-04-27 18:13 - 2018-09-22 23:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-04-27 18:13 - 2018-09-22 23:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-04-27 18:13 - 2018-09-22 23:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-04-27 18:13 - 2018-09-22 23:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2019-04-27 18:13 - 2018-09-08 21:46 - 000730824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-04-27 18:13 - 2018-09-08 21:46 - 000219336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-04-27 18:13 - 2018-09-08 21:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2019-04-27 18:13 - 2018-09-08 21:42 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-04-27 18:13 - 2018-08-29 22:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2019-04-27 18:13 - 2018-08-28 02:41 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-04-27 18:13 - 2018-08-15 23:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2019-04-27 18:13 - 2018-08-13 18:48 - 000940784 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-04-27 18:13 - 2018-08-12 17:18 - 000240808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-04-27 18:13 - 2018-08-12 17:17 - 001311400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-04-27 18:13 - 2018-08-12 17:17 - 000187560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-04-27 18:13 - 2018-08-12 17:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2019-04-27 18:13 - 2018-08-10 12:41 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-04-27 18:13 - 2018-08-10 12:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-04-27 18:13 - 2018-08-10 12:40 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2019-04-27 18:13 - 2018-08-10 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2019-04-27 18:13 - 2018-08-10 12:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2019-04-27 18:13 - 2018-08-03 12:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2019-04-27 18:13 - 2018-07-29 12:40 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-04-27 18:13 - 2018-07-18 12:14 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-04-27 18:13 - 2018-07-06 12:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-04-27 18:13 - 2018-06-29 12:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2019-04-27 18:13 - 2018-06-29 12:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2019-04-27 18:13 - 2018-06-29 12:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2019-04-27 18:13 - 2018-06-29 12:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2019-04-27 18:13 - 2018-06-29 12:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2019-04-27 18:13 - 2018-06-27 12:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-04-27 18:13 - 2018-06-08 12:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2019-04-27 18:13 - 2018-06-08 12:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-04-27 18:13 - 2018-06-08 12:54 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-04-27 18:13 - 2018-06-08 12:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2019-04-27 18:13 - 2018-05-15 00:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2019-04-27 18:13 - 2018-05-10 21:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-04-27 18:13 - 2018-05-10 21:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2019-04-27 18:13 - 2018-05-02 12:30 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2019-04-27 18:13 - 2018-05-02 12:29 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2019-04-27 18:13 - 2018-04-25 12:54 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-04-27 18:13 - 2018-04-25 12:17 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2019-04-27 18:13 - 2018-04-18 12:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2019-04-27 18:13 - 2018-04-18 12:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2019-04-27 18:13 - 2018-04-18 12:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\hh.exe
2019-04-27 18:13 - 2018-04-10 13:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2019-04-27 18:13 - 2018-04-10 13:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2019-04-27 18:13 - 2018-04-07 13:42 - 000250560 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-04-27 18:13 - 2018-03-14 14:16 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-04-27 18:13 - 2018-03-14 14:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-04-27 18:13 - 2018-03-14 14:10 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-04-27 18:13 - 2018-03-14 13:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-04-27 18:13 - 2018-03-14 13:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-04-27 18:13 - 2018-03-06 15:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2019-04-27 18:13 - 2018-03-06 15:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2019-04-27 18:13 - 2018-03-06 15:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2019-04-27 18:13 - 2018-02-22 00:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2019-04-27 18:13 - 2018-02-10 15:49 - 000154304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000104640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000057024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000053440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000051904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000046272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000032448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000027840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000021696 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-04-27 18:13 - 2018-02-10 15:49 - 000013504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000011840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-04-27 18:13 - 2018-02-10 15:48 - 000274624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2019-04-27 18:13 - 2018-02-10 15:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS
2019-04-27 18:13 - 2018-02-10 15:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-04-27 18:13 - 2018-02-10 15:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2019-04-27 18:13 - 2018-02-10 15:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2019-04-27 18:13 - 2018-02-10 15:23 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2019-04-27 18:13 - 2018-02-10 14:36 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2019-04-27 18:13 - 2018-02-10 14:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2019-04-27 18:13 - 2018-02-10 14:36 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
#5
4:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2019-04-27 18:13 - 2018-02-10 14:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2019-04-27 18:13 - 2018-01-12 13:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2019-04-27 18:13 - 2018-01-12 13:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2019-04-27 18:13 - 2017-12-31 23:00 - 001155584 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2019-04-27 18:13 - 2017-12-31 22:54 - 000201960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-04-27 18:13 - 2017-12-31 22:54 - 000173288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2019-04-27 18:13 - 2017-12-31 22:50 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-04-27 18:13 - 2017-12-31 22:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2019-04-27 18:13 - 2017-12-31 22:43 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2019-04-27 18:13 - 2017-12-31 22:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2019-04-27 18:13 - 2017-12-31 22:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2019-04-27 18:13 - 2017-12-31 22:38 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2019-04-27 18:13 - 2017-12-31 22:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2019-04-27 18:13 - 2017-12-31 22:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2019-04-27 18:13 - 2017-12-31 22:35 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-04-27 18:13 - 2017-12-05 14:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-04-27 18:13 - 2017-12-05 14:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-04-27 18:13 - 2017-12-05 14:08 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2019-04-27 18:13 - 2017-12-05 12:54 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2019-04-27 18:13 - 2017-12-05 12:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-04-27 18:13 - 2017-11-02 12:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2019-04-27 18:13 - 2017-11-02 12:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2019-04-27 18:13 - 2017-11-02 12:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2019-04-27 18:13 - 2017-11-02 11:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2019-04-27 18:13 - 2017-10-16 19:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2019-04-27 18:13 - 2017-10-11 21:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2019-04-27 18:13 - 2017-10-11 21:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-04-27 18:13 - 2017-09-13 12:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-04-27 18:13 - 2017-09-13 11:53 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-04-27 18:13 - 2017-09-08 11:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2019-04-27 18:13 - 2017-09-08 11:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2019-04-27 18:13 - 2017-08-19 12:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2019-04-27 18:13 - 2017-08-16 12:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2019-04-27 18:13 - 2017-08-13 18:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2019-04-27 18:13 - 2017-08-13 18:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2019-04-27 18:13 - 2017-08-11 03:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2019-04-27 18:13 - 2017-08-11 03:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2019-04-27 18:13 - 2017-08-11 03:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2019-04-27 18:13 - 2017-08-11 03:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2019-04-27 18:13 - 2017-08-11 03:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2019-04-27 18:13 - 2017-08-11 02:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2019-04-27 18:13 - 2017-07-29 11:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2019-04-27 18:13 - 2017-07-21 11:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2019-04-27 18:13 - 2017-07-21 11:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2019-04-27 18:13 - 2017-07-21 11:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2019-04-27 18:13 - 2017-07-21 11:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2019-04-27 18:13 - 2017-07-07 12:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2019-04-27 18:13 - 2017-07-07 12:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2019-04-27 18:13 - 2017-06-12 19:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2019-04-27 18:13 - 2017-06-12 19:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2019-04-27 18:13 - 2017-06-12 19:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2019-04-27 18:13 - 2017-06-12 19:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2019-04-27 18:13 - 2017-06-12 19:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2019-04-27 18:13 - 2017-06-12 19:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2019-04-27 18:13 - 2017-06-12 19:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2019-04-27 18:13 - 2017-06-02 04:57 - 000497152 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2019-04-27 18:13 - 2017-05-12 13:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-04-27 18:13 - 2017-05-12 13:25 - 000909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-04-27 18:13 - 2017-05-10 12:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2019-04-27 18:13 - 2017-04-04 11:52 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2019-04-27 18:13 - 2017-03-30 11:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2019-04-27 18:13 - 2017-03-10 13:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2019-04-27 18:13 - 2017-03-10 13:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2019-04-27 18:13 - 2017-03-10 12:52 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2019-04-27 18:13 - 2017-03-07 13:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2019-04-27 18:13 - 2017-03-03 22:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2019-04-27 18:13 - 2017-02-09 13:14 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-04-27 18:13 - 2017-02-09 13:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2019-04-27 18:13 - 2016-11-10 13:19 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-04-27 18:13 - 2016-10-11 12:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2019-04-27 18:13 - 2016-10-11 12:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2019-04-27 18:13 - 2016-10-11 12:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2019-04-27 18:13 - 2016-10-11 12:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2019-04-27 18:13 - 2016-10-11 11:51 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-04-27 18:13 - 2016-10-11 10:33 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2019-04-27 18:13 - 2016-10-07 12:12 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2019-04-27 18:13 - 2016-09-12 17:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2019-04-27 18:13 - 2016-09-08 17:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2019-04-27 18:13 - 2016-09-08 17:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2019-04-27 18:13 - 2016-09-08 11:49 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-04-27 18:13 - 2016-08-12 13:21 - 000437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2019-04-27 18:13 - 2016-08-06 11:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2019-04-27 18:13 - 2016-08-06 11:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2019-04-27 18:13 - 2016-08-06 11:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2019-04-27 17:31 - 2019-04-27 17:31 - 000000000 __RSH C:\MSDOS.SYS
2019-04-27 17:31 - 2019-04-27 17:31 - 000000000 __RSH C:\IO.SYS
2019-04-27 16:40 - 2019-04-27 16:40 - 127229528 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2019-04-27 16:29 - 2019-04-27 19:42 - 000000000 ____D C:\Windows\system32\MRT
2019-04-27 16:29 - 2019-04-27 19:33 - 128044056 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-27 15:19 - 2017-04-27 19:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2019-04-27 15:15 - 2012-07-26 00:21 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2019-04-27 15:15 - 2012-07-26 00:20 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2019-04-27 15:15 - 2012-07-26 00:20 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2019-04-27 15:15 - 2012-07-26 00:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2019-04-27 15:15 - 2012-07-26 00:20 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2019-04-27 15:15 - 2012-07-25 23:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2019-04-27 15:15 - 2012-07-25 23:32 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2019-04-27 15:15 - 2012-06-02 11:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2019-04-27 15:11 - 2014-06-30 19:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2019-04-27 15:11 - 2014-03-09 18:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2019-04-27 15:11 - 2014-03-09 18:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2019-04-27 15:10 - 2014-06-06 03:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2019-04-27 15:09 - 2012-03-01 02:46 - 000019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2019-04-27 15:09 - 2012-03-01 02:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2019-04-27 14:33 - 2019-04-27 14:33 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2019-04-27 14:33 - 2019-04-27 14:33 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2019-04-27 14:33 - 2019-04-27 14:33 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2019-04-27 14:33 - 2019-04-27 14:33 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2019-04-27 14:32 - 2019-04-27 14:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2019-04-27 14:32 - 2019-04-27 14:32 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2019-04-27 14:30 - 2015-07-30 10:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-04-27 14:14 - 2019-02-10 13:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-04-27 14:14 - 2019-02-10 13:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-04-27 14:14 - 2019-02-10 13:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-04-27 14:14 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-04-27 14:14 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-04-27 14:14 - 2019-02-10 13:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-04-27 14:14 - 2019-02-10 13:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-04-27 14:14 - 2019-02-10 13:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-04-27 14:14 - 2019-02-10 13:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-04-27 14:13 - 2019-02-10 13:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-04-27 14:13 - 2019-02-10 13:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-04-27 14:13 - 2019-02-10 13:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-04-27 14:13 - 2019-02-10 13:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-04-27 14:13 - 2019-02-10 13:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-04-27 14:13 - 2019-02-10 13:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-04-27 14:13 - 2018-11-17 23:59 - 000410080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-04-27 14:13 - 2018-11-17 23:44 - 000535616 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-04-27 14:13 - 2018-11-17 23:44 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-04-27 14:13 - 2018-11-17 23:43 - 000374872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-04-27 14:13 - 2018-11-17 23:43 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-04-27 14:10 - 2013-11-26 05:16 - 003419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2019-04-27 14:07 - 2019-04-01 11:49 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-04-27 14:07 - 2016-04-14 10:49 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2019-04-27 14:07 - 2015-12-08 18:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-04-27 14:07 - 2015-12-08 18:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2019-04-27 14:07 - 2015-12-08 18:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2019-04-27 14:07 - 2015-12-08 18:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2019-04-27 14:07 - 2015-12-08 18:43 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2019-04-27 14:07 - 2015-12-08 18:11 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2019-04-27 14:07 - 2015-12-08 18:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2019-04-27 14:07 - 2015-02-03 23:54 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2019-04-25 00:13 - 2019-04-25 00:13 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbamtray
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbam
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-25 00:13 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-24 23:39 - 2019-04-24 23:39 - 000004037 _____ C:\Users\MARCELO\Desktop\Fixlog.txt
2019-04-24 23:32 - 2019-04-25 00:02 - 000000705 _____ C:\DelFix.txt
2019-04-24 23:32 - 2019-04-24 23:32 - 000000000 ____D C:\Windows\ERUNT
2019-04-24 01:10 - 2019-04-24 01:10 - 000001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-24 01:10 - 2019-04-24 01:10 - 000001109 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-04-24 01:10 - 2019-04-24 01:10 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-04-23 15:35 - 2019-04-24 23:38 - 001788928 _____ (Farbar) C:\Users\MARCELO\Desktop\FRST.exe
2019-04-23 00:22 - 2019-04-23 00:23 - 000028447 _____ C:\Users\MARCELO\Desktop\Addition.txt
2019-04-23 00:21 - 2019-04-24 23:38 - 000000000 ____D C:\Users\MARCELO\Desktop\FRST-OlderVersion
2019-04-23 00:19 - 2019-04-23 00:19 - 000001100 _____ C:\Users\MARCELO\fixlist.rar
2019-04-22 18:49 - 2019-04-22 18:49 - 007665272 _____ (ESET spol. s r.o.) C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe
2019-04-17 18:45 - 2019-04-26 03:25 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-26 03:25 - 000001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-26 03:24 - 000000000 ____D C:\Program Files\Glary Utilities 5
2019-04-17 18:45 - 2019-04-17 18:45 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\GlarySoft
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\DiskDefrag
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-04-10 09:33 - 2019-05-01 23:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-03 12:03 - 2019-04-03 12:03 - 000001191 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-04-03 12:03 - 2019-04-03 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-03 12:03 - 2019-04-03 12:03 - 000000000 ____D C:\Program Files\VS Revo Group

