W10-Windows Defender/Servicio Detenido

Facundo, creo que contesté donde no era… decía allí que el MB Anti-Rootkit no mostró ninguna infección -análisis en modo seguro W10- y anexo encontrarás el resultado de Rkill. También que ya puedo ejecutar el CMD y el PowerShell como administrador, una función que se había perdido. Saludos y muchas gracias!

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2020 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/13/2020 09:40:52 AM in x64 mode.
Windows Version: Windows 10 Education 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\SysWOW64\ufdsvc.exe (PID: 2948) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1       localhost

Program finished at: 09/13/2020 09:41:50 AM
Execution time: 0 hours(s), 0 minute(s), and 58 seconds(s)

Pega el reporte de Malwarebytes Anti-Rootkit para revisar.

El Malwarebytes Anti-Rootkit generó el siguiente reporte:

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2020.09.13.04
  rootkit: v2020.09.13.04

Windows 8 x64 NTFS (Safe Mode)
Internet Explorer 11.508.19041.0
Joseph :: DESKTOP-I4EA06H [administrator]

13/09/2020 9:54:04 a. m.
mbar-log-2020-09-13 (09-54-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 249285
Time elapsed: 9 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0

Physical Sectors Detected: 0
(No malicious items detected)

(end)

@Jorge2121 que Antivirus tenias instalado antes de MalwareBytes en su version Premium?

@Facundo desinstalando el MalwareBytes Premium fue que sucedido este incidente…

Descarga la herramienta de Desinstalación para Malwarebytes, la encontraras en el siguiente manual, descarga dependiendo la versión que tuviste en ese momento, y reinicias el equipo al finalizar y compruebas si se activa Windows Defender.

1 me gusta

@Facundo Lo que observo acá es que el desinstalador para MB llega hasta la generación 3. El MB instalado es de última generación 4.2… no será que tal vez realice una desinstalación imperfecta, dejando muchos rastros y errores en el sistema? Salu2

Prueba con la version 3, a ver que nos dice, ya que no existe un Desinstalador externo para la version 4 aun.

@Facundo Gracias por tu interés y colaboración. Seguimos igual aunque desinstalé, reinicié y volví a pasar el mb-clean-3.1.0.1035 y volví a reiniciar. Este es el resultado:

2020-09-13 14:32:50.428   mb-clean:3.1.0.1035  @ Malwarebytes. All rights reserved.
2020-09-13 14:32:55.006   No Malwarebytes software installed.
2020-09-13 14:33:04.068   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2020-09-13 14:33:04.068   Trying to delete REG key: HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon
2020-09-13 14:33:04.068   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2020-09-13 14:33:04.068   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2020-09-13 14:33:04.068   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2020-09-13 14:33:04.084   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2020-09-13 14:33:04.084   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2020-09-13 14:33:09.709   Trying to delete path C:\ProgramData\Malwarebytes\
2020-09-13 14:33:09.709   Cannot delete path C:\ProgramData\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2020-09-13 14:33:09.709   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2020-09-13 14:33:09.709   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:(The system cannot find the path specified.(error=3))
2020-09-13 14:33:09.709   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2020-09-13 14:33:09.709   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:(The system cannot find the path specified.(error=3))
2020-09-13 14:33:09.709   --------END OF LOG FILE ----------

Entra a VirusTotal y clickea en “Choose file

Y busca la siguiente direccion en el Explorador de Archivos: C:\Windows\SysWOW64 y sube el archivo llamado ufdsvc.exe

Se escaneara el archivo con varios motores de Antivirus/Anti-Malware y sabremos si es un falso positivo o si es un malware.

Nos pegas el enlace al finalizar el analisis online o nos envias captura de los antivirus que han detectado.

@Facundo Anexo enlace de VirusTotal:

Resultado VirusTotal

Muchas gracias!!!

Así estamos en este momento:

Hola de nuevo @Jorge2121.

Vamos a revisar esa maquina para ver que mas encontramos, :face_with_monocle: ahora sigue estos pasos :

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:)

:two: Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer o Responsabilidad, pulsamos Yes/Si

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

2 Me gusta

Hola @JavierHF Muchas gracias por contestar. Ese procedimiento ya lo había hecho antes de publicar mi consulta… pero no resultó… Ver Aquí Solo que uno de los programas luego borró todo… creo que fue el DelFix:

# DelFix v1.013 - Logfile created 13/09/2020 at 08:20:54
# Updated 17/04/2016 by Xplode
# Username : Joseph - DESKTOP-I4EA06H
# Operating System : Windows 10 Enterprise  (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Joseph\Desktop\Addition.txt
Deleted : C:\Users\Joseph\Desktop\Fixlog.txt
Deleted : C:\Users\Joseph\Desktop\FRST.txt
Deleted : C:\Users\Joseph\Desktop\FRST64.exe

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########

El único antivirus que tengo es el Windows Defender, pero como el servicio está detenido, diría que no tengo antivirus en este momento… Volveré a intentar y en un rato subo los reportes. Muchas gracias!!!

Hola.

Delfix sirve para hacer backups del registro o desinstalar las herramientas y eso NO era lo que tenias que hacer.

Sigue mis indicaciones para valorar los informes y darte nuevas indicaciones.

Saludos.

1 me gusta

Hola @JavierHF Restricciones propias del Foro no me permitieron contestar inmediatamente.

<You’ve reached the maximum number of replies a new user can create on their first day. Please wait 15 hours before trying again.>

Anexo los informes en cuatro (4) partes. Saludos y muchas gracias!!! FRST.txt Parte No. 01 de 03

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 13-09-2020

Ejecutado por Joseph (administrador) sobre DESKTOP-I4EA06H (13-09-2020 17:53:53)

Ejecutado desde C:\Users\Joseph\Desktop

Perfiles cargados: Joseph

Platform: Windows 10 Education Versión 2004 19041.508 (X64) Idioma: Español (México)

Navegador predeterminado: Edge

Modo de Inicio: Normal

Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

================= Procesos (Lista blanca) =============

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe

(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe

(Generic) [Archivo no firmado] C:\Windows\SysWOW64\ufdsvc.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>

(Microsoft) [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDockTray.exe

(Stardock Corporation -> Stardock) C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe

(Stardock) [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN

HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4854200 2018-05-25] (Stardock Corporation -> Stardock Corporation) [Archivo no firmado] [El archivo está en uso]

HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)

HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-05-19] (Adobe Inc. -> Adobe Systems Inc)

HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{AC76BA86-0000-0000-7760-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat DC\Esl\Aiod.dll [2020-05-19] (Adobe Inc. -> Adobe Systems, Inc.)

