Ventanas negras al inicio de Win, taskhost.exe

Hola @Marcelo_Bianchi

Una consulta mientras analizo los reportes, tienes Kas instalado actualmente ?

Nos es algo que nosotros podamos manejar, el Foro esta basado en la plataforma Discourse y tiene esos limites.

Salu2

No se que es kas, si es kapersky lo habia instalado, pero ahora solo encuentro el instalador, el icono de acceso desaparecio.

Hola @Marcelo_Bianchi

Probablemente desapareció cuando restauraste el sistema.

No instales nada aun estarás sin antivirus.


Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Abre un nuevo archivo Notepad y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
Task: {2864F254-81D2-48B8-9984-E8555938FF88} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {862C2F3E-3020-4449-9F0F-D4DEA53F8088} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {90E5A160-0087-406A-8AB6-01F833F08DA9} - System32\Tasks\AutoRearm => C:\Windows\AutoRearm\AutoRearm.exe [5745664 2018-12-13] () [File not signed]
2019-04-22 18:49 - 2019-04-22 18:49 - 007665272 _____ (ESET spol. s r.o.) C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe
2019-04-29 22:12 - 2019-05-01 23:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-04-29 22:12 - 2019-04-29 22:13 - 000000000 ____D C:\Program Files\Kaspersky Lab
2019-04-29 21:59 - 2019-04-29 21:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-12-14 22:37 - 2018-09-19 17:21 - 000000741 _____ () C:\Users\MARCELO\Install.cmd

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Reinicias y nos comentas si persisten las ventana.

Salu2.

Hola Sandra, aigue igual, te mando el reporte.

Fix result of Farbar Recovery Scan Tool (x86) Version: 04-05-2019
Ran by MARCELO (05-05-2019 17:12:30) Run:2
Running from C:\Users\MARCELO\!!NO BORRAR\Desktop
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Task: {2864F254-81D2-48B8-9984-E8555938FF88} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {862C2F3E-3020-4449-9F0F-D4DEA53F8088} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe [7665272 2019-04-22] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {90E5A160-0087-406A-8AB6-01F833F08DA9} - System32\Tasks\AutoRearm => C:\Windows\AutoRearm\AutoRearm.exe [5745664 2018-12-13] () [File not signed]
2019-04-22 18:49 - 2019-04-22 18:49 - 007665272 _____ (ESET spol. s r.o.) C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe
2019-04-29 22:12 - 2019-05-01 23:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-04-29 22:12 - 2019-04-29 22:13 - 000000000 ____D C:\Program Files\Kaspersky Lab
2019-04-29 21:59 - 2019-04-29 21:59 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-12-14 22:37 - 2018-09-19 17:21 - 000000741 _____ () C:\Users\MARCELO\Install.cmd

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2864F254-81D2-48B8-9984-E8555938FF88}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2864F254-81D2-48B8-9984-E8555938FF88}" => removed successfully.
C:\Windows\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{862C2F3E-3020-4449-9F0F-D4DEA53F8088}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{862C2F3E-3020-4449-9F0F-D4DEA53F8088}" => removed successfully.
C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{90E5A160-0087-406A-8AB6-01F833F08DA9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90E5A160-0087-406A-8AB6-01F833F08DA9}" => removed successfully.
C:\Windows\System32\Tasks\AutoRearm => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoRearm" => removed successfully.
C:\Users\MARCELO\Desktop\esetonlinescanner_esn.exe => moved successfully
C:\ProgramData\Kaspersky Lab => moved successfully
C:\Program Files\Kaspersky Lab => moved successfully
C:\ProgramData\Kaspersky Lab Setup Files => moved successfully
C:\Users\MARCELO\Install.cmd => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::5c9:9e99:7ec4:ffc6%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.3
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{07796CC6-62EF-48F8-8467-28748D7CB128}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6432480 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 124388016 B
Edge => 0 B
Chrome => 75790945 B
Firefox => 1090432683 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 0 B
MARCELO => 6338170 B

RecycleBin => 2748637 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:13:20 ====

Me llegó como que me respondias, pero no tengo nada

Hola @Marcelo_Bianchi

Esta dura la ventanita…grgrgr

1.- Realiza un análisis del PC con Eset Online Scaner : Manual de Uso

Revisa el Manual para que sepas como salvar el reporte.

Guía: Como pegar Reportes en el Foro?

2.- Luego de reiniciar un reporte fresco de FRST mas Addittion.

Por que edite el Fixlist.