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-02 23:53 - 2018-12-14 23:53 - 000000917 _____ C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job
2019-05-02 21:46 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-02 21:46 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-02 21:44 - 2011-04-11 22:30 - 000747262 _____ C:\Windows\system32\perfh00A.dat
2019-05-02 21:44 - 2011-04-11 22:30 - 000158734 _____ C:\Windows\system32\perfc00A.dat
2019-05-02 21:44 - 2010-11-20 18:01 - 001676342 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-02 21:44 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-05-02 21:40 - 2018-12-13 21:21 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Mozilla
2019-05-02 21:38 - 2019-02-24 23:55 - 000000000 ____D C:\ProgramData\Autodesk
2019-05-02 21:38 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-02 14:43 - 2018-12-13 18:27 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 14:43 - 2018-12-13 18:27 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-01 23:44 - 2018-12-12 20:11 - 000000000 ___RD C:\Users\MARCELO
2019-05-01 23:43 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
2019-05-01 23:43 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
2019-05-01 23:43 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\registration
2019-05-01 23:09 - 2018-12-14 15:12 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ElevatedDiagnostics
2019-05-01 22:18 - 2009-07-14 01:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-29 00:14 - 2018-12-13 17:17 - 000145152 _____ C:\Users\MARCELO\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-28 11:09 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\AppCompat
2019-04-27 22:50 - 2019-02-09 19:13 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-27 22:42 - 2009-07-14 01:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-27 22:40 - 2009-07-14 01:33 - 000511024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 20:50 - 2011-04-11 22:39 - 000000000 ____D C:\Windows\ShellNew
2019-04-27 20:50 - 2009-07-14 01:52 - 000000000 ____D C:\Program Files\DVD Maker
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\Setup
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\migwiz
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\System
2019-04-27 20:34 - 2018-12-13 17:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-27 19:55 - 2009-07-13 23:04 - 000000478 _____ C:\Windows\win.ini
2019-04-27 19:11 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-27 17:32 - 2018-12-12 16:06 - 000000000 ____D C:\Windows\Panther
2019-04-27 17:28 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\Dism
2019-04-27 17:28 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2019-04-27 17:27 - 2009-07-14 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-04-26 03:34 - 2019-01-12 11:59 - 000000000 ____D C:\AdwCleaner
2019-04-26 03:20 - 2018-12-13 17:32 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-26 03:20 - 2018-12-13 17:32 - 000000000 ____D C:\Program Files\CCleaner
2019-04-25 01:15 - 2018-12-13 18:54 - 000000000 ____D C:\Users\MARCELO\!!NO BORRAR
2019-04-25 00:44 - 2018-12-14 22:37 - 000005632 ___SH C:\Users\MARCELO\Thumbs.db
2019-04-24 01:04 - 2019-01-10 20:01 - 000026492 _____ C:\Users\MARCELO\copia de seguridad registro.reg
2019-04-22 21:05 - 2018-12-13 18:22 - 000000000 ____D C:\Windows Loader
2019-04-22 20:16 - 2018-12-13 17:49 - 000000000 ____D C:\Windows\AutoKMS
2019-04-22 18:50 - 2018-12-15 20:36 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ESET
2019-04-22 02:04 - 2018-12-17 19:54 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Temp
2019-04-11 02:15 - 2018-12-17 20:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-09 22:30 - 2019-02-09 19:13 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-04-09 22:30 - 2019-02-09 19:13 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-04-06 04:35 - 2018-12-27 17:11 - 000001268 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-06 04:35 - 2018-12-27 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories =======