Startup: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2020-06-26]

ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock Plus\ObjectDock.exe (Stardock Corporation -> Stardock)

GroupPolicy: Restricción ? <==== ATENCIÓN

GroupPolicy\User: Restricción ? <==== ATENCIÓN

================ Tareas programadas (Lista blanca) =========

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {004D7E31-F95C-4C2D-B90D-C01ADB459DE8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

Task: {013A8CD9-F680-432B-A0E0-87382B9D9D2A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {16ABE041-2D2A-4EB1-9C87-E3A193B6EAE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-28] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {1BDFAEED-FE4E-4683-A62A-D25C8CBA8515} - System32\Tasks\SUPERAntiSpyware Scheduled Task 674fc65f-8c09-41b3-9046-d556920cb3ff => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)

Task: {38A05C49-0F44-47FC-91EE-0D5B3E6EB75D} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-08-22] () [Archivo no firmado]

Task: {48FE9B95-DB6B-496C-819C-5BE19A45F119} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [19821872 2020-09-06] (Goversoft LLC -> Goversoft LLC)

Task: {495864CE-7E0A-4584-96C9-AD7F042FC9F7} - System32\Tasks\Driver Booster SkipUAC (Joseph) => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\DriverBooster.exe

Task: {586C43C4-A02B-439D-974D-A265C74804F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-28] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {5A82FC49-D1C0-4B1F-A89D-EAFCD00AE50F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {60283C48-6C06-4628-87DE-125A3F249E8C} - System32\Tasks\SUPERAntiSpyware Scheduled Task 441f14b0-b351-46ee-b77b-00d4840eb099 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com)

Task: {6D906ADF-2FD8-4A33-B09C-68B7C90ACF0F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155488 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {741A3101-6A98-411C-B00F-7F71C4887DDD} - System32\Tasks\AVG TuneUp Update => C:\Program Files (x86)\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2020-05-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

Task: {74920238-888D-4BED-8D25-9CFD9BBF157A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {756363F7-3643-4211-9D19-19DD2BD9840E} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe -RegistryEditor -ForceForeground -NoSplash

Task: {808E267D-DD8B-4A30-A719-A77BB75BF8CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {8ECD9DC1-E574-4AB2-98B1-86B2029F0F65} - System32\Tasks\GBTSSDCheckUpdate => C:\Program Files (x86)\GIGABYTE\SSDToolBox\ChkUpd.exe [301488 2019-07-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

Task: {94CD0A2F-647F-474C-A6BF-ACEE0BD3A8B6} - System32\Tasks\UninstallTool_SkipUAC_Joseph => C:\Program Files\Uninstall Tool\UninstallTool.exe [4924576 2020-04-16] (CrystalBit Solutions -> CrystalIDEA Software) [Archivo no firmado]

Task: {974C2992-53D7-43A2-B820-5740A9728524} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5725080 2020-08-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {9EAEEFB7-3837-4CB3-87D6-A9CDE7CD9386} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK

Task: {A194D8B6-D7ED-4A86-939B-F3C26AEF6CD0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MpCmdRun.exe [525032 2020-08-28] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {AA767398-0705-4D8B-AAF7-45E2A7457E2E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-11] (Dropbox, Inc -> Dropbox, Inc.)

Task: {C2F3E448-E658-4694-AB34-FC12AEB38111} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24770744 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {EB125F33-B406-4D47-A670-12BD28586BAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5725080 2020-08-07] (Microsoft Corporation -> Microsoft Corporation)

Task: {F63CB7EF-E382-479A-BAF0-54F4C1C378A3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {F8F05B79-9CCF-408D-80B3-4CE2D69437A5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-11] (Dropbox, Inc -> Dropbox, Inc.)

Task: {FF2DE0F4-0607-437A-BC4F-8D3F52E89A43} - System32\Tasks\DelayedItemsByChemtableSoftware\SecurityHealth => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 441f14b0-b351-46ee-b77b-00d4840eb099.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 674fc65f-8c09-41b3-9046-d556920cb3ff.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Tcpip\Parameters: [DhcpNameServer] 190.157.8.101 190.157.8.42

Tcpip\..\Interfaces\{0636a1ff-fbf7-4ac1-b54e-f43ede0f8dfe}: [DhcpNameServer] 190.157.8.101 190.157.8.42

Tcpip\..\Interfaces\{9e4fe668-cd12-4fdc-9a0c-20a6649e5885}: [DhcpNameServer] 185.123.227.250

Edge:

======

Edge Extension: (Ghostery – Bloqueador de anuncios para privacidad) -> EdgeExtension_GhosteryGhostery_kzkqe0pn505dg => C:\Program Files\WindowsApps\Ghostery.Ghostery_8.4.6.0_neutral__kzkqe0pn505dg [2020-04-01]

Edge Profile: C:\Users\Joseph\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-13]

Edge Notifications: Default -> hxxps://www1p.michellehardin.pro

Edge HomePage: Default -> hxxps://google.com.co/

Edge Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\Joseph\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2020-08-06]

Edge Extension: (Browsec VPN - Free VPN for Edge) - C:\Users\Joseph\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjnehcbecaggobjholekjijaaekbnlgj [2020-09-01]

FireFox:

========

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi

FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2020-04-22] [Heredado]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]

FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected] [2020-04-22]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi

FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-19]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\[email protected]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi

FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-01] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-03-01] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-03-01] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-19] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:

=======

CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]

CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [ ]

S4 CleanupPSvc; C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)

S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-11] (Dropbox, Inc -> Dropbox, Inc.)

S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2020-03-11] (Dropbox, Inc -> Dropbox, Inc.)