Salu2

Hola Sandra, aca van los reportes, lo que encontró el ESET son activadores o cracks, las ventanitas siguen.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-05-2019
Ran by MARCELO (administrator) on MARCELO-PC (BIOSTAR Group N61PA-M2S) (06-05-2019 21:56:10)
Running from C:\Users\MARCELO\!!NO BORRAR\Desktop
Loaded Profiles: MARCELO (Available Profiles: MARCELO)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\ADPClientService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1151016 2016-02-02] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007AFFF5-16E5-4E6C-8739-E933F1149875} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\MARCELO\!!NO BORRAR\Desktop\ESETOnlineScanner_ESL.exe [7666296 2019-05-05] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {1980B2DD-05C6-468C-9589-5AC0E51D9206} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {20C23B6C-DA67-4BFB-8626-CC457B71A906} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1166572213-2147164125-1135358989-1000 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-02-07] (Mega Limited -> Mega Limited)
Task: {297B8544-9FFC-4808-A0C9-116CFC742DCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {60FE3F3F-D99E-4BA1-82CB-0FCF80A06FA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E59EDCE-2C78-4102-9786-8D9A9C8F786A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1051864 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E3C529E-403E-4BF3-82F3-3242083FE97D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {8B820CB7-3119-47BC-B22A-D7A00DE7C686} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-12-13] (Google Inc -> Google Inc.)
Task: {93672AFD-C44D-440E-8CC1-53B241CD3CA1} - System32\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE [690536 2013-11-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {9FF8AAE3-96BE-49A9-AA6F-0694082296F5} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\MARCELO\!!NO BORRAR\Desktop\ESETOnlineScanner_ESL.exe [7666296 2019-05-05] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {A58089FB-2FE8-4D7B-A329-63C1B58AD62D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [282800 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF4ABBE4-36F6-4D05-8094-8E983DCD8E06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {CC386EE7-D53E-4C15-B827-ED0249B455A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F14C3C7E-52A7-418C-820A-EA529844A69C} - System32\Tasks\{BDB4B602-8DB0-43B2-A30E-14D8EEF89860} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {F1E91C11-F338-4BE9-BE34-190050217A0E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TTSRQE.EXE:/EXE:{BED6025A-3492-412D-BE5A-4F9E441E93BF} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07796CC6-62EF-48F8-8467-28748D7CB128}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D3088D10-33EA-4247-B2DA-61AC05100460}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2014-11-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: yjls2k4o.default-1556079140054
FF ProfilePath: C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\yjls2k4o.default-1556079140054 [2019-05-06]
FF Extension: (Malwarebytes Browser Extension) - C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\yjls2k4o.default-1556079140054\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2019-04-25]
FF Extension: (Baidu Search Update) - C:\Users\MARCELO\AppData\Roaming\Mozilla\Firefox\Profiles\yjls2k4o.default-1556079140054\features\{aeb8c702-009e-4407-8e84-8b3b2be412d1}\[email protected] [2019-05-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com.ar/
CHR StartupUrls: Default -> "hxxps://www.google.com.ar/"
CHR Profile: C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default [2019-05-05]
CHR Extension: (Documentos) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-13]
CHR Extension: (Google Drive) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-13]
CHR Extension: (YouTube) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-13]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-13]
CHR Extension: (Gmail) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\MARCELO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1162616 2018-11-30] (Autodesk, Inc. -> Autodesk Inc.)
S4 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [591800 2018-06-11] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
S4 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [223560 2016-04-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RP7.EXE [143424 2013-04-14] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2019-02-25] (Flexera Software LLC -> Flexera Software LLC)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2019-04-17] (Glarysoft LTD -> Glarysoft Ltd)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-05-06] (Malwarebytes Corporation -> Malwarebytes)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 21:55 - 2019-05-06 21:55 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-06 18:57 - 2019-05-06 21:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-02 23:53 - 2019-05-06 21:56 - 000000000 ____D C:\FRST
2019-04-29 21:44 - 2019-04-29 21:44 - 000000000 ___HD C:\Windows\PIF
2019-04-27 20:50 - 2019-04-27 20:50 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-04-27 20:50 - 2019-04-27 20:50 - 000000000 ____D C:\Windows\system32\appraiser
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2019-04-27 18:19 - 2014-07-08 22:29 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2019-04-27 18:18 - 2011-03-11 02:39 - 000143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2019-04-27 18:18 - 2011-03-11 02:39 - 000117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2019-04-27 18:18 - 2011-03-11 02:38 - 000332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2019-04-27 18:18 - 2011-03-11 02:38 - 000080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2019-04-27 18:18 - 2011-03-11 02:38 - 000022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2019-04-27 18:18 - 2011-03-11 02:33 - 001699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-04-27 18:18 - 2011-03-11 02:31 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2019-04-27 18:14 - 2019-03-28 00:35 - 000348776 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-04-27 18:14 - 2019-03-26 02:12 - 020280832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-04-27 18:14 - 2019-03-26 02:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-04-27 18:14 - 2019-03-26 02:01 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-04-27 18:14 - 2019-03-26 01:51 - 000498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-04-27 18:14 - 2019-03-26 01:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-04-27 18:14 - 2019-03-26 01:50 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-04-27 18:14 - 2019-03-26 01:50 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-04-27 18:14 - 2019-03-26 01:50 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-04-27 18:14 - 2019-03-26 01:48 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-04-27 18:14 - 2019-03-26 01:46 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-04-27 18:14 - 2019-03-26 01:45 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-04-27 18:14 - 2019-03-26 01:44 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-04-27 18:14 - 2019-03-26 01:43 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-04-27 18:14 - 2019-03-26 01:43 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-04-27 18:14 - 2019-03-26 01:43 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-04-27 18:14 - 2019-03-26 01:43 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-04-27 18:14 - 2019-03-26 01:39 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-04-27 18:14 - 2019-03-26 01:36 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-04-27 18:14 - 2019-03-26 01:33 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-04-27 18:14 - 2019-03-26 01:33 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-04-27 18:14 - 2019-03-26 01:32 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-04-27 18:14 - 2019-03-26 01:31 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-04-27 18:14 - 2019-03-26 01:29 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-04-27 18:14 - 2019-03-26 01:29 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-04-27 18:14 - 2019-03-26 01:29 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-04-27 18:14 - 2019-03-26 01:28 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-04-27 18:14 - 2019-03-26 01:24 - 013682176 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-04-27 18:14 - 2019-03-26 01:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-04-27 18:14 - 2019-03-26 01:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-04-27 18:14 - 2019-03-26 01:21 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-04-27 18:14 - 2019-03-26 01:21 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-04-27 18:14 - 2019-03-26 01:21 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-04-27 18:14 - 2019-03-26 01:08 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-04-27 18:14 - 2019-03-26 01:04 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-04-27 18:14 - 2019-03-26 01:02 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-04-27 18:13 - 2019-04-01 22:55 - 002406400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-04-27 18:13 - 2019-03-28 22:35 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-04-27 18:13 - 2019-03-20 23:03 - 003961576 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-04-27 18:13 - 2019-03-20 23:03 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2019-04-27 18:13 - 2019-03-20 23:03 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-04-27 18:13 - 2019-03-20 23:03 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-04-27 18:13 - 2019-03-20 23:03 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2019-04-27 18:13 - 2019-03-20 23:03 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-04-27 18:13 - 2019-03-20 23:02 - 004056296 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2019-04-27 18:13 - 2019-03-20 23:02 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:40 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-04-27 18:13 - 2019-03-20 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-04-27 18:13 - 2019-03-20 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-04-27 18:13 - 2019-03-20 22:40 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-04-27 18:13 - 2019-03-20 22:40 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-04-27 18:13 - 2019-03-20 22:40 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-04-27 18:13 - 2019-03-20 22:38 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-04-27 18:13 - 2019-03-20 22:38 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-04-27 18:13 - 2019-03-20 22:38 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-04-27 18:13 - 2019-03-20 22:36 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-04-27 18:13 - 2019-03-20 22:35 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-04-27 18:13 - 2019-03-20 22:35 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-04-27 18:13 - 2019-03-20 22:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-04-27 18:13 - 2019-03-20 22:35 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-04-27 18:13 - 2019-03-16 01:01 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-04-27 18:13 - 2019-03-16 00:58 - 002368000 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-04-27 18:13 - 2019-03-16 00:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-04-27 18:13 - 2019-03-16 00:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-04-27 18:13 - 2019-03-16 00:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-04-27 18:13 - 2019-03-13 12:02 - 000307200 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-04-27 18:13 - 2019-03-13 11:35 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2019-04-27 18:13 - 2019-03-13 11:35 - 000375808 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 001311744 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 000340992 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2019-04-27 18:13 - 2019-03-12 11:34 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 001391616 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-04-27 18:13 - 2019-03-11 18:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-04-27 18:13 - 2019-03-11 18:19 - 000920576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-04-27 18:13 - 2019-03-11 18:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-04-27 18:13 - 2019-03-11 18:19 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2019-04-27 18:13 - 2019-03-05 22:04 - 000918408 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000066000 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000021968 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000018880 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000017360 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000015824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000015296 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000013768 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000013760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000013264 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000012264 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-04-27 18:13 - 2019-03-05 22:04 - 000011200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-04-27 18:13 - 2019-03-04 23:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-04-27 18:13 - 2019-03-04 23:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-04-27 18:13 - 2019-03-04 23:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-04-27 18:13 - 2019-02-21 12:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-04-27 18:13 - 2019-02-21 12:36 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-04-27 18:13 - 2019-02-16 02:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-04-27 18:13 - 2019-02-16 02:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-04-27 18:13 - 2019-02-16 01:10 - 000419608 _____ C:\Windows\system32\locale.nls