2019-01-10 20:01 - 2019-04-24 01:04 - 000026492 _____ () C:\Users\MARCELO\copia de seguridad registro.reg
2018-12-14 22:37 - 2018-09-19 17:21 - 000000741 _____ () C:\Users\MARCELO\Install.cmd

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-17 17:48
==================== End of FRST.txt ============================
#6
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-05-2019
Ran by MARCELO (02-05-2019 23:54:54)
Running from C:\Users\MARCELO\!!NO BORRAR\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2018-12-12 23:11:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1166572213-2147164125-1135358989-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1166572213-2147164125-1135358989-1002 - Limited - Enabled)
Invitado (S-1-5-21-1166572213-2147164125-1135358989-501 - Limited - Disabled)
MARCELO (S-1-5-21-1166572213-2147164125-1135358989-1000 - Administrator - Enabled) => C:\Users\MARCELO

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5002-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CS6 versión 13.0.1 (HKLM\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Aplicación de escritorio de Autodesk (HKLM\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
aTuner (remove only) (HKLM\...\aTuner) (Version: aTuner 1.9.85 - )
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0002-CF3F3A09B77D}) (Version: 21.0.104.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 SP 1 (HKLM\...\AutoCAD 2017 SP1) (Version: 21.0.104.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 32 bit (HKLM\...\{A65662B5-45CC-41D3-AEDC-1448577664EE}) (Version: 4.37.6853 - Autodesk)
Autodesk Material Library 2017 (HKLM\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Desinstalar impresora EPSON L380 Series (HKLM\...\EPSON L380 Series) (Version:  - Seiko Epson Corporation)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{006C8256-3855-43BF-8BA5-4B4C40F41F71}) (Version: 3.10.0065 - Seiko Epson Corporation)
Epson Scan 2 (HKLM\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION)
ESET Security (HKLM\...\{0BA8BBB6-4354-40BD-AA15-D4FF2E551998}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Glary Utilities 5.118 (HKLM\...\Glary Utilities 5) (Version: 5.118.0.143 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Importación de SketchUp 2016-2017 (HKLM\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manual Epson L380 (HKLM\...\UsersGuideManual Epson L380_is1) (Version: 1.0 - Epson America, Inc.)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.3 (x86 es-AR) (HKLM\...\Mozilla Firefox 66.0.3 (x86 es-AR)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Skype versión 8.42 (HKLM\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version:  - Microsoft)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-04-25 00:13 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-04-23 15:44 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCELO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: EpsonCustomerResearchParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\startupfolder: C:^Users^MARCELO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1268AFB5-D772-48A8-A443-F48554941B57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FED9FB47-ED2E-4278-B2B6-1664C2B91B13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7F24E22D-F2F3-43A7-968A-DC71C9C41241}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{583A92A6-E8AF-47A5-8BEE-B7D1F90EEEBC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5ACFFA84-C744-4F24-96DA-EE4ED44263E0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CBA58721-2744-4ABC-91ED-DB8D7B82347F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44113242-5BF9-497A-8DFF-0D40B7F05688}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

28-04-2019 19:35:08 Copias de seguridad de Windows
01-05-2019 23:40:41 Operación de restauración

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/02/2019 09:45:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000fffe
Id. del proceso con errores: 0x1788
Hora de inicio de la aplicación con errores: 0x01d501498705db30
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: c5092130-6d3c-11e9-b7de-00e04d7348e8

Error: (05/02/2019 09:44:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x1404
Hora de inicio de la aplicación con errores: 0x01d501494c601f90
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 8a4c3410-6d3c-11e9-b7de-00e04d7348e8

Error: (05/02/2019 09:42:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x12b4
Hora de inicio de la aplicación con errores: 0x01d5014927b6bf50
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 65a87920-6d3c-11e9-b7de-00e04d7348e8

Error: (05/02/2019 05:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0xd70
Hora de inicio de la aplicación con errores: 0x01d50125ddbc3330
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 1ba3b3d0-6d19-11e9-be76-00e04d7348e8

Error: (05/02/2019 05:29:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0xc48
Hora de inicio de la aplicación con errores: 0x01d50125b91bac90
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: f6fee770-6d18-11e9-be76-00e04d7348e8

Error: (05/02/2019 05:28:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x6b0
Hora de inicio de la aplicación con errores: 0x01d50125948d7570
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: d2673a70-6d18-11e9-be76-00e04d7348e8

Error: (05/02/2019 02:33:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x91c
Hora de inicio de la aplicación con errores: 0x01d5010d26c814b8
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 649f7858-6d00-11e9-b873-00e04d7348e8

Error: (05/02/2019 02:32:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0xdbc
Hora de inicio de la aplicación con errores: 0x01d5010d023614d8
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 400d7878-6d00-11e9-b873-00e04d7348e8


System errors:
=============
Error: (04/30/2019 07:52:23 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: El servicio "WMPNetworkSvc" no se puede iniciar correctamente debido al error "0x80004005" en CoCreateInstance(CLSID_UPnPDeviceFinder). Compruebe que el servicio UPnPHost esté en ejecución y que el componente UPnPHost de Windows esté instalado correctamente.