S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [44552 2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)

S2 DrvCovEx; C:\Windows\SysWOW64\DrvCovEx.exe [45056 2016-09-30] () [Archivo no firmado]

S4 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Archivo no firmado]

S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5097896 2020-09-05] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 UFDSVC; C:\WINDOWS\SysWOW64\ufdsvc.exe [77824 2006-08-02] (Generic) [Archivo no firmado]

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-08-28] (Microsoft Windows Publisher -> Microsoft Corporation)

S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

=================== Controladores (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [67584 2020-02-03] (Microsoft Windows Hardware Compatibility Publisher -> )

S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )

S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [54800 2018-11-24] (Software Security Systems ChTUP -> CrystalIdea Software)

S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )

R0 EPMVolFl; C:\Windows\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)

R0 EUDCPEPM; C:\Windows\System32\drivers\EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)

R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)

R3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [126168 2020-03-05] (Genesys Logic, Inc. -> GenesysLogic)

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [125616 2020-06-07] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)

S3 MBAMProtector; no ImagePath

S3 MBAMWebAccessControl-BackupByMalwarebytesPortable; no ImagePath

S3 mpszfilt; C:\Windows\System32\DRIVERS\mpszfilt.sys [20632 2016-09-30] (AlcorMicro, Corp. -> Generic)

R3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [45056 2020-02-24] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 UimBus; C:\Windows\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)

R1 Uim_DEVIM; C:\Windows\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)

R0 waemu; C:\Windows\System32\Drivers\waemu.sys [143928 2017-06-15] (Power Software Limited -> Power Software Ltd)

S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2020-08-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [428256 2020-08-28] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-08-28] (Microsoft Windows -> Microsoft Corporation)

U4 ekrn; no ImagePath

S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-13 17:53 - 2020-09-13 17:54 - 000022239 _____ C:\Users\Joseph\Desktop\FRST.txt

2020-09-13 17:53 - 2020-09-13 17:54 - 000000000 ____D C:\FRST

2020-09-13 17:44 - 2020-09-13 17:44 - 002297856 _____ (Farbar) C:\Users\Joseph\Desktop\FRST64.exe

2020-09-13 14:32 - 2020-09-13 14:33 - 000001648 _____ C:\Users\Joseph\Desktop\mb-clean-results.txt

2020-09-13 14:31 - 2020-09-13 14:31 - 000000092 _____ C:\Windows\ufdsvclog.txt

2020-09-13 14:31 - 2020-09-13 14:31 - 000000000 ____D C:\Windows\Panther

2020-09-13 14:26 - 2020-09-13 14:26 - 000858912 _____ (Malwarebytes) C:\Users\Joseph\Desktop\mb-clean-3.1.0.1035.exe

2020-09-13 11:36 - 2020-09-13 11:36 - 000001549 _____ C:\Users\Joseph\Desktop\MBAM_13092020-11_36.txt

2020-09-13 09:53 - 2020-09-13 09:53 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\421F7730.sys

2020-09-13 09:42 - 2020-09-13 10:04 - 000000000 ____D C:\Users\Joseph\Desktop\mbar

2020-09-13 09:40 - 2020-09-13 09:41 - 000002050 _____ C:\Users\Joseph\Desktop\Rkill.txt

2020-09-13 09:39 - 2020-09-13 09:39 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Joseph\Desktop\mbar-1.10.3.1001.exe

2020-09-13 09:38 - 2020-09-13 09:38 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Joseph\Desktop\iExplore.exe

2020-09-13 08:21 - 2020-09-13 08:21 - 000000550 _____ C:\Users\Joseph\Desktop\DelFix2.txt

2020-09-12 23:04 - 2020-09-12 23:04 - 000000254 _____ C:\Users\Joseph\Desktop\DelFix.txt

2020-09-12 23:03 - 2020-09-13 08:21 - 000000550 _____ C:\DelFix.txt

2020-09-12 23:03 - 2020-09-12 23:03 - 000000000 ____D C:\Windows\ERUNT

2020-09-12 18:39 - 2020-09-13 16:16 - 001051648 _____ C:\Users\Joseph\AppData\Local\SageThumbs.db3

2020-09-12 17:19 - 2020-09-12 17:19 - 000000000 ___HD C:\$Windows.~WS

2020-09-12 17:09 - 2020-09-12 17:09 - 000003390 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1742535224-2617996105-2139470584-1004

2020-09-12 14:57 - 2020-09-12 15:03 - 000000000 _____ C:\Recovery.txt

2020-09-12 13:31 - 2020-09-12 20:44 - 000000000 ____D C:\ESD

2020-09-12 12:41 - 2020-09-12 12:41 - 000002105 _____ C:\Users\Administrador\Desktop\Customize Fences.lnk

2020-09-12 12:41 - 2020-09-12 12:41 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Stardock

2020-09-12 12:41 - 2020-09-12 12:41 - 000000000 ____D C:\Users\Administrador\AppData\Local\Stardock

2020-09-12 12:41 - 2020-09-12 12:41 - 000000000 _____ C:\Users\Administrador\AppData\Local\SageThumbs.db3

2020-09-12 12:40 - 2020-09-12 12:52 - 000003394 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1742535224-2617996105-2139470584-500

2020-09-12 12:40 - 2020-09-12 12:52 - 000000000 ___RD C:\Users\Administrador\OneDrive

2020-09-12 12:37 - 2020-09-12 12:52 - 000002393 _____ C:\Users\Administrador\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2020-09-12 12:37 - 2020-09-12 12:45 - 000000000 ____D C:\Users\Administrador\AppData\Local\Packages

2020-09-12 12:37 - 2020-09-12 12:40 - 000000000 ____D C:\Users\Administrador

2020-09-12 12:37 - 2020-09-12 12:37 - 000000020 ___SH C:\Users\Administrador\ntuser.ini

2020-09-12 12:37 - 2020-09-12 12:37 - 000000000 ___RD C:\Users\Administrador\3D Objects

2020-09-12 12:37 - 2020-09-12 12:37 - 000000000 ____D C:\Users\Administrador\AppData\Roaming\Adobe

2020-09-12 12:37 - 2020-09-12 12:37 - 000000000 ____D C:\Users\Administrador\AppData\Local\ConnectedDevicesPlatform

2020-09-12 12:37 - 2020-09-12 12:37 - 000000000 ____D C:\Users\Administrador\AppData\Local\Comms

2020-09-12 11:42 - 2020-04-17 03:55 - 000002779 _____ C:\Windows\e.bat

2020-09-12 09:51 - 2020-09-05 09:53 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2dp.sys

2020-09-12 08:54 - 2020-09-12 08:54 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job

2020-09-10 21:09 - 2020-09-10 21:09 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk

2020-09-10 20:47 - 2020-09-10 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2020-09-09 06:45 - 2020-09-09 06:45 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys

2020-09-09 06:45 - 2020-09-09 06:45 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys

2020-09-09 06:45 - 2020-09-09 06:45 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys

2020-09-09 06:45 - 2020-09-09 06:45 - 000044552 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 032610752 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsRaw.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 031598936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsRaw.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 026272768 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 024264704 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 019869696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 018075136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 010847552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 008897200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 007611904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 006357032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 005820416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 005430480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 005056000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 004892672 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 004783344 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 004629328 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 004523008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 003992576 _____ (Microsoft Corporation) C:\Windows\system32\bootux.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 003868672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 003819528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 003806720 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 003334656 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 002851128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 002749440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 002687488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 002635640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 002519512 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001834496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001711104 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001693208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001557816 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 001449472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001400208 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001296384 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001255744 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 001253376 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL

2020-09-08 14:00 - 2020-09-08 14:00 - 001191592 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001068112 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 001048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL

2020-09-08 14:00 - 2020-09-08 14:00 - 000966144 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000961192 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000943408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostCommon.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000920896 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000907440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000887304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000843376 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000801544 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000763840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000759792 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL

2020-09-08 14:00 - 2020-09-08 14:00 - 000757192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000747320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000744240 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL

2020-09-08 14:00 - 2020-09-08 14:00 - 000721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000711680 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000688960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000680664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL

2020-09-08 14:00 - 2020-09-08 14:00 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\WFSR.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000665264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL

2020-09-08 14:00 - 2020-09-08 14:00 - 000639928 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000611952 _____ C:\Windows\SysWOW64\TextShaping.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000602184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000585696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000583608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000530440 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000528352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000471552 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000468992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000436736 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000432128 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSE.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Payments.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000408576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000403768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 000380728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000367416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000360024 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 000329728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000297984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000217920 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000190792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxApplicabilityEngine.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000185344 _____ (Microsoft Corporation) C:\Windows\system32\FXSUTILITY.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000180024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 000176440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000141008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Clipc.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000134968 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000133736 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000117056 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000110504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000099640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000097080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oemlicense.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000095032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys

2020-09-08 14:00 - 2020-09-08 14:00 - 000092952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditBufferTestHook.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000061752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GameInput.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\diagnosticdataquery.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000042320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMPOSERES.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WordBreakers.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\bootim.exe

2020-09-08 14:00 - 2020-09-08 14:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000021312 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000009277 _____ C:\Windows\system32\DrtmAuthTxt.wim

2020-09-08 14:00 - 2020-09-08 14:00 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2020-09-08 14:00 - 2020-09-08 14:00 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2020-09-08 13:59 - 2020-09-08 14:00 - 003505952 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 010336896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 008006248 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 007979416 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 005870496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 005776544 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 004727296 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 003875840 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 003847680 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 003815424 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys

2020-09-08 13:59 - 2020-09-08 13:59 - 003779384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2020-09-08 13:59 - 2020-09-08 13:59 - 003384832 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 002951680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys

2020-09-08 13:59 - 2020-09-08 13:59 - 002587448 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 002451456 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 002422784 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 002319216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 002248192 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 002103704 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001924608 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001856312 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001765888 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001700352 _____ (Microsoft Corporation) C:\Windows\system32\WindowManagement.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001414144 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 001337176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001277440 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001209096 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 001105408 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001094472 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostCommon.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001059328 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 001027344 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000903992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys

2020-09-08 13:59 - 2020-09-08 13:59 - 000827912 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000725608 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000707016 _____ C:\Windows\system32\TextShaping.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000677888 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000635824 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000614912 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000596992 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2020-09-08 13:59 - 2020-09-08 13:59 - 000586752 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Payments.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000585728 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000531448 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000454960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2020-09-08 13:59 - 2020-09-08 13:59 - 000437760 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000420456 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000395264 _____ (Microsoft Corporation) C:\Windows\system32\licensingdiag.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000382464 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000352768 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\UpdateDeploymentProvider.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000306176 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000269624 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostUser.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000266240 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000265728 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000249664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000239432 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000200704 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000186472 _____ (Microsoft Corporation) C:\Windows\system32\Clipc.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000132928 _____ (Microsoft Corporation) C:\Windows\system32\oemlicense.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000132728 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000118272 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000116024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000090400 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000070976 _____ (Microsoft Corporation) C:\Windows\system32\GameInput.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000068928 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHostBroker.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000064008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2020-09-08 13:59 - 2020-09-08 13:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\audioresourceregistrar.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll

2020-09-08 13:59 - 2020-09-08 13:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\provdiagnostics.dll

2020-09-08 13:45 - 2020-08-24 22:42 - 000391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2020-09-08 13:45 - 2020-08-24 22:36 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2020-09-06 17:36 - 2020-09-08 14:06 - 000484488 _____ C:\Windows\system32\FNTCACHE.DAT

2020-09-05 13:57 - 2020-09-05 13:57 - 000000112 ___SH C:\bootTel.dat

2020-09-05 09:55 - 2020-09-05 09:55 - 000975872 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll

2020-09-05 09:55 - 2020-09-05 09:55 - 000749056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll

2020-09-05 09:55 - 2020-09-05 09:55 - 000434688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll

2020-09-05 09:55 - 2020-09-05 09:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll

2020-09-05 09:55 - 2020-09-05 09:55 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 023441408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 018766848 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 014754304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 007633360 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 006417408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 005993968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 004820992 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 004747776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 004362816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 004304384 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 004274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 004009064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 003978240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AI.MachineLearning.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 003913728 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 003659264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 003547784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002757120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002606592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002541056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002452856 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL

2020-09-05 09:54 - 2020-09-05 09:54 - 002433024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002383672 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.AppAgent.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002338184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002265328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002206208 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002200576 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 002136744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL

2020-09-05 09:54 - 2020-09-05 09:54 - 002021192 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001980728 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001956032 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001812368 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001770040 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001751432 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001720832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001719096 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001695208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001681408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001659904 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001654824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001640888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001632056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.AppAgent.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001617088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001588016 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001542752 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001541224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001506608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001502016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001485824 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001449792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001438432 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001438008 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001430528 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001411072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 001388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001375232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdprt.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001352232 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001337344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001333248 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001314608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001309504 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi

2020-09-05 09:54 - 2020-09-05 09:54 - 001301584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\XboxNetApiSvc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001279288 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001260200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001239040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll

FRST.txt Parte No. 02 de 03


2020-09-05 09:54 - 2020-09-05 09:54 - 001201152 _____ (Microsoft Corporation) C:\Windows\system32\AgentService.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 001198592 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001183256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001181200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001138176 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 001128544 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 001117344 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001091584 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001081856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001061376 _____ (Microsoft Corporation) C:\Windows\system32\opengl32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001056768 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001014864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 001003320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000969544 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000946712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000921088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\opengl32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MiracastReceiver.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000894768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000894264 _____ (Microsoft Corporation) C:\Windows\system32\AppVManifest.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000890944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000885760 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000882176 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000881152 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000877056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShareHost.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000869376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000859136 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000856064 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000797448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000796672 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000794624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000784896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000782968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000775776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000770560 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000761280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000755576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000753664 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2013CustomActions.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000750976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FlightSettings.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000748360 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000739128 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000736056 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000733184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BTAGService.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000707584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000702792 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000697344 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgogl32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000676680 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000668472 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000651776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000643584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000634680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000617472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000614912 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000611840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000604472 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000591360 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000588288 _____ (Microsoft Corporation) C:\Windows\system32\WLanConn.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000581632 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000575800 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000572928 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000568120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000556544 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000547328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000547328 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000546464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000540160 _____ (Microsoft Corporation) C:\Windows\system32\InputSwitch.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000539136 _____ (Microsoft Corporation) C:\Windows\system32\IESettingSync.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000538120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Launcher.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000520192 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\glmf32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UiaManager.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000515072 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000512512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000511488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000500968 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000495848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp_win.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000491008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000482304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000478208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000457728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000454144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WLanConn.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000446264 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000436736 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputSwitch.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CscUnpinTool.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000420920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000417280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000412688 _____ (Microsoft Corporation) C:\Windows\system32\SgrmEnclave_secure.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glmf32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000388608 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000387072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ShellCommonCommonProxyStub.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountWAMExtension.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000366392 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2020-09-05 09:54 - 2020-09-05 09:54 - 000340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000337768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000321024 _____ (Microsoft Corporation) C:\Windows\system32\DAFMCP.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000318464 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000316416 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncutil.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000303288 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000303168 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\pnputil.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Lights.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000286720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000286024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ConfigWrapper.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000283648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000275968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.FileExplorer.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovs.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000266240 _____ C:\Windows\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000251192 _____ (Microsoft Corporation) C:\Windows\system32\AppVFileSystemMetadata.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlancfg.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000248320 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Gpu.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000245760 _____ (Microsoft Corporation) C:\Windows\system32\dialclient.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glu32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000240136 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.FileExplorer.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000229376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000223544 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamMap.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000222720 _____ (Microsoft Corporation) C:\Windows\system32\VideoHandlers.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000219960 _____ (Microsoft Corporation) C:\Windows\system32\AppVShNotify.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000212760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000202240 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000202240 _____ (Microsoft Corporation) C:\Windows\notepad.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000196768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL

2020-09-05 09:54 - 2020-09-05 09:54 - 000195384 _____ (Microsoft Corporation) C:\Windows\system32\AppVStreamingUX.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgocl32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000175928 _____ (Microsoft Corporation) C:\Windows\system32\AppVDllSurrogate.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dialclient.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000167224 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\glu32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000164152 _____ (Microsoft Corporation) C:\Windows\system32\hvsievaluator.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000162616 _____ (Microsoft Corporation) C:\Windows\system32\hvsigpext.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000161792 _____ (Microsoft Corporation) C:\Windows\system32\StorageUsage.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BitLockerCsp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000153400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgu1132.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000138936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000137016 _____ C:\Windows\system32\HvsiManagementApi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\appvetwclientres.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000125016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000119608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadWamExtension.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000109992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GraphicsCapture.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000101688 _____ C:\Windows\SysWOW64\HvsiManagementApi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlgpclnt.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000095744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000091448 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000069728 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000069432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edpnotify.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.System.Profile.SystemId.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enrollmentapi.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Office2010CustomActions.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfctrs.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfproc.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000038712 _____ (Microsoft Corporation) C:\Windows\system32\SyncAppvPublishingServer.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfdisk.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfos.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys

2020-09-05 09:54 - 2020-09-05 09:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCShellCommonProxyStub.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfnet.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.drv

2020-09-05 09:54 - 2020-09-05 09:54 - 000021816 _____ (Microsoft Corporation) C:\Windows\system32\ScriptRunner.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidtel.exe

2020-09-05 09:54 - 2020-09-05 09:54 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\defragproxy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\midimap.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\appvetwstreamingux.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\TSErrRedir.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\defragres.dll

2020-09-05 09:54 - 2020-09-05 09:54 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 009034752 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 006197760 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 006193664 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 005729280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AI.MachineLearning.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 004592136 _____ (Microsoft Corporation) C:\Windows\explorer.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 003749376 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 003587584 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 003436544 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 003303936 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 003181056 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 003082240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 003062784 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002991416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 002975744 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002918736 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002806152 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002772992 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002647040 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002631168 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002259968 _____ C:\Windows\system32\TextInputMethodFormatter.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002131032 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002102784 _____ (Microsoft Corporation) C:\Windows\system32\windowsudk.shellcommon.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 002023704 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001978656 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001951232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001905664 _____ (Microsoft Corporation) C:\Windows\system32\WpcDesktopMonSvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001868672 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001866240 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001825280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001805192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2020-09-05 09:53 - 2020-09-05 09:53 - 001777152 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001766912 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001701368 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\TaskFlowDataEngine.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001538656 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 001530880 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001514496 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001504768 _____ (Microsoft Corporation) C:\Windows\system32\MoUsoCoreWorker.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 001498624 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001492480 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001488384 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001473024 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001472824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 001426944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2020-09-05 09:53 - 2020-09-05 09:53 - 001378568 _____ (Microsoft Corporation) C:\Windows\system32\InputHost.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001261056 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001257984 _____ (Microsoft Corporation) C:\Windows\system32\MiracastReceiver.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001209344 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001198288 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 001145344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001140928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001126488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001114112 _____ (Microsoft Corporation) C:\Windows\system32\ShareHost.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001104384 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001092392 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001089344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 001070080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001046528 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2020-09-05 09:53 - 2020-09-05 09:53 - 001044880 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001030656 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001028288 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001021952 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001008696 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 001008640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000999744 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000992768 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000978760 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000976680 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000951808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000939448 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000935936 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000934912 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000929792 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000914216 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000913776 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000887296 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL

2020-09-05 09:53 - 2020-09-05 09:53 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000856576 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000844448 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000822784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000809280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000803328 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000799544 _____ (Microsoft Corporation) C:\Windows\system32\windows.applicationmodel.datatransfer.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000795136 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000777728 _____ (Microsoft Corporation) C:\Windows\system32\ShellCommonCommonProxyStub.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000755200 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000753152 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Launcher.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000733696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000705560 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000705024 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000702776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000687104 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000674304 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000657920 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000651264 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000647480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000637440 _____ (Microsoft Corporation) C:\Windows\system32\UiaManager.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000636928 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000634240 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000609792 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000603464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000602440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2020-09-05 09:53 - 2020-09-05 09:53 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000573752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000559616 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000552960 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountWAMExtension.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000527880 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000507904 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000502592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2020-09-05 09:53 - 2020-09-05 09:53 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2020-09-05 09:53 - 2020-09-05 09:53 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000488960 _____ (Microsoft Corporation) C:\Windows\system32\das.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000475136 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000472376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000455480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000430592 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000429880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000428672 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Lights.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000418816 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000418800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000393728 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000390144 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000382464 _____ (Microsoft Corporation) C:\Windows\system32\credprovs.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000378368 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000374072 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000373560 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000361472 _____ C:\Windows\system32\Windows.Internal.UI.Shell.WindowTabManager.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000339456 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_InputPersonalization.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000332288 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000322376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msquic.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\wlancfg.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000305472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000294912 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000289280 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\directxdatabaseupdater.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000260920 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000260608 _____ (Microsoft Corporation) C:\Windows\system32\DesktopSwitcherDataModel.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000259888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000255296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerCsp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000242176 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\dxgiadaptercache.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000230392 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000230376 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL

2020-09-05 09:53 - 2020-09-05 09:53 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.CapturePicker.Desktop.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ClipboardServer.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000223040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000219648 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000214016 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000213344 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000208696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSoftwareInstallationClient.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000185672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000185664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000183112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000180040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000169456 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000167880 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000166912 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000160064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000159048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000156672 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000155952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000152376 _____ (Microsoft Corporation) C:\Windows\system32\aadWamExtension.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000143104 _____ (Microsoft Corporation) C:\Windows\system32\profapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000136704 _____ (Microsoft Corporation) C:\Windows\system32\CredDialogBroker.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\GraphicsCapture.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\UtcDecoderHost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000118072 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000117048 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsiCx.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS

2020-09-05 09:53 - 2020-09-05 09:53 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000085504 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000078528 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000069752 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000067072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.PlatformExtension.DevicePickerExperience.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000064824 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\edpnotify.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.System.Profile.SystemId.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000060928 _____ C:\Windows\system32\runexehelper.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000060744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storufs.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000059448 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000056648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\tetheringconfigsp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\PCShellCommonProxyStub.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\perfctrs.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\perfproc.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS

2020-09-05 09:53 - 2020-09-05 09:53 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\perfos.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\IcsEntitlementHost.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv

2020-09-05 09:53 - 2020-09-05 09:53 - 000030024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000029456 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\perfnet.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\appidtel.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2020-09-05 09:53 - 2020-09-05 09:53 - 000019776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\applockerfltr.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000017216 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000016704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys

2020-09-05 09:53 - 2020-09-05 09:53 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\d3d8thk.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll

2020-09-05 09:53 - 2020-09-05 09:53 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2020-08-26 15:19 - 2020-08-26 15:22 - 000001430 _____ C:\Users\Joseph\Desktop\Notas rápidas - Acceso directo.lnk

2020-08-22 12:10 - 2020-08-22 12:10 - 000000000 ____D C:\Program Files (x86)\ArdfryImaging

2020-08-22 12:09 - 2020-08-22 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSD Codec by Ardfry Imaging

2020-08-22 12:09 - 2020-08-22 12:09 - 000000000 ____D C:\Viewers

2020-08-22 12:09 - 2020-08-22 12:09 - 000000000 ____D C:\Program Files\ArdfryImaging

2020-08-22 10:39 - 2020-08-22 10:39 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2020.lnk

2020-08-20 16:00 - 2020-08-21 11:03 - 000000000 ____D C:\ProgramData\X-Fonter

2020-08-20 15:46 - 2020-08-20 15:46 - 000000000 ____D C:\ProgramData\FontExplorer X

2020-08-17 18:00 - 2020-09-05 17:25 - 000001024 ____H C:\AMTAG.BIN

2020-08-17 16:46 - 2020-09-05 17:25 - 000006717 _____ C:\Windows\GA_OF.dat

2020-08-17 16:46 - 2020-08-17 16:46 - 000001215 _____ C:\Users\Public\Desktop\AOMEI Partition Assistant 8.9.lnk

2020-08-17 16:46 - 2020-08-17 16:46 - 000001215 _____ C:\ProgramData\Desktop\AOMEI Partition Assistant 8.9.lnk

2020-08-17 16:46 - 2020-08-17 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant 8.9

2020-08-17 16:46 - 2016-12-27 18:45 - 000035760 _____ C:\Windows\system32\ddmdrv.sys

2020-08-17 16:46 - 2016-12-27 18:45 - 000033200 _____ C:\Windows\SysWOW64\ddmdrv.sys

2020-08-17 16:46 - 2016-09-29 09:44 - 001298584 _____ C:\Windows\ddmmain.exe

2020-08-17 16:45 - 2020-09-05 17:25 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant

2020-08-17 16:45 - 2020-08-12 15:02 - 002201768 _____ C:\Windows\ampa.exe

2020-08-17 16:45 - 2017-02-28 14:20 - 000038320 _____ C:\Windows\SysWOW64\ampa.sys

2020-08-17 16:45 - 2017-02-28 14:20 - 000038320 _____ C:\Windows\system32\ampa.sys

2020-08-17 13:31 - 2020-09-05 19:34 - 000000000 ____D C:\ProgramData\TEMP

2020-08-17 13:31 - 2020-08-17 14:55 - 000000000 ____D C:\Program Files (x86)\HDD Regenerator

2020-08-17 13:31 - 2020-08-17 13:31 - 000002106 _____ C:\Users\Public\Desktop\HDD Regenerator.lnk

2020-08-17 13:31 - 2020-08-17 13:31 - 000002106 _____ C:\ProgramData\Desktop\HDD Regenerator.lnk

2020-08-17 13:31 - 2020-08-17 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator

==================== Un mes (modificado) ==================

FRST.txt Parte No. 03 de 03


(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-09-13 15:40 - 2020-05-21 18:18 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData

2020-09-13 15:40 - 2020-05-21 18:18 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData

2020-09-13 15:40 - 2020-03-01 20:42 - 000000000 ____D C:\Users\Joseph\AppData\Local\D3DSCache

2020-09-13 15:32 - 2020-06-02 18:12 - 000000000 ____D C:\Windows\system32\SleepStudy

2020-09-13 14:37 - 2020-06-02 18:23 - 002005578 _____ C:\Windows\system32\PerfStringBackup.INI

2020-09-13 14:37 - 2019-12-07 10:02 - 000849222 _____ C:\Windows\system32\perfh00A.dat

2020-09-13 14:37 - 2019-12-07 10:02 - 000182880 _____ C:\Windows\system32\perfc00A.dat

2020-09-13 14:37 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF

2020-09-13 14:34 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2020-09-13 14:32 - 2020-06-02 18:12 - 000008192 ___SH C:\DumpStack.log.tmp

2020-09-13 14:31 - 2020-06-02 18:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2020-09-13 14:31 - 2019-12-07 04:03 - 000262144 _____ C:\Windows\system32\config\BBI

2020-09-13 14:24 - 2019-12-07 04:14 - 000000000 ___HD C:\Windows\ELAMBKUP

2020-09-13 11:55 - 2020-07-16 09:51 - 000000000 ____D C:\Users\Joseph\AppData\LocalLow\IGDump

2020-09-13 09:25 - 2020-03-02 21:30 - 000000000 ____D C:\Users\Joseph\AppData\Roaming\KeePass

2020-09-13 08:31 - 2020-06-24 16:32 - 000000737 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk

2020-09-13 08:31 - 2020-06-24 16:32 - 000000725 _____ C:\Users\Joseph\Desktop\Asistente para actualización a Windows 10.lnk

2020-09-12 22:46 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\AppLocker

2020-09-12 17:15 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness

2020-09-12 17:06 - 2020-03-01 15:17 - 000000000 __RHD C:\Users\Public\AccountPictures

2020-09-12 16:01 - 2020-04-14 18:41 - 000000400 __RSH C:\ProgramData\ntuser.pol

2020-09-12 15:54 - 2020-05-29 14:16 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit

2020-09-12 15:05 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp

2020-09-12 13:11 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\PrintDialog

2020-09-12 12:37 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel

2020-09-12 11:46 - 2020-07-04 17:55 - 000000000 ____D C:\Windows\w

2020-09-12 11:46 - 2020-07-04 17:55 - 000000000 ____D C:\Windows\c

2020-09-12 08:33 - 2020-06-02 18:25 - 000003648 _____ C:\Windows\system32\Tasks\UninstallTool_SkipUAC_Joseph

2020-09-12 08:24 - 2020-04-06 15:01 - 000000000 ____D C:\Users\Joseph\AppData\Roaming\MPC-HC

2020-09-12 08:24 - 2020-04-01 12:34 - 000000000 ____D C:\Users\Joseph\AppData\Roaming\Mp3tag

2020-09-12 07:42 - 2020-03-01 15:17 - 000000000 ____D C:\Users\Joseph\AppData\Local\Packages

2020-09-11 18:09 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps

2020-09-11 12:19 - 2020-03-02 21:29 - 000001196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk

2020-09-11 12:19 - 2020-03-02 21:29 - 000001184 _____ C:\Users\Joseph\Desktop\KeePass 2.lnk

2020-09-11 12:19 - 2020-03-02 21:29 - 000000000 ____D C:\Program Files (x86)\KeePass Password Safe 2

2020-09-11 09:48 - 2020-03-04 11:37 - 000000000 ____D C:\Users\Joseph\AppData\Local\privazer

2020-09-11 08:11 - 2020-03-01 15:23 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2020-09-11 08:11 - 2020-03-01 15:23 - 000002335 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

2020-09-11 08:11 - 2020-03-01 15:23 - 000002335 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk

2020-09-10 21:09 - 2020-07-31 20:37 - 000000000 ___HD C:\adobeTemp

2020-09-10 20:48 - 2020-03-11 07:10 - 000000000 ____D C:\Program Files (x86)\Dropbox

2020-09-08 17:01 - 2020-03-08 17:35 - 000001456 _____ C:\Users\Joseph\AppData\Local\Adobe Save for Web 13.0 Prefs

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\oobe

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\appraiser

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\Provisioning

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\PolicyDefinitions

2020-09-08 14:04 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr

2020-09-08 14:00 - 2020-03-01 15:57 - 000413750 __RSH C:\bootmgr

2020-09-08 13:59 - 2020-06-02 18:15 - 002876416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll

2020-09-08 13:34 - 2020-03-01 15:45 - 000000000 ____D C:\Windows\system32\MRT

2020-09-08 13:29 - 2020-03-01 15:45 - 129170736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2020-09-07 10:07 - 2020-05-20 20:45 - 000000000 ____D C:\ProgramData\boost_interprocess

2020-09-06 17:29 - 2020-07-16 10:57 - 000000000 ___HD C:\temp

2020-09-06 15:11 - 2020-04-22 08:41 - 000000000 ____D C:\Users\Joseph\AppData\LocalLow\Temp

2020-09-06 15:11 - 2020-03-03 18:31 - 000000000 ____D C:\Windows\pss

2020-09-06 14:54 - 2020-04-22 11:31 - 000000000 ____D C:\Program Files (x86)\PrivaZer

2020-09-05 10:06 - 2019-12-07 10:05 - 000000000 ___SD C:\Windows\system32\AppV

2020-09-05 10:06 - 2019-12-07 10:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection

2020-09-05 10:06 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata

2020-09-05 10:06 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism

2020-09-05 10:06 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinMetadata

2020-09-05 10:06 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\migwiz

2020-09-05 10:06 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism

2020-09-01 19:59 - 2020-03-17 16:21 - 000000000 ____D C:\Program Files\SUPERAntiSpyware

2020-08-28 13:30 - 2020-03-01 15:07 - 000000000 ____D C:\Windows\system32\Drivers\wd

2020-08-28 09:04 - 2020-06-02 18:25 - 000003580 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2020-08-28 09:04 - 2020-06-02 18:25 - 000003456 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2020-08-27 17:13 - 2020-05-01 10:10 - 000000324 _____ C:\Users\Joseph\Desktop\advanced_ip_scanner_Favorites.bin

2020-08-27 14:44 - 2020-03-11 11:44 - 000000000 ____D C:\Users\Joseph\AppData\Roaming\XnView