2019-04-27 18:13 - 2019-02-15 12:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-04-27 18:13 - 2019-02-15 12:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-04-27 18:13 - 2019-02-15 12:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-04-27 18:13 - 2019-02-15 12:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-04-27 18:13 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-04-27 18:13 - 2019-02-15 12:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-04-27 18:13 - 2019-02-12 12:58 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-04-27 18:13 - 2019-02-12 12:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-04-27 18:13 - 2019-02-10 13:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-04-27 18:13 - 2019-02-10 13:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-04-27 18:13 - 2019-02-08 13:00 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-04-27 18:13 - 2019-02-08 12:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-04-27 18:13 - 2019-02-07 12:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-04-27 18:13 - 2019-02-07 12:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-04-27 18:13 - 2019-02-07 12:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-04-27 18:13 - 2019-02-07 12:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-04-27 18:13 - 2019-02-03 12:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-04-27 18:13 - 2019-01-04 13:00 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-04-27 18:13 - 2019-01-04 12:56 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-04-27 18:13 - 2019-01-04 11:04 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-04-27 18:13 - 2019-01-04 11:04 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-04-27 18:13 - 2018-12-07 23:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-04-27 18:13 - 2018-12-07 23:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-04-27 18:13 - 2018-12-07 23:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-04-27 18:13 - 2018-12-07 23:41 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-04-27 18:13 - 2018-12-07 23:41 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-04-27 18:13 - 2018-12-07 23:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-04-27 18:13 - 2018-12-07 23:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-04-27 18:13 - 2018-12-07 23:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-04-27 18:13 - 2018-12-07 23:41 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-04-27 18:13 - 2018-12-04 12:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-04-27 18:13 - 2018-12-04 12:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-04-27 18:13 - 2018-11-11 13:49 - 000162536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-04-27 18:13 - 2018-10-27 00:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2019-04-27 18:13 - 2018-10-27 00:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2019-04-27 18:13 - 2018-10-27 00:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2019-04-27 18:13 - 2018-10-27 00:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2019-04-27 18:13 - 2018-10-27 00:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2019-04-27 18:13 - 2018-10-27 00:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2019-04-27 18:13 - 2018-10-27 00:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2019-04-27 18:13 - 2018-10-06 12:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-04-27 18:13 - 2018-10-06 12:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-04-27 18:13 - 2018-10-06 12:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-04-27 18:13 - 2018-10-06 12:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-04-27 18:13 - 2018-10-06 12:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-04-27 18:13 - 2018-10-06 12:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-04-27 18:13 - 2018-10-06 10:42 - 001988096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-04-27 18:13 - 2018-09-22 23:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-04-27 18:13 - 2018-09-22 23:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-04-27 18:13 - 2018-09-22 23:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-04-27 18:13 - 2018-09-22 23:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-04-27 18:13 - 2018-09-22 23:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2019-04-27 18:13 - 2018-09-08 21:46 - 000730824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-04-27 18:13 - 2018-09-08 21:46 - 000219336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-04-27 18:13 - 2018-09-08 21:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2019-04-27 18:13 - 2018-09-08 21:42 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-04-27 18:13 - 2018-08-29 22:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2019-04-27 18:13 - 2018-08-28 02:41 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-04-27 18:13 - 2018-08-15 23:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2019-04-27 18:13 - 2018-08-13 18:48 - 000940784 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-04-27 18:13 - 2018-08-12 17:18 - 000240808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-04-27 18:13 - 2018-08-12 17:17 - 001311400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-04-27 18:13 - 2018-08-12 17:17 - 000187560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-04-27 18:13 - 2018-08-12 17:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2019-04-27 18:13 - 2018-08-10 12:41 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-04-27 18:13 - 2018-08-10 12:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-04-27 18:13 - 2018-08-10 12:40 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2019-04-27 18:13 - 2018-08-10 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2019-04-27 18:13 - 2018-08-10 12:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2019-04-27 18:13 - 2018-08-03 12:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2019-04-27 18:13 - 2018-07-29 12:40 - 000751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-04-27 18:13 - 2018-07-18 12:14 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-04-27 18:13 - 2018-07-06 12:54 - 000713408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-04-27 18:13 - 2018-06-29 12:40 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2019-04-27 18:13 - 2018-06-29 12:40 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2019-04-27 18:13 - 2018-06-29 12:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2019-04-27 18:13 - 2018-06-29 12:10 - 000389632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2019-04-27 18:13 - 2018-06-29 12:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2019-04-27 18:13 - 2018-06-27 12:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-04-27 18:13 - 2018-06-08 12:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2019-04-27 18:13 - 2018-06-08 12:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-04-27 18:13 - 2018-06-08 12:54 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2019-04-27 18:13 - 2018-06-08 12:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2019-04-27 18:13 - 2018-05-15 00:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2019-04-27 18:13 - 2018-05-10 21:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-04-27 18:13 - 2018-05-10 21:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2019-04-27 18:13 - 2018-05-02 12:30 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2019-04-27 18:13 - 2018-05-02 12:30 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2019-04-27 18:13 - 2018-05-02 12:29 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2019-04-27 18:13 - 2018-04-25 12:54 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2019-04-27 18:13 - 2018-04-25 12:17 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2019-04-27 18:13 - 2018-04-18 12:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2019-04-27 18:13 - 2018-04-18 12:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2019-04-27 18:13 - 2018-04-18 12:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\hh.exe
2019-04-27 18:13 - 2018-04-10 13:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2019-04-27 18:13 - 2018-04-10 13:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2019-04-27 18:13 - 2018-04-07 13:42 - 000250560 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-04-27 18:13 - 2018-03-14 14:16 - 002953216 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-04-27 18:13 - 2018-03-14 14:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-04-27 18:13 - 2018-03-14 14:10 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 002092032 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-04-27 18:13 - 2018-03-14 13:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-04-27 18:13 - 2018-03-14 13:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-04-27 18:13 - 2018-03-14 13:57 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-04-27 18:13 - 2018-03-06 15:13 - 000148160 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2019-04-27 18:13 - 2018-03-06 15:11 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2019-04-27 18:13 - 2018-03-06 15:11 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2019-04-27 18:13 - 2018-02-22 00:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2019-04-27 18:13 - 2018-02-10 15:49 - 000154304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000104640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000057024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000053440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VIAAGP.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000051904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SISAGP.SYS
2019-04-27 18:13 - 2018-02-10 15:49 - 000046272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000032448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000027840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000021696 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-04-27 18:13 - 2018-02-10 15:49 - 000013504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-04-27 18:13 - 2018-02-10 15:49 - 000011840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-04-27 18:13 - 2018-02-10 15:48 - 000274624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2019-04-27 18:13 - 2018-02-10 15:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AMDAGP.SYS
2019-04-27 18:13 - 2018-02-10 15:48 - 000052928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-04-27 18:13 - 2018-02-10 15:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2019-04-27 18:13 - 2018-02-10 15:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2019-04-27 18:13 - 2018-02-10 15:23 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2019-04-27 18:13 - 2018-02-10 14:36 - 000537600 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2019-04-27 18:13 - 2018-02-10 14:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2019-04-27 18:13 - 2018-02-10 14:36 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2019-04-27 18:13 - 2018-02-10 14:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2019-04-27 18:13 - 2018-02-10 14:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2019-04-27 18:13 - 2018-01-12 13:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2019-04-27 18:13 - 2018-01-12 13:16 - 003405824 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2019-04-27 18:13 - 2017-12-31 23:00 - 001155584 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 001004032 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000269824 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
3:00 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2019-04-27 18:13 - 2017-12-31 23:00 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\wshnetbs.dll
2019-04-27 18:13 - 2017-12-31 22:54 - 000201960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-04-27 18:13 - 2017-12-31 22:54 - 000173288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2019-04-27 18:13 - 2017-12-31 22:50 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-04-27 18:13 - 2017-12-31 22:44 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistHttpTrans.dll
2019-04-27 18:13 - 2017-12-31 22:43 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2019-04-27 18:13 - 2017-12-31 22:43 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2019-04-27 18:13 - 2017-12-31 22:43 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2019-04-27 18:13 - 2017-12-31 22:38 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2019-04-27 18:13 - 2017-12-31 22:38 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2019-04-27 18:13 - 2017-12-31 22:38 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2019-04-27 18:13 - 2017-12-31 22:35 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-04-27 18:13 - 2017-12-05 14:08 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2019-04-27 18:13 - 2017-12-05 14:08 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2019-04-27 18:13 - 2017-12-05 14:08 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2019-04-27 18:13 - 2017-12-05 12:54 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2019-04-27 18:13 - 2017-12-05 12:49 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2019-04-27 18:13 - 2017-11-02 12:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2019-04-27 18:13 - 2017-11-02 12:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2019-04-27 18:13 - 2017-11-02 12:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2019-04-27 18:13 - 2017-11-02 11:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2019-04-27 18:13 - 2017-10-16 19:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2019-04-27 18:13 - 2017-10-11 21:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2019-04-27 18:13 - 2017-10-11 21:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-04-27 18:13 - 2017-09-13 12:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-04-27 18:13 - 2017-09-13 12:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-04-27 18:13 - 2017-09-13 11:53 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2019-04-27 18:13 - 2017-09-08 11:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2019-04-27 18:13 - 2017-09-08 11:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2019-04-27 18:13 - 2017-08-19 12:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2019-04-27 18:13 - 2017-08-16 12:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2019-04-27 18:13 - 2017-08-14 14:35 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2019-04-27 18:13 - 2017-08-13 18:35 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2019-04-27 18:13 - 2017-08-13 18:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2019-04-27 18:13 - 2017-08-11 03:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2019-04-27 18:13 - 2017-08-11 03:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2019-04-27 18:13 - 2017-08-11 03:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2019-04-27 18:13 - 2017-08-11 03:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2019-04-27 18:13 - 2017-08-11 03:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2019-04-27 18:13 - 2017-08-11 03:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2019-04-27 18:13 - 2017-08-11 02:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2019-04-27 18:13 - 2017-07-29 11:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2019-04-27 18:13 - 2017-07-21 11:26 - 000518144 _____ C:\Windows\system32\msjetoledb40.dll