Error: (04/27/2019 10:44:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80242016: 2017 (12) Paquete acumulativo de actualizaciones de calidad mensual de seguridad para Windows 7 para sistemas basados en x86 (KB4054518).

Error: (04/27/2019 10:41:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Instalador de módulos de Windows se cerró con el siguiente error: 
%%16405

Error: (04/27/2019 08:14:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x800736cc: Actualización de seguridad para Windows 7 (KB3115858).

Error: (04/27/2019 08:07:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070643: Actualización de seguridad para el Paquete redistribuible de Microsoft Visual C++ 2008 Service Pack 1 (KB2538243).

Error: (04/27/2019 07:16:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80073712: Actualización para Windows 7 (KB2773072).

Error: (04/27/2019 05:35:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80242016: Actualización para Windows 7 (KB2703157).

Error: (04/27/2019 05:35:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80242016: Actualización para la lista de Vista de compatibilidad de Internet Explorer 8 para Windows 7 (KB2598845).


==================== Memory info =========================== 

BIOS: Phoenix Technologies, LTD 6.00 PG 12/05/2007
Motherboard: BIOSTAR Group N61PA-M2S
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+
Percentage of memory in use: 78%
Total physical RAM: 2942.55 MB
Available physical RAM: 634.6 MB
Total Virtual: 5883.48 MB
Available Virtual: 3375.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:124.66 GB) (Free:74.98 GB) NTFS
Drive d: () (Fixed) (Total:806.75 GB) (Free:741.96 GB) NTFS

\\?\Volume{980f26a4-fe62-11e8-8ff8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=806.8 GB) - (Type=05)

==================== End of Addition.txt ============================
#7

Hola @Marcelo_Bianchi

Una consulta, mientras analizo los reportes, instalaste algo nuevo o descargaste algo en estos días de dudosa reputación?

Ademas de las ventanas de cmd que se abren como notas el equipo?

Salu2

#10

No descargué nada nuevo, el equipo anda super bien, rapido, solo esas ventanas son el problema, ahhh si, descargué todas las actualizaciones de Win 7, lei que habia un riesgo y que el año que viene terminaria el soporte y descargué todas, pero eso no puede ser el origen del problema, ademas, por suerte, hice un punto de restauración, ayer no podia entrar a internet, estaba conectado, pero no podia entrar a ninguna pagina busqué el punto de restauracion y volvi a la vida, no se si tendra algo que ver.

Pero lo de las ventanas negras, ya venia de dias anteriores.

Vos lo dijiste, es como una ventana de cmd, si abro ipconfig se cierra al toque, debo abrir cmd y desde ahi entrar a ipconfig

#11

Hola Marcelo:

Otra consulta utilizas el programa Autodesk/Autocad.

Recuerda corta el ejecutable de FRST y pegarlo en el escritorio.

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Autodesk Sync] => [X]
BootExecute: autocheck autochk * 
FF HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\MARCELO\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin HKU\S-1-5-21-1166572213-2147164125-1135358989-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\MARCELO\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
CHR Extension: (Ace Script) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-04-27]
CHR HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Luego de reiniciar y si el problema persiste, ya que no se ve claramente una entrada que marque el problema, es lo mas probable, toma una imagen de la ventana que te aparece.

Como subir imágenes al Foro?

Salu2

#12

Hola Sandra, al autocad lo descargué para intentar aprender a usarlo. Sigue todo igual con las ventanas negras.

Fix result of Farbar Recovery Scan Tool (x86) Version: 02-05-2019
Ran by MARCELO (03-05-2019 12:00:48) Run:1
Running from C:\Users\MARCELO\!!NO BORRAR\Desktop
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Boot Mode: Normal

==============================================

fixlist content:
*****************

Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Autodesk Sync] => [X]
BootExecute: autocheck autochk * 
FF HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\...\Firefox\Extensions: [[email protected]] - C:\Users\MARCELO\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin HKU\S-1-5-21-1166572213-2147164125-1135358989-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\MARCELO\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
CHR Extension: (Ace Script) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-04-27]
CHR HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync" => removed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully.
HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.32 => removed successfully.
"C:\Users\MARCELO\AppData\Roaming\ACEStream\player\npace_plugin.dll" => not found
CHR Extension: (Ace Script) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-04-27] => Error: No automatic fix found for this entry.
HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Google\Chrome\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo => removed successfully.

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::5c9:9e99:7ec4:ffc6%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.2
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{07796CC6-62EF-48F8-8467-28748D7CB128}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5708724 B
Java, Flash, Steam htmlcache => 1140 B
Windows/system/drivers => 1154897791 B
Edge => 0 B
Chrome => 138089347 B
Firefox => 1093105714 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66356 B
LocalService => 66228 B
NetworkService => 66868 B
MARCELO => 63801277 B

RecycleBin => 251813034 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:01:41 ====
#13

Hola @Marcelo_Bianchi

Lo imagine…debemos seguir investigando.

1.- Descargue la herramienta SystemLook a su escritorio segun la arquitectura de su Sistema Operativo: >>> Como saber si mi Windows es de 32 o 64 bits?.

2.- Haga doble clic al archivo SystemLook.exe para ejecutarlo.

Si usa Windows 7/8 o 10, presione clic derecho y seleccione Ejecutar como Administrador

Copie y pegue tal cual el texto del recuadro de aquí abajo en la ventana del programa y pulse en Look.