2019-04-27 18:13 - 2017-07-21 11:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2019-04-27 18:13 - 2017-07-21 11:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2019-04-27 18:13 - 2017-07-21 11:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2019-04-27 18:13 - 2017-07-07 12:15 - 000296680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2019-04-27 18:13 - 2017-07-07 12:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2019-04-27 18:13 - 2017-07-01 10:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2019-04-27 18:13 - 2017-06-12 19:29 - 001227264 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2019-04-27 18:13 - 2017-06-12 19:29 - 000444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2019-04-27 18:13 - 2017-06-12 19:29 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2019-04-27 18:13 - 2017-06-12 19:28 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2019-04-27 18:13 - 2017-06-12 19:06 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2019-04-27 18:13 - 2017-06-12 19:06 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2019-04-27 18:13 - 2017-06-12 19:06 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2019-04-27 18:13 - 2017-06-02 04:57 - 000497152 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2019-04-27 18:13 - 2017-05-12 13:25 - 001251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-04-27 18:13 - 2017-05-12 13:25 - 000909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-04-27 18:13 - 2017-05-10 12:16 - 000091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2019-04-27 18:13 - 2017-04-04 11:52 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2019-04-27 18:13 - 2017-03-30 11:58 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2019-04-27 18:13 - 2017-03-10 13:20 - 001508352 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2019-04-27 18:13 - 2017-03-10 13:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2019-04-27 18:13 - 2017-03-10 12:52 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2019-04-27 18:13 - 2017-03-07 13:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2019-04-27 18:13 - 2017-03-03 22:14 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2019-04-27 18:13 - 2017-02-09 13:14 - 000575488 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-04-27 18:13 - 2017-02-09 13:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2019-04-27 18:13 - 2016-11-10 13:19 - 000811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-04-27 18:13 - 2016-10-11 12:18 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2019-04-27 18:13 - 2016-10-11 12:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2019-04-27 18:13 - 2016-10-11 12:18 - 000430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2019-04-27 18:13 - 2016-10-11 12:18 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2019-04-27 18:13 - 2016-10-11 12:18 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2019-04-27 18:13 - 2016-10-11 11:51 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2019-04-27 18:13 - 2016-10-11 10:33 - 000187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2019-04-27 18:13 - 2016-10-07 12:12 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2019-04-27 18:13 - 2016-09-12 17:49 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2019-04-27 18:13 - 2016-09-08 17:34 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2019-04-27 18:13 - 2016-09-08 17:34 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2019-04-27 18:13 - 2016-09-08 11:49 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2019-04-27 18:13 - 2016-08-12 13:21 - 000437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 001178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2019-04-27 18:13 - 2016-08-06 12:15 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2019-04-27 18:13 - 2016-08-06 11:53 - 000199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2019-04-27 18:13 - 2016-08-06 11:53 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2019-04-27 18:13 - 2016-08-06 11:53 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2019-04-27 17:31 - 2019-04-27 17:31 - 000000000 __RSH C:\MSDOS.SYS
2019-04-27 17:31 - 2019-04-27 17:31 - 000000000 __RSH C:\IO.SYS
2019-04-27 16:40 - 2019-04-27 16:40 - 127229528 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2019-04-27 16:29 - 2019-04-27 19:42 - 000000000 ____D C:\Windows\system32\MRT
2019-04-27 16:29 - 2019-04-27 19:33 - 128044056 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-04-27 15:19 - 2017-04-27 19:50 - 003550208 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2019-04-27 15:15 - 2012-07-26 00:21 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2019-04-27 15:15 - 2012-07-26 00:20 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2019-04-27 15:15 - 2012-07-26 00:20 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2019-04-27 15:15 - 2012-07-26 00:20 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2019-04-27 15:15 - 2012-07-26 00:20 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2019-04-27 15:15 - 2012-07-25 23:33 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2019-04-27 15:15 - 2012-07-25 23:32 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2019-04-27 15:15 - 2012-06-02 11:57 - 000000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2019-04-27 15:11 - 2014-06-30 19:14 - 000008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2019-04-27 15:11 - 2014-03-09 18:47 - 000619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2019-04-27 15:11 - 2014-03-09 18:47 - 000099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2019-04-27 15:10 - 2014-06-06 03:16 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2019-04-27 15:09 - 2012-03-01 02:46 - 000019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2019-04-27 15:09 - 2012-03-01 02:29 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2019-04-27 14:33 - 2019-04-27 14:33 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2019-04-27 14:33 - 2019-04-27 14:33 - 000139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2019-04-27 14:33 - 2019-04-27 14:33 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2019-04-27 14:33 - 2019-04-27 14:33 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2019-04-27 14:33 - 2019-04-27 14:33 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2019-04-27 14:32 - 2019-04-27 14:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2019-04-27 14:32 - 2019-04-27 14:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2019-04-27 14:32 - 2019-04-27 14:32 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2019-04-27 14:30 - 2015-07-30 10:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2019-04-27 14:14 - 2019-02-10 13:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-04-27 14:14 - 2019-02-10 13:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-04-27 14:14 - 2019-02-10 13:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-04-27 14:14 - 2019-02-10 13:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-04-27 14:14 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-04-27 14:14 - 2019-02-10 13:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-04-27 14:14 - 2019-02-10 13:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-04-27 14:14 - 2019-02-10 13:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-04-27 14:14 - 2019-02-10 13:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-04-27 14:14 - 2019-02-10 13:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-04-27 14:13 - 2019-02-10 13:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-04-27 14:13 - 2019-02-10 13:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-04-27 14:13 - 2019-02-10 13:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-04-27 14:13 - 2019-02-10 13:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-04-27 14:13 - 2019-02-10 13:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-04-27 14:13 - 2019-02-10 13:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-04-27 14:13 - 2019-02-10 13:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-04-27 14:13 - 2018-11-17 23:59 - 000410080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-04-27 14:13 - 2018-11-17 23:44 - 000535616 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-04-27 14:13 - 2018-11-17 23:44 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-04-27 14:13 - 2018-11-17 23:43 - 000374872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-04-27 14:13 - 2018-11-17 23:43 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-04-27 14:10 - 2013-11-26 05:16 - 003419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2019-04-27 14:07 - 2019-04-01 11:49 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-04-27 14:07 - 2016-04-14 10:49 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2019-04-27 14:07 - 2015-12-08 18:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-04-27 14:07 - 2015-12-08 18:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2019-04-27 14:07 - 2015-12-08 18:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2019-04-27 14:07 - 2015-12-08 18:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2019-04-27 14:07 - 2015-12-08 18:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2019-04-27 14:07 - 2015-12-08 18:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2019-04-27 14:07 - 2015-12-08 18:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2019-04-27 14:07 - 2015-12-08 18:43 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2019-04-27 14:07 - 2015-12-08 18:11 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2019-04-27 14:07 - 2015-12-08 18:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2019-04-27 14:07 - 2015-02-03 23:54 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2019-04-25 00:13 - 2019-04-25 00:13 - 000002024 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbamtray
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\Users\MARCELO\AppData\Local\mbam
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-25 00:13 - 2019-04-25 00:13 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-25 00:13 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-04-24 23:39 - 2019-04-24 23:39 - 000004037 _____ C:\Users\MARCELO\Desktop\Fixlog.txt
2019-04-24 23:32 - 2019-05-05 17:08 - 000000261 _____ C:\DelFix.txt
2019-04-24 23:32 - 2019-04-24 23:32 - 000000000 ____D C:\Windows\ERUNT
2019-04-24 01:10 - 2019-05-06 21:55 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-04-24 01:10 - 2019-04-24 01:10 - 000001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-24 01:10 - 2019-04-24 01:10 - 000001109 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-04-23 15:35 - 2019-04-24 23:38 - 001788928 _____ (Farbar) C:\Users\MARCELO\Desktop\FRST.exe
2019-04-23 00:22 - 2019-04-23 00:23 - 000028447 _____ C:\Users\MARCELO\Desktop\Addition.txt
2019-04-23 00:21 - 2019-04-24 23:38 - 000000000 ____D C:\Users\MARCELO\Desktop\FRST-OlderVersion
2019-04-23 00:19 - 2019-04-23 00:19 - 000001100 _____ C:\Users\MARCELO\fixlist.rar
2019-04-17 18:45 - 2019-04-26 03:25 - 000001054 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-26 03:25 - 000001042 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-04-17 18:45 - 2019-04-26 03:24 - 000000000 ____D C:\Program Files\Glary Utilities 5
2019-04-17 18:45 - 2019-04-17 18:45 - 000025864 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\GlarySoft
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\Users\MARCELO\AppData\Roaming\DiskDefrag
2019-04-17 18:45 - 2019-04-17 18:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 21:55 - 2019-02-24 23:55 - 000000000 ____D C:\ProgramData\Autodesk
2019-05-06 21:55 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-06 21:53 - 2018-12-14 23:53 - 000000917 _____ C:\Windows\Tasks\EPSON L380 Series Update {BED6025A-3492-412D-BE5A-4F9E441E93BF}.job
2019-05-06 21:51 - 2018-12-13 21:21 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Mozilla
2019-05-06 18:53 - 2018-12-14 22:37 - 000005632 ___SH C:\Users\MARCELO\Thumbs.db
2019-05-06 18:39 - 2018-12-12 20:11 - 000000000 ___RD C:\Users\MARCELO
2019-05-06 18:04 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-06 18:04 - 2009-07-14 01:34 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-06 17:59 - 2011-04-11 22:30 - 000747262 _____ C:\Windows\system32\perfh00A.dat
2019-05-06 17:59 - 2011-04-11 22:30 - 000158734 _____ C:\Windows\system32\perfc00A.dat
2019-05-06 17:59 - 2010-11-20 18:01 - 001676342 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-06 17:59 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-05-05 20:23 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\rescache
2019-05-05 12:01 - 2019-02-05 18:17 - 000000000 ____D C:\Program Files\ESET
2019-05-05 00:11 - 2019-02-09 19:13 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-02 14:43 - 2018-12-13 18:27 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 14:43 - 2018-12-13 18:27 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-01 23:43 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\NDF
2019-05-01 23:43 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\registration
2019-05-01 23:09 - 2018-12-14 15:12 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ElevatedDiagnostics
2019-05-01 22:18 - 2009-07-14 01:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-29 00:14 - 2018-12-13 17:17 - 000145152 _____ C:\Users\MARCELO\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-28 11:09 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\AppCompat
2019-04-27 22:42 - 2009-07-14 01:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-04-27 22:40 - 2009-07-14 01:33 - 000511024 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-27 20:50 - 2011-04-11 22:39 - 000000000 ____D C:\Windows\ShellNew
2019-04-27 20:50 - 2009-07-14 01:52 - 000000000 ____D C:\Program Files\DVD Maker
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\Setup
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\migwiz
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-27 20:50 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\System
2019-04-27 20:34 - 2018-12-13 17:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-27 19:55 - 2009-07-13 23:04 - 000000478 _____ C:\Windows\win.ini
2019-04-27 19:11 - 2009-07-13 23:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-27 17:32 - 2018-12-12 16:06 - 000000000 ____D C:\Windows\Panther
2019-04-27 17:28 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\Dism
2019-04-27 17:28 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2019-04-27 17:27 - 2009-07-14 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-04-26 03:34 - 2019-01-12 11:59 - 000000000 ____D C:\AdwCleaner
2019-04-26 03:20 - 2018-12-13 17:32 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-26 03:20 - 2018-12-13 17:32 - 000000000 ____D C:\Program Files\CCleaner
2019-04-25 01:15 - 2018-12-13 18:54 - 000000000 ____D C:\Users\MARCELO\!!NO BORRAR
2019-04-24 01:04 - 2019-01-10 20:01 - 000026492 _____ C:\Users\MARCELO\copia de seguridad registro.reg
2019-04-22 21:05 - 2018-12-13 18:22 - 000000000 ____D C:\Windows Loader
2019-04-22 20:16 - 2018-12-13 17:49 - 000000000 ____D C:\Windows\AutoKMS
2019-04-22 18:50 - 2018-12-15 20:36 - 000000000 ____D C:\Users\MARCELO\AppData\Local\ESET
2019-04-22 02:04 - 2018-12-17 19:54 - 000000000 ____D C:\Users\MARCELO\AppData\LocalLow\Temp
2019-04-11 02:15 - 2018-12-17 20:06 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-09 22:30 - 2019-02-09 19:13 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2019-04-09 22:30 - 2019-02-09 19:13 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-04-06 04:35 - 2018-12-27 17:11 - 000001268 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-06 04:35 - 2018-12-27 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories =======