:process
taskhost.exe

  • Espere hasta que finalice la búsqueda. (Esta puede demorarse)
  • Al terminar se abrirá el bloc de notas, con un reporte que debe copiar y pegar en su próxima respuesta.

Nota: Ese reporte también se guardará con el nombre SystemLook.txt en su escritorio.

Salu2

#14

Hola Sandra aqui va el informe, parece que no pasa nada.

SystemLook 30.07.11 by jpshortstuff
Log created at 21:18 on 03/05/2019 by MARCELO
Administrator - Elevation successful

========== process ==========

taskhost.exe - Unable to open process handle.

-= EOF =-
#15

Hola @Marcelo_Bianchi

Prueba lo siguiente:

  • Presiona las teclas Windows + R
  • En la ventana que se abre escribes msconfig
  • Vas a la Pestaña Inicio de Windows.

Revisa si allí tienes algo relacionado al proceso taskhost.exe

Si lo encuentras destildas la casilla, Aplicar y Aceptar.

Nos comentas.

Salu2

#16

nada, solo ESET esta habilitado en el inicio de win.

#17

Hola @Marcelo_Bianchi

vuelve a ejecutar SistemLook pero con estos parámetros:

:file
C:\WINDOWS\system32\taskhost.exe

:filefind
*taskhost*

Esperamos el reporte.

Salu2

#18

SystemLook 30.07.11 by jpshortstuff Log created at 02:25 on 04/05/2019 by MARCELO Administrator - Elevation successful

========== file ==========

C:\WINDOWS\system32\taskhost.exe - File found and opened. MD5: F4F35D60B3CC18AAA6D8D92F0CD3708A Created at 13:58 on 24/12/2018 Modified at 13:58 on 24/12/2018 Size: 49152 bytes Attributes: --a---- No version information available.

========== filefind ==========

Searching for “taskhost

#19

Hola Sandra, reinicié y sigue igual

#20

Hola:

Si por el momento no hemos hecho nada para corregirlo, todavía no aparece el porque. Seguimos buscando.

Descarga Autoruns (Al final de la pagina)

Ejecútala como Administrador.

  • Descomprimes Autorun.zip
  • Dale doble clic al archivo Autoruns.exe
  • En la Pestaña "Everything" (la que abre por defecto)
  • Vas a Options >> y tildas "Hide Empty Locations",“Hide Windows Entries” y “Hide Microsoft Entries”.
  • Presionas F5 para que actualice.
  • Luego vas al menú “File”, selecciona save o save as y guarda el archivo en el lugar de tu preferencia por ejemplo el escritorio.
  • Selecciona para que se guarde correcto en tipo: Text (*.Txt)
  • Copias el contenido y lo pegas en tu próxima Respuesta.

Luego vas a la Pestaña Logon tomas una imagen y la subes.

Salu2.

#21

Hola Sandra, aqui va:

|"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell"|""|""|""|"05/02/2019 18:28"|""|
|---|---|---|---|---|---|
|+ "cmd.exe"|"Procesador de comandos de Windows"|"(Verified) Microsoft Windows"|"c:\windows\system32\cmd.exe"|"20/11/2010 6:00"|""|
|"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|""|""|""|"03/05/2019 12:01"|""|
|+ "egui"|"ESET command line interface"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\ecmds.exe"|"05/04/2019 6:57"|""|
|"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"|""|""|""|"27/04/2019 20:50"|""|
|+ "Google Chrome"|"Google Chrome Installer"|"(Verified) Google LLC"|"c:\program files\google\chrome\application\74.0.3729.131\installer\chrmstp.exe"|"29/04/2019 2:00"|""|
|+ "Themes Setup"|"Microsoft(C) Register Server"|"(Verified) Microsoft Windows"|"c:\windows\system32\regsvr32.exe"|"13/07/2009 20:58"|""|
|+ "Windows Desktop Update"|"Microsoft(C) Register Server"|"(Verified) Microsoft Windows"|"c:\windows\system32\regsvr32.exe"|"13/07/2009 20:58"|""|
|"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"|""|""|""|"17/04/2019 18:45"|""|
|+ "AcShellExtension.AcContextMenuHandler"|"AutoCAD Dwg common shell extension handler"|"(Verified) Autodesk, Inc"|"c:\program files\common files\autodesk shared\acshellex\acshellextension.dll"|"06/02/2016 23:08"|""|
|+ "ESET Security Shell"|"ESET Shell Extension"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\shellext.dll"|"05/04/2019 7:00"|""|
|+ "Glary Utilities"|"Context Menu Handler"|"(Verified) Glarysoft LTD"|"c:\program files\glary utilities 5\contexthandler.dll"|"23/01/2019 0:30"|""|
|+ "MEGA (Context menu)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|+ "WinRAR"|"WinRAR shell extension"|"(Verified) win.rar GmbH"|"c:\program files\winrar\rarext.dll"|"14/08/2016 16:15"|""|
|"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"|""|""|""|"17/04/2019 18:45"|""|
|+ "ESET Security Shell"|"ESET Shell Extension"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\shellext.dll"|"05/04/2019 7:00"|""|
|+ "Glary Utilities"|"Context Menu Handler"|"(Verified) Glarysoft LTD"|"c:\program files\glary utilities 5\contexthandler.dll"|"23/01/2019 0:30"|""|
|+ "MEGA (Context menu)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"|""|""|""|"25/04/2019 0:13"|""|
|+ "MBAMShlExt"|"Malwarebytes"|"(Verified) Malwarebytes Corporation"|"c:\program files\malwarebytes\anti-malware\mbshlext.dll"|"22/01/2019 18:13"|""|
|+ "MEGA (Context menu)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"|""|""|""|"24/02/2019 17:59"|""|
|+ "MEGA (Context menu)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"|""|""|""|"25/02/2019 0:14"|""|
|+ "AcColumnHandler"|"AutoCAD Dwg common shell extension handler"|"(Verified) Autodesk, Inc"|"c:\program files\common files\autodesk shared\acshellex\acshellextension.dll"|"06/02/2016 23:08"|""|
|"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"|""|""|""|"25/04/2019 0:13"|""|
|+ "ESET Security Shell"|"ESET Shell Extension"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\shellext.dll"|"05/04/2019 7:00"|""|
|+ "Glary Utilities"|"Context Menu Handler"|"(Verified) Glarysoft LTD"|"c:\program files\glary utilities 5\contexthandler.dll"|"23/01/2019 0:30"|""|
|+ "MBAMShlExt"|"Malwarebytes"|"(Verified) Malwarebytes Corporation"|"c:\program files\malwarebytes\anti-malware\mbshlext.dll"|"22/01/2019 18:13"|""|
|+ "WinRAR"|"WinRAR shell extension"|"(Verified) win.rar GmbH"|"c:\program files\winrar\rarext.dll"|"14/08/2016 16:15"|""|
|"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"|""|""|""|"12/12/2018 20:19"|""|
|+ "WinRAR"|"WinRAR shell extension"|"(Verified) win.rar GmbH"|"c:\program files\winrar\rarext.dll"|"14/08/2016 16:15"|""|
|"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"|""|""|""|"25/02/2019 0:14"|""|
|+ " MEGA (Pending)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|+ " MEGA (Synced)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|+ " MEGA (Syncing)"|""|"(Verified) Mega Limited"|"c:\programdata\megasync\shellextx32.dll"|"07/02/2019 18:43"|""|
|+ "AutoCAD Digital Signatures Icon Overlay Handler"|"AutoCAD component"|"(Verified) Autodesk, Inc"|"c:\windows\system32\acsignicon.dll"|"07/02/2016 0:30"|""|
|"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"|""|""|""|"15/12/2018 0:00"|""|
|+ "Easy Photo Print"|"Epson Easy Photo Print (TBL)"|"(Verified) SEIKO EPSON Corporation"|"c:\program files\epson software\easy photo print\eptbl.dll"|"26/01/2011 6:59"|""|
|"HKLM\Software\Microsoft\Internet Explorer\Toolbar"|""|""|""|"17/01/2019 14:41"|""|
|+ "EPTBL"|"Epson Easy Photo Print (TBL)"|"(Verified) SEIKO EPSON Corporation"|"c:\program files\epson software\easy photo print\eptbl.dll"|"26/01/2011 6:59"|""|
|"Task Scheduler"|""|""|""|""|""|
|+ "\Adobe Acrobat Update Task"|"Adobe Reader and Acrobat Manager"|"(Verified) Adobe Systems, Incorporated"|"c:\program files\common files\adobe\arm\1.0\adobearm.exe"|"17/12/2018 0:24"|""|
|+ "\Adobe Flash Player NPAPI Notifier"|"Adobe® Flash® Player Installer/Uninstaller 32.0 r0"|"(Verified) Adobe Inc."|"c:\windows\system32\macromed\flash\flashutil32_32_0_0_171_plugin.exe"|"26/03/2019 3:45"|""|
|+ "\Adobe Flash Player Updater"|"Adobe® Flash® Player Update Service 32.0 r0"|"(Verified) Adobe Inc."|"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"|"26/03/2019 3:45"|""|
|+ "\AutoRearm"|"AutoRearm"|""|"c:\windows\autorearm\autorearm.exe"|"04/05/2018 16:35"|""|
|+ "\CCleaner Update"|"CCleaner emergency updater"|"(Verified) Piriform Software Ltd"|"c:\program files\ccleaner\ccupdate.exe"|"04/02/2019 9:09"|""|
|+ "\CCleanerSkipUAC"|"CCleaner"|"(Verified) Piriform Software Ltd"|"c:\program files\ccleaner\ccleaner.exe"|"04/04/2019 7:55"|""|