2019-01-10 20:01 - 2019-04-24 01:04 - 000026492 _____ () C:\Users\MARCELO\copia de seguridad registro.reg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-17 17:48
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-05-2019
Ran by MARCELO (06-05-2019 21:57:29)
Running from C:\Users\MARCELO\!!NO BORRAR\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2018-12-12 23:11:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1166572213-2147164125-1135358989-500 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1166572213-2147164125-1135358989-1002 - Limited - Enabled)
Invitado (S-1-5-21-1166572213-2147164125-1135358989-501 - Limited - Disabled)
MARCELO (S-1-5-21-1166572213-2147164125-1135358989-1000 - Administrator - Enabled) => C:\Users\MARCELO

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{7758802D-9486-4883-9927-CCAC366A3BA4}) (Version: 7.2.3.1800 - Autodesk)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5002-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Photoshop CS6 versión 13.0.1 (HKLM\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Aplicación de escritorio de Autodesk (HKLM\...\Autodesk Desktop App) (Version: 7.0.12.84 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2017 (HKLM\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
aTuner (remove only) (HKLM\...\aTuner) (Version: aTuner 1.9.85 - )
AutoCAD 2017 - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-2002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017  Language Pack - Español (Spanish) (HKLM\...\{28B89EEF-0001-040A-1002-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0002-CF3F3A09B77D}) (Version: 21.0.104.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - Español (Spanish) (HKLM\...\AutoCAD 2017 - Español (Spanish)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 SP 1 (HKLM\...\AutoCAD 2017 SP1) (Version: 21.0.104.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 32 bit (HKLM\...\{A65662B5-45CC-41D3-AEDC-1448577664EE}) (Version: 4.37.6853 - Autodesk)
Autodesk Material Library 2017 (HKLM\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Desinstalar impresora EPSON L380 Series (HKLM\...\EPSON L380 Series) (Version:  - Seiko Epson Corporation)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Epson Customer Research Participation (HKLM\...\{B26449A6-6007-4460-B4FE-C4776115BCEA}) (Version: 1.83.0000 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM\...\{922E2D91-9314-45AA-9AEF-E585F93B59A9}) (Version: 2.6.1.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{006C8256-3855-43BF-8BA5-4B4C40F41F71}) (Version: 3.10.0065 - Seiko Epson Corporation)
Epson Scan 2 (HKLM\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Glary Utilities 5.118 (HKLM\...\Glary Utilities 5) (Version: 5.118.0.143 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Importación de SketchUp 2016-2017 (HKLM\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manual Epson L380 (HKLM\...\UsersGuideManual Epson L380_is1) (Version: 1.0 - Epson America, Inc.)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.4 (x86 es-AR) (HKLM\...\Mozilla Firefox 66.0.4 (x86 es-AR)) (Version: 66.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.4.7063 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x86) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Skype versión 8.42 (HKLM\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{90150000-012B-0C0A-0000-0000000FF1CE}_Office15.PROPLUS_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version:  - Microsoft)
WinRAR 5.40 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1166572213-2147164125-1135358989-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2016-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX32.dll [2019-02-07] (Mega Limited -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-04-25 00:13 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-25 00:13 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-05-05 17:12 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1166572213-2147164125-1135358989-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCELO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: EpsonCustomerResearchParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\startupfolder: C:^Users^MARCELO^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files\Microsoft\Skype for Desktop\Skype.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{555BF5BF-EED7-489C-A470-33EEC61B81FD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{719EEB3C-D9EC-4362-B4ED-43543CEC83A2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

03-05-2019 12:00:51 Restore Point Created by FRST
05-05-2019 17:12:33 Restore Point Created by FRST
05-05-2019 19:00:13 Copias de seguridad de Windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2019 09:57:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x8ac
Hora de inicio de la aplicación con errores: 0x01d5046fe5656c80
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 23334aa0-7063-11e9-982a-00e04d7348e8

Error: (05/06/2019 08:06:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000fffe
Id. del proceso con errores: 0x5dc
Hora de inicio de la aplicación con errores: 0x01d50460518a18d0
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 940fb2a0-7053-11e9-b756-00e04d7348e8

Error: (05/06/2019 05:56:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x5cc
Hora de inicio de la aplicación con errores: 0x01d5044e3e94b170
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 7c628f90-7041-11e9-b756-00e04d7348e8

Error: (05/06/2019 05:56:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0xcd0
Hora de inicio de la aplicación con errores: 0x01d5044e3e6515f0
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 7c37b6d0-7041-11e9-b756-00e04d7348e8

Error: (05/06/2019 05:55:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x978
Hora de inicio de la aplicación con errores: 0x01d5044e1a09d5b0
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 57d55270-7041-11e9-b756-00e04d7348e8

Error: (05/06/2019 05:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0xeec
Hora de inicio de la aplicación con errores: 0x01d5044e19dc9b90
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 57aa79b0-7041-11e9-b756-00e04d7348e8

Error: (05/06/2019 05:54:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000fffe
Id. del proceso con errores: 0x7b0
Hora de inicio de la aplicación con errores: 0x01d5044df5bc4940
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 338eea20-7041-11e9-b756-00e04d7348e8

Error: (05/06/2019 05:54:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x8f0
Hora de inicio de la aplicación con errores: 0x01d5044df57e6580
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 334ea500-7041-11e9-b756-00e04d7348e8


System errors:
=============
Error: (05/05/2019 05:13:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error: 
Ya se está ejecutando una instancia de este servicio.

Error: (05/05/2019 05:12:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Search terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (05/05/2019 05:12:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (05/05/2019 05:12:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Malwarebytes Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 5000 milisegundos: Reiniciar el servicio.

Error: (05/05/2019 05:12:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/05/2019 05:12:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Autodesk Desktop App Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (05/05/2019 03:29:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: El servidor {B77C4C36-0154-4C52-AB49-FAA03837E47F} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (05/03/2019 12:01:19 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: El Administrador de control de servicios intentó realizar una acción correctora (Reiniciar el servicio) después de la terminación inesperada del servicio Windows Search, pero ocurrió el siguiente error: 
Ya se está ejecutando una instancia de este servicio.


==================== Memory info =========================== 

BIOS: Phoenix Technologies, LTD 6.00 PG 12/05/2007
Motherboard: BIOSTAR Group N61PA-M2S
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+
Percentage of memory in use: 53%
Total physical RAM: 2942.55 MB
Available physical RAM: 1372.36 MB
Total Virtual: 5883.48 MB
Available Virtual: 4289.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:124.66 GB) (Free:74.69 GB) NTFS
Drive d: () (Fixed) (Total:806.75 GB) (Free:732.77 GB) NTFS

\\?\Volume{980f26a4-fe62-11e8-8ff8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=806.8 GB) - (Type=05)

==================== End of Addition.txt ============================
Log.txt del ESET

17:25:16 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
17:25:50 Updating
17:25:50 Update Init
17:26:04 Update Download
17:29:30 esets_scanner_reload returned 0
17:29:30 g_uiModuleBuild: 41287
17:29:30 Update Finalize
17:29:30 Call m_esets_charon_send
17:29:30 Call m_esets_charon_destroy
17:29:30 Updated modules version: 41287
17:29:43 Call m_esets_charon_setup_create
17:29:43 Call m_esets_charon_create
17:29:43 m_esets_charon_create OK
17:29:43 Call m_esets_charon_start_send_thread
17:29:43 Call m_esets_charon_setup_set
17:29:43 m_esets_charon_setup_set OK
17:29:43 Scanner engine: 41287
18:10:54 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
18:12:45 Updating
18:12:45 Update Init
18:12:58 Update Download
18:13:45 esets_scanner_reload returned 0
18:13:45 g_uiModuleBuild: 41298
18:13:45 Update Finalize
18:13:45 Call m_esets_charon_send
18:13:45 Call m_esets_charon_destroy
18:13:45 Updated modules version: 41298
18:13:58 Call m_esets_charon_setup_create
18:13:58 Call m_esets_charon_create
18:13:58 m_esets_charon_create OK
18:13:58 Call m_esets_charon_start_send_thread
18:13:58 Call m_esets_charon_setup_set
18:13:58 m_esets_charon_setup_set OK
18:13:58 Scanner engine: 41298
21:53:31 Call m_esets_charon_send
21:53:31 Call m_esets_charon_destroy
21:53:32 Call m_esets_charon_send
21:53:32 Call m_esets_charon_destroy
22:04:14 # product=EOS
# version=8
# ESETOnlineScanner_ESL.exe=3.0.17.0
# country="Spain"
# lang=13322
22:14:53 Call m_esets_charon_send
22:14:53 Call m_esets_charon_destroy

Hola Sandra, no me llega nada

Hola no te preocupes, cuando edito los reportes que pegas, va los ordeno para poder verlos bien parece que te llega una notificación de la edición.

Estoy trabajando con tus reportes a la brevedad te coloco pasos a seguir.

Salu2

puedo reinstalar el Nod 32? me siento desprotegiado jajjajaja

Hola:

Espera un poquito que encontremos el problema, ademas en el navegador tienes la extensión de Malwarebytes.:grinning:

Estoy :stuck_out_tongue_winking_eye::sunglasses: de leer tus reportes :rofl:

Salu2

Hola @Marcelo_Bianchi

Creo que pesque el error, el tema es que son archivos de Windows.

1.- Descarga SystemLook desde tu escritorio desde uno de los siguientes enlaces, según la arquitectura de tu Sistema Operativo.

Como saber si Mi Windows es de 32 o de 64 Bits ?

Una vez descargado realiza lo siguiente:

  • Doble clic al archivo SystemLook para ejecutarlo.(Si usas Windows Vista, 7/8/10 presiona clic derecho y selecciona “Ejecutar como Administrador.”)

  • Copia y pegua el texto del recuadro de aquí abajo en la ventana del programa y pulsa en Look.

:filefind  
*ntvdm*
            

  • Espera unos minutos hasta que finalice la búsqueda.
  • Al terminar se activará nuevamente el botón Look

Nota: Se guardará un reporte de nombre SystemLook.txt en el escritorio.

Lo pegas en tu próxima respuesta.

2.- Realiza un sfc/scannow de acuerdo a los pasos del enlace para Windows 7.

Nos comentas si te da algún error.

Salu2.

Hola Sandra, aca va lo de Sistemlook:

SystemLook 30.07.11 by jpshortstuff
Log created at 04:25 on 07/05/2019 by MARCELO
Administrator - Elevation successful