|+ "\EOSv3 Scheduler onLogOn"|"ESET Online Scanner"|"(Verified) ESET, spol. s r.o."|"c:\users\marcelo\desktop\esetonlinescanner_esn.exe"|"13/12/2018 6:30"|""|
|+ "\EOSv3 Scheduler onTime"|"ESET Online Scanner"|"(Verified) ESET, spol. s r.o."|"c:\users\marcelo\desktop\esetonlinescanner_esn.exe"|"13/12/2018 6:30"|""|
|+ "\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}"|"E_DTSKSD.EXE"|"(Verified) SEIKO EPSON CORPORATION"|"c:\windows\system32\spool\drivers\w32x86\3\e_ttsrqe.exe"|"22/11/2013 1:36"|""|
|+ "\GoogleUpdateTaskMachineCore"|"Google Installer"|"(Verified) Google Inc"|"c:\program files\google\update\googleupdate.exe"|"13/07/2017 23:07"|""|
|+ "\GoogleUpdateTaskMachineUA"|"Google Installer"|"(Verified) Google Inc"|"c:\program files\google\update\googleupdate.exe"|"13/07/2017 23:07"|""|
|+ "\MEGA\MEGAsync Update Task S-1-5-21-1166572213-2147164125-1135358989-1000"|"MEGAupdater"|"(Verified) Mega Limited"|"c:\programdata\megasync\megaupdater.exe"|"07/02/2019 18:43"|""|
|+ "\{BDB4B602-8DB0-43B2-A30E-14D8EEF89860}"|"Revo Uninstaller"|"(Verified) VS Revo Group"|"c:\program files\vs revo group\revo uninstaller\revounin.exe"|"12/12/2016 7:20"|""|
|"HKLM\System\CurrentControlSet\Services"|""|""|""|"04/05/2019 4:24"|""|
|+ "AdAppMgrSvc"|"Autodesk Desktop App Service: Autodesk Desktop App Service"|"(Verified) Autodesk, Inc."|"c:\program files\autodesk\autodesk desktop app\adappmgrsvc.exe"|"30/11/2018 21:52"|""|
|+ "AdobeARMservice"|"Adobe Acrobat Update Service: Adobe Acrobat Updater keeps your Adobe software up to date."|"(Verified) Adobe Systems, Incorporated"|"c:\program files\common files\adobe\arm\1.0\armsvc.exe"|"17/12/2018 0:23"|""|
|+ "AdobeFlashPlayerUpdateSvc"|"Adobe Flash Player Update Service: Este servicio mantiene actualizada la instalación de Adobe Flash Player con las últimas mejoras y soluciones de seguridad."|"(Verified) Adobe Inc."|"c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"|"26/03/2019 3:45"|""|
|+ "ekrn"|"ESET Service: ESET Service"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\ekrn.exe"|"05/04/2019 7:01"|""|
|+ "ekrnEpfw"|"ESET Firewall Helper: ESET Service"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\ekrn.exe"|"05/04/2019 7:01"|""|
|+ "FlexNet Licensing Service"|"FlexNet Licensing Service: This service performs licensing functions on behalf of FlexNet enabled products."|"(Verified) Flexera Software LLC"|"c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"|"22/06/2015 7:53"|""|
|+ "GoogleChromeElevationService"|"Google Chrome Elevation Service: Google Chrome"|"(Verified) Google LLC"|"c:\program files\google\chrome\application\74.0.3729.131\elevation_service.exe"|"29/04/2019 2:00"|""|
|+ "gupdate"|"Google Update Servicio (gupdate): Mantiene actualizado tu software de Google. Si este servicio se desactiva o se detiene, tu software de Google no se mantendrá actualizado, lo que implica que las vulnerabilidades de seguridad que puedan aparecer no podrán arreglarse y es posible que algunas funciones no anden. Este servicio se desinstala automáticamente si ningún software de Google la utiliza."|"(Verified) Google Inc"|"c:\program files\google\update\googleupdate.exe"|"13/07/2017 23:07"|""|
|+ "gupdatem"|"Google Update Servicio (gupdatem): Mantiene actualizado tu software de Google. Si este servicio se desactiva o se detiene, tu software de Google no se mantendrá actualizado, lo que implica que las vulnerabilidades de seguridad que puedan aparecer no podrán arreglarse y es posible que algunas funciones no anden. Este servicio se desinstala automáticamente si ningún software de Google la utiliza."|"(Verified) Google Inc"|"c:\program files\google\update\googleupdate.exe"|"13/07/2017 23:07"|""|
|+ "MBAMService"|"Malwarebytes Service: Malwarebytes Service"|"(Verified) Malwarebytes Corporation"|"c:\program files\malwarebytes\anti-malware\mbamservice.exe"|"29/01/2019 14:15"|""|
|+ "MozillaMaintenance"|"Mozilla Maintenance Service: El servicio de matenimiento de Mozilla asegura que tiene la última y más segura versión de  Mozilla Firefox en su computadora. Mantener Firefox actualizado es muy importante para su seguridad en línea y Mozilla recomienda encarecidamente que mantenga este servicio habilitado."|"(Verified) Mozilla Corporation"|"c:\program files\mozilla maintenance service\maintenanceservice.exe"|"09/04/2019 14:11"|""|
|"HKLM\System\CurrentControlSet\Services"|""|""|""|"04/05/2019 4:24"|""|
|+ "eamonm"|"eamonm: Eset file on-access scanner"|"(Verified) ESET, spol. s r.o."|"c:\windows\system32\drivers\eamonm.sys"|"11/01/2019 3:18"|""|
|+ "ehdrv"|"ehdrv: Eset Helper driver"|"(Verified) ESET, spol. s r.o."|"c:\windows\system32\drivers\ehdrv.sys"|"11/01/2019 3:19"|""|
|+ "epfwwfp"|"epfwwfp: EPFW Filter Driver"|"(Verified) ESET, spol. s r.o."|"c:\windows\system32\drivers\epfwwfp.sys"|"11/01/2019 3:20"|""|
|+ "GUBootStartup"|"GUBootStartup: The driver for the Startup Manager tool"|"(Verified) Glarysoft LTD"|"c:\windows\system32\drivers\gubootstartup.sys"|"22/06/2018 6:42"|""|
|+ "MBAMSwissArmy"|"MBAMSwissArmy: Malwarebytes Anti-Malware Swiss Army"|"(Verified) Malwarebytes Corporation"|"c:\windows\system32\drivers\mbamswissarmy.sys"|"08/01/2019 20:45"|""|
|"HKLM\Software\Microsoft\Office\Outlook\Addins"|""|""|""|"07/03/2019 9:53"|""|
|X "{F43F5136-AA90-4005-9368-F91F5C120D69}"|"ESET Plugin for Microsoft Outlook"|"(Verified) ESET, spol. s r.o."|"c:\program files\eset\eset security\eplgoutlook.dll"|"05/04/2019 6:57"|""|
#22

Hola @Marcelo_Bianchi

Seguimos investigando, por el momento desinstala tu antivirus con su Herramienta especifica:

Ademas comenta desde cuando lo tienes instalado y que versión de Eset es.

Reinicias, si el problemas de las ventanas de cmd persiste vuelve a ejecutar FRST como ya lo has hecho anteriormente y nos traes sus reportes frescos.

Salu2

1 me gusta