========== filefind ==========

Searching for "*ntvdm*"
C:\Windows\Prefetch\NTVDM.EXE-F6564EE5.pf	--a---- 18930 bytes	[23:14 05/05/2019]	[07:25 07/05/2019] 6F039BD24851A751B0BB12542DAA07CC
C:\Windows\System32\ntvdm.exe	--a---- 526848 bytes	[23:21 13/07/2009]	[01:14 14/07/2009] 66F516A78C1D220FE0F429DF5EF0DE5D
C:\Windows\System32\ntvdmd.dll	--a---- 14848 bytes	[23:20 13/07/2009]	[01:16 14/07/2009] 2476608083BAAFEEC6EF1B0D0AC6CCFC
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7.manifest	--a---- 114084 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 0F275E9423A6D73AE0FA8B77F5B86032
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ansi.sys_0ab64f64	--a---- 9029 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 8AAD333C876590293F72B315E162BCC7
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_append.exe_511080a0	--a---- 12498 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D753EEE17725526A67ACDDAA5D63EF68
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_autoexec.bat_6d6f4bc5	--a---- 24 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D9EBEC6668A6092FCBD1713C347AA5E0
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_autoexec.nt_36d298da	--a---- 1688 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 30475F091008E24550523515A023270D
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_bios1.rom_265d2348	--a---- 28420 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 84BDB1E378591D930482B896A1648C53
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_bios4.rom_1dd00913	--a---- 8191 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] B44C4C9CA9D4BCC8430F3276576F562B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_comm.drv_058e064e	--a---- 10544 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 01B656374912D7CCF7465A3893F18982
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_command.com_a0d51f6e	--a---- 50648 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] BA597F9A4BB90F038266CE1A3C3BE3FB
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_commdlg.dll_978ad2f3	--a---- 32816 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] FF924F8AD691F25E5772B6E1A635831A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_config.nt_21a63582	--a---- 2577 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 01C47C2ECED034EF6F8C1552A97CFF00
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_config.sys_6a800f3d	--a---- 10 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] ED4FC5980BD8B1AD869FF725C7776338
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_country.sys_47c0695d	--a---- 27097 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 0FE9F16075C9ACB941C957B7C649176E
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_csrstub.exe_f65f4340	--a---- 47616 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 332F1F851FE2E705E400B1DD6F21BE6B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ctl3dv2.dll_68361404	--a---- 27200 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 637D88E7A1BEDC4457C80DBC8BA9F135
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ddeml.dll_aefb322e	--a---- 39424 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] CC91779ED74FAE851CD3EA7541DDE488
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_debug.exe_bdafe3af	--a---- 20634 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] C17AFA0AAD78C621F818DD6729572C48
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_dosx.exe_0289485c	--a---- 53600 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 03783D0840B2C54D7665248425C74417
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_drwatson.exe_8001ab8e	--a---- 28112 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 789F63C7978AD84A2214D3AA3BF0F609
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_edit.com_fc89ce91	--a---- 69886 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] F6E368E10B600836DD349FF937B183A2
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_edit.hlp_fc89d044	--a---- 10790 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 8AA8DCC96FA0492E3B5D415537FAB8FE
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_edlin.exe_420aa87c	--a---- 12642 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] B7A0AA49CBB604B2C3A42A49C36D8A4F
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ega.cpi_fd506cb1	--a---- 127213 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 52E91EAC2F3175B1A5B0150382B6D771
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_exe2bin.exe_584b170f	--a---- 8424 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 683626544E81387771ED55E1A0F2047B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_fastopen.exe_34b8aa0e	--a---- 882 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 68062C0ECE86AB7801B5B47FDC855A06
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_gdi.exe_f661b558	--a---- 24576 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 80E15C136F95800C9172E610AA96D9C2
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_graftabl.com_a9c93904	--a---- 58880 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] A84EF6BA5248BC34683DDC5495563254
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_graphics.com_d370dbdc	--a---- 19694 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 6E4E7884E6489AC4F5E6DAB176A73E52
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_graphics.pro_d370dfe0	--a---- 21232 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] BC33AA625D6B807F718627386DF78426
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_himem.sys_117e20f5	--a---- 4768 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] E6BC0F98FECEF245A0010D350C1A0B9B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_kb16.com_ec87df0f	--a---- 14710 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 4D7E256377A5E934EA1820B2CEA79131
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_key01.sys_85b042b3	--a---- 42809 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 492090267B9608C62B956CD29BE3AFB7
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_keyboard.drv_a8ade301	--a---- 2000 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] ED4BF709AAD8B665075DE06A0945B030
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_keyboard.sys_a8ade77e	--a---- 42537 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] FBBCFEC1379C5C02D88A361993EDF1B8
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_krnl386.exe_4fdf83ba	--a---- 92320 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 2F6B026C02CAAD3768FEEB6172A1C037
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_lanman.drv_b65845fb	--a---- 221600 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 774D60CB0AD198F493CEFC9057755A05
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_loadfix.com_26a53d88	--a---- 1131 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 536460507B20AE0F03D7BEE8111028CF
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_lzexpand.dll_e8135238	--a---- 9936 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] C7F038338BF55DE73B57C1FC7B23671A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_mem.exe_e5748c01	--a---- 39274 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 390762963E6B4C861E5E0CA5A3E56E40
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_mmsystem.dll_3ad74af3	--a---- 68992 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] F71B2CD664E53E6525AB636DB91320F6
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_mmtask.tsk_f97d0de1	--a---- 1152 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] AAB73D4BF9CFED0DCDD00A11133751C6
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_mouse.drv_27155db9	--a---- 2032 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 7D29780AC88BB7292CDCFF71BA67433D
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_mscdexnt.exe_8f9c39da	--a---- 718 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 52C7505D68C3CE8496EC8DC17D8FF75A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_netapi.dll_5b56af87	--a---- 108464 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D8F01AB82D5699A6A278651777D00B67
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_nlsfunc.exe_68d576d3	--a---- 7052 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 5E835121A3899CFA37E285E0CA2B4E7D
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntdos.sys_9a5df81f	--a---- 27866 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] FFFF296A08DBF2AC0126C62E3778AC0D
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntdos404.sys_15fe7d3b	--a---- 29146 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] CF9ED169FF86D935E47999E82359E898
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntdos411.sys_15f27a47	--a---- 29370 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 03B945AC0481CD8BB161C3569D8ED1C3
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntdos412.sys_15f37a86	--a---- 29274 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] BBC957DC18C17CC027EB80B7C77F2AEA
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntdos804.sys_1742ccf7	--a---- 29146 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 3CFFAEFFF23B0D208214A6D3061A5B1B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntio.sys_e7eec263	--a---- 33952 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 2E4112FB7D1B76E11ADFD7487B5D0E95
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntio404.sys_7b92243f	--a---- 34672 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] A98EBD4C2DF983665BF2D1AF49949974
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntio411.sys_7bfe3ed3	--a---- 35776 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 3F7E6406EDEF197C5CAAB2240EEF6F48
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntio412.sys_7bf53c9c	--a---- 35536 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 3E64D681B776CC57BDC38A46D881F85B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntio804.sys_702b56a3	--a---- 34672 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D86B6435729231C171432B4E77801BDB
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntvdm.exe_aacb2a51	--a---- 526848 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 66F516A78C1D220FE0F429DF5EF0DE5D
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ntvdmd.dll_b88af79f	--a---- 14848 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 2476608083BAAFEEC6EF1B0D0AC6CCFC
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_olecli.dll_1780cf38	--a---- 82944 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D475029D732983ED962A8FF61688C912
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_olesvr.dll_fde98489	--a---- 24064 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 16BF834A84A7DC0D24EDC8E924C90637
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_pmspl.dll_dd9ffb24	--a---- 46592 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 57F8A50513E43AAF6A7B23389E389BBC
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_redir.exe_fc890e02	--a---- 2842 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] BBB40CA86B88918864D16CFAC9D4ABA4
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_setver.exe_7abd3967	--a---- 11753 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] AD7B906FC883959E56E210B2B077CA00
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_share.exe_bbb4488d	--a---- 882 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 68062C0ECE86AB7801B5B47FDC855A06
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_shell.dll_a7964274	--a---- 5120 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] DC8A8C47542EDD026AD8F4AC3D6C2292
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_sound.drv_c00d29cf	--a---- 1744 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 028A1F74926DC3DF2D9629EDC9AEBAFB
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_sysedit.exe_9abddcf9	--a---- 18896 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 283CAD5E151AE7C73D7F733D527D774E
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_system.drv_96e90a3f	--a---- 3360 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 4A00D59AE6D75BDFC2C8E5182C4B1376
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_timer.drv_2f83cbbb	--a---- 4048 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 9E7425234ADDEDABC7BF7ADDAFD72FD9
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_toolhelp.dll_df77ee65	--a---- 13888 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] C86363C599E5D6836C21A3A3FD21C388
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_user.exe_d3d0cbc9	--a---- 47840 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] C2520B98C8658C73C138F9B26E203322
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_v7vga.rom_81df89e1	--a---- 18832 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 86491AD7BC0964089CD4E703E65D45DB
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_vdmredir.dll_6eee2d39	--a---- 19456 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] EC5BFD7B7269B60AE30A103105C71C1A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_ver.dll_cba0311d	--a---- 9008 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D022D32A7BCB0B54C34BD687AC00564C
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_vga.drv_ccdb802e	--a---- 2176 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 9C86BBB80450AF95B6A4EA8EBDA93D76
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_wfwnet.drv_0736bd8b	--a---- 12704 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 19006F183E6B5CBB5C078CDA84208C3A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_wifeman.dll_9e49fa7b	--a---- 9216 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 51331D29F13FDA16832DC5EE8FF9B781
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_win.com_ca2eda11	--a---- 6656 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 9DB8E7776F8BB7804FDF5AFEE864E60E
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_win87em.dll_15e1bccd	--a---- 13312 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] C980C971AD4FF3CA5CEFDEF40932D3A1
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_winhelp.exe_95101231	--a---- 256192 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 8E6F7D51A5CB299C25621C6C1AB57E84
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_winnls.dll_6aeb9b19	--a---- 5120 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 37F4D55260E037EE9862D0AF93348755
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_winoldap.mod_b5cc0008	--a---- 2080 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] D921984A32D169528FF68856FDF7C89E
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_winsock.dll_75ed695a	--a---- 2864 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 68485C5EF0E2EFCEBF21BBB1042B823B
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_winspool.exe_af5728df	--a---- 2112 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 63F707D29CCF28A1F0D098EF44782F1A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_wow32.dll_b25ca40a	--a---- 282112 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 0C8247724AF880A1EAB538885B58F7E0
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_wowdeb.exe_6873642a	--a---- 2864 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] 186D762610633E21A1F55EFF15D458B4
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7_wowexec.exe_2490d926	--a---- 8960 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] EAA2E8631395435976C402FF68BEF283
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7__default.pif_dda35fa9	--a---- 707 bytes	[21:34 20/11/2010]	[21:31 20/11/2010] B317B33694BAC49D492DD3F23E374899
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58.manifest	--a---- 13521 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 35B04AD4FC49F95F6F4270961C8ADC0A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_commdlg.dll_978ad2f3	--a---- 32816 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] FF924F8AD691F25E5772B6E1A635831A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_keyboard.drv_a8ade301	--a---- 2000 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] ED4BF709AAD8B665075DE06A0945B030
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_lzexpand.dll_e8135238	--a---- 9936 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] C7F038338BF55DE73B57C1FC7B23671A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_mmsystem.dll_3ad74af3	--a---- 68992 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] F71B2CD664E53E6525AB636DB91320F6
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_mmtask.tsk_f97d0de1	--a---- 1152 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] AAB73D4BF9CFED0DCDD00A11133751C6
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_mouse.drv_27155db9	--a---- 2032 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 7D29780AC88BB7292CDCFF71BA67433D
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_olecli.dll_1780cf38	--a---- 82944 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] D475029D732983ED962A8FF61688C912
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_olesvr.dll_fde98489	--a---- 24064 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 16BF834A84A7DC0D24EDC8E924C90637
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_shell.dll_a7964274	--a---- 5120 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] DC8A8C47542EDD026AD8F4AC3D6C2292
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_sound.drv_c00d29cf	--a---- 1744 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 028A1F74926DC3DF2D9629EDC9AEBAFB
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_stdole.tlb_b98026b1	--a---- 5532 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 1F9DDB16AD23573BEE7F8D0DFC7201BD
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_system.drv_96e90a3f	--a---- 3360 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 4A00D59AE6D75BDFC2C8E5182C4B1376
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_timer.drv_2f83cbbb	--a---- 4048 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 9E7425234ADDEDABC7BF7ADDAFD72FD9
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_ver.dll_cba0311d	--a---- 9008 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] D022D32A7BCB0B54C34BD687AC00564C
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_vga.drv_ccdb802e	--a---- 2176 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 9C86BBB80450AF95B6A4EA8EBDA93D76
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58_wfwnet.drv_0736bd8b	--a---- 12704 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 19006F183E6B5CBB5C078CDA84208C3A
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-vdmdbg_31bf3856ad364e35_6.1.7600.16385_none_4ea374e2e5067833.manifest	--a---- 2187 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] C7BDAEB1FAEAC832732CF1E5A0C32FF3
C:\Windows\winsxs\Backup\x86_microsoft-windows-ntvdm-vdmdbg_31bf3856ad364e35_6.1.7600.16385_none_4ea374e2e5067833_vdmdbg.dll_232a4cf0	--a---- 16896 bytes	[02:19 14/07/2009]	[02:18 14/07/2009] 8E79090CB0987CA102E845341E052537
C:\Windows\winsxs\Manifests\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7.manifest	--a---- 114084 bytes	[21:24 20/11/2010]	[21:24 20/11/2010] 0F275E9423A6D73AE0FA8B77F5B86032
C:\Windows\winsxs\Manifests\x86_microsoft-windows-ntvdm-system_31bf3856ad364e35_6.1.7600.16385_none_20246c0c81526e58.manifest	--a---- 13521 bytes	[02:03 14/07/2009]	[01:49 14/07/2009] 35B04AD4FC49F95F6F4270961C8ADC0A
C:\Windows\winsxs\Manifests\x86_microsoft-windows-ntvdm-vdmdbg_31bf3856ad364e35_6.1.7600.16385_none_4ea374e2e5067833.manifest	--a---- 2187 bytes	[02:03 14/07/2009]	[01:50 14/07/2009] C7BDAEB1FAEAC832732CF1E5A0C32FF3
C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\ntvdm.exe	--a---- 526848 bytes	[23:21 13/07/2009]	[01:14 14/07/2009] 66F516A78C1D220FE0F429DF5EF0DE5D
C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.1.7601.17514_none_0014e305d0cff0a7\ntvdmd.dll	--a---- 14848 bytes	[23:20 13/07/2009]	[01:16 14/07/2009] 2476608083BAAFEEC6EF1B0D0AC6CCFC

-= EOF =-

y te paso un print de lo que dio el scannow:

Ya te paso lo que me da cuando ingreso a esa dir que aparece ahí. No me deja enviarlo, me dice algo de que no puedo tener mas de 10 usuarios en un post ?¿?¿?¿

Hola @Marcelo_Bianchi

Tienes el dvd de tu Sistema Operativo o la licencia original? Ya que si no tienes el DVD se puede descargar la iso desde Microsoft y podemos quemar la .iso para intentar reparar el SO, (pero pide la licencia)

Sobre el log puedes subirlo a algún sitio tipo Dropbox? y me colocas el enlace.


Tambien ve a la carpeta:

C:\Windows\Prefetch

Dentro de la carpeta busca y elimina el archivo:

C:\Windows\Prefetch**NTVDM.EXE**

Lo eliminas (solo a el) y vacías la papelera.

Reinicias y nos comentas.

Salu2

Aqui va el log subido a google drive:

https://drive.google.com/drive/folders/1IcLnINmq3R8h0qAA_183IjyAanhqyqPO?usp=sharing

Eliminé el archivo, vacié la papelera y reinicié, las ventanas cargosas, siguen.

Con respecto al SO, me lo colocó un tecnico en diciembre pq no se por cual motivo no me dejaba usar mis ISOs, obviamente debe ser pirata, yo tengo 3 ISOs, obviamente piratas, 2 que son de los alivianados y una es full, no se si seran útiles.

Ahora me aparece un cartel de que NTVDM.EXE dejo de funcionar

Hola @Marcelo_Bianchi

Te pido un poco de paciencia que el log tiene mas de 100 paginas tengo para leer bastante…:rofl:


El error que te muestra la ventana ya existía en tu equipo aunque tu no lo vieras ya lo mostraba FRST, ya que no puede ser por eliminar el de la carpeta Prefetch ya que esos se pueden eliminar todos, solo harían que tu equipo inicie un poco mas lentos por unos reinicios nada mas.

Esto es lo que me ha hecho sospechar de el, ademas esta directamente relacionado con el proceso taskhost.exe y posiblemente con tu error.

Application errors:
==================
Error: (05/06/2019 09:57:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ntvdm.exe, versión: 6.1.7600.16385, marca de tiempo: 0x4a5bc158
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000ffff
Id. del proceso con errores: 0x8ac
Hora de inicio de la aplicación con errores: 0x01d5046fe5656c80
Ruta de acceso de la aplicación con errores: C:\Windows\system32\ntvdm.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: 23334aa0-7063-11e9-982a-00e04d7348e8

Se que tu sistema es un:

Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)

Pero sabes si es un Modificado/ retocado o un SO completo?

Ve a Inicio >>> Ejecutar >>> escribe winver

Tomas una imagen y la subes.


Descarga el archivo que te dejo adjunto y lo ubicas en la raiz de C: debe quedar

C:\taskhost.exe

El archivo es de mi equipo así que esta limpio.

Luego te doy los pasos a seguir (tenemos que reemplazar archivos de sistema que no pudo reparar el comando) ya que tengo que terminar el log pero va apareciendo lo siguiente:

2019-05-07 15:08:57, Info CSI 00000189 [SR] **Cannot repair** member file [l:24{12}]"**taskhost.exe**" of Microsoft-Windows-TaskHost, Version = 6.1.7601.18010, pA =

2019-05-07 15:08:57, Info CSI 0000018d [SR] Could not reproject corrupted file [ml:520{260},l:46{23}]"\??\C:\Windows\System32"\[l:24{12}]"**taskhost.exe**"; source file in store **is also corrupted**

taskhost.exe (48 KB)

Salu2