2020-08-26 10:55 - 2020-03-01 15:17 - 000000000 ____D C:\Users\Joseph\AppData\Roaming\Adobe

2020-08-22 10:39 - 2020-03-05 21:25 - 000000000 ____D C:\Program Files\Common Files\Adobe

2020-08-19 13:51 - 2020-03-01 20:16 - 000000000 ____D C:\Program Files\Microsoft Office

2020-08-17 13:30 - 2020-06-10 11:00 - 000000000 ____D C:\Users\Joseph\AppData\Local\Downloaded Installations

2020-08-16 14:05 - 2020-06-02 18:25 - 000003140 _____ C:\Windows\system32\Tasks\klcp_update

2020-08-16 12:18 - 2020-04-06 15:00 - 000001284 _____ C:\Users\Public\Desktop\Media Player Classic.lnk

2020-08-16 12:18 - 2020-04-06 15:00 - 000001284 _____ C:\ProgramData\Desktop\Media Player Classic.lnk

2020-08-16 12:18 - 2020-04-06 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

2020-08-16 12:18 - 2020-04-06 15:00 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack

2020-08-16 11:30 - 2020-06-02 18:25 - 000003658 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask

2020-08-16 11:27 - 2020-08-10 16:06 - 000000000 ____D C:\Users\Joseph\AppData\Roaming\Bitwarden

2020-08-14 07:43 - 2020-03-05 21:23 - 000000000 ____D C:\ProgramData\Adobe

==================== Archivos en la raíz de algunos directorios ========

2020-04-01 21:27 - 2020-04-01 21:27 - 000000254 _____ () C:\ProgramData\fontcacheev1.dat

2020-03-15 16:56 - 2020-07-23 11:52 - 000000028 _____ () C:\Users\Joseph\AppData\Roaming\kulerdata.json

2020-03-08 17:35 - 2020-09-08 17:01 - 000001456 _____ () C:\Users\Joseph\AppData\Local\Adobe Save for Web 13.0 Prefs

2020-06-08 18:22 - 2020-06-08 18:22 - 000000001 _____ () C:\Users\Joseph\AppData\Local\llftool.4.40.agreement

2020-06-08 18:22 - 2020-06-08 18:22 - 000000019 _____ () C:\Users\Joseph\AppData\Local\llftool.license

2020-05-21 15:40 - 2020-05-21 15:40 - 000000410 _____ () C:\Users\Joseph\AppData\Local\oobelibMkey.log

2020-07-17 21:48 - 2020-07-17 21:48 - 000007611 _____ () C:\Users\Joseph\AppData\Local\Resmon.ResmonCfg

2020-09-12 18:39 - 2020-09-13 16:16 - 001051648 _____ () C:\Users\Joseph\AppData\Local\SageThumbs.db3

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Addition Parte 1 de 1

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 13-09-2020
Ejecutado por Joseph (13-09-2020 17:55:19)
Ejecutado desde C:\Users\Joseph\Desktop
Windows 10 Education Versión 2004 19041.508 (X64) (2020-06-02 23:25:51)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-1742535224-2617996105-2139470584-500 - Administrator - Enabled) => C:\Users\Administrador
DefaultAccount (S-1-5-21-1742535224-2617996105-2139470584-503 - Limited - Disabled)
Invitado (S-1-5-21-1742535224-2617996105-2139470584-501 - Limited - Disabled)
Joseph (S-1-5-21-1742535224-2617996105-2139470584-1001 - Administrator - Enabled) => C:\Users\Joseph
WDAGUtilityAccount (S-1-5-21-1742535224-2617996105-2139470584-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ADATA SSD ToolBox version 3.0.11 (HKLM-x32\...\{C0991D3E-8786-48E7-A5DB-57FBACB0A03A}_is1) (Version: 3.0.11 - ADATA, Inc.)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.4.3161.0 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{7cf4d22a-4b6a-4fd7-b27e-2fb81d77f4c1}) (Version: 7.4.3161.0 - Adguard Software Ltd)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20065 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_1_1) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_3) (Version: 24.3 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_3) (Version: 21.2.3.308 - Adobe Inc.)
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version:  - )
AOMEI Partition Assistant 8.9 (HKLM-x32\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version:  - AOMEI International Network Limited.)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
AVG TuneUp (HKLM-x32\...\{949BE04F-D7E8-4C19-9F89-8B304AB4308A}_is1) (Version: 19.1.1209 - AVG Technologies)
Bitwarden (HKLM\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.20.1 - Bitwarden Inc.)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCEnhancer versión 4.5.6 (HKLM-x32\...\{D621766C-B5EC-42BD-9E10-774C02C17B44}_is1) (Version: 4.5.6 - SingularLabs)
CCleaner (HKLM\...\CCleaner) (Version: 5.70 - Piriform)
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 105.4.651 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Partition Master 14.0 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
Fax (HKLM-x32\...\{9294F169-72EE-4D74-AE92-CA25F64B4FF8}) (Version: 140.0.307.000 - Hewlett-Packard) Hidden
Foxit PhantomPDF (HKLM-x32\...\{0a0d1ae2-8a54-11ea-8e74-54bf64a63c26}) (Version: 10.0.0.35798 - Foxit Software Inc.)
Foxit PhantomPDF (HKLM-x32\...\{5ED765AE-7D7E-11EA-B410-54BF64A63C26}) (Version: 9.7.2.29539 - Foxit Software Inc.)
Google Earth Pro (HKLM\...\{0C6E99AA-A318-4E7C-8A0E-36DA4AE17DD8}) (Version: 7.3.3.7673 - Google)
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart All-In-One Driver Software (HKLM\...\{A96C5DB7-40F9-46DD-B36F-9E657D1D9E04}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
KeePass Password Safe 2.46 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.46 - Dominik Reichl)
K-Lite Codec Pack 15.7.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.7.0 - KLCP)
MediaInfo 20.03 (HKLM\...\MediaInfo) (Version: 20.03 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\{958C157B-4D87-32F8-93ED-4B6898D46875}) (Version: 85.0.564.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{7186392a-1a98-4844-a7a9-613401ff3f2c}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
MKVToolNix 6.6.0 (HKLM-x32\...\MKVToolNix) (Version: 6.6.0 - Moritz Bunkus)
Mp3tag v3.02 (HKLM-x32\...\Mp3tag) (Version: 3.02 - Florian Heidenreich)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
ObjectDock Plus (HKLM-x32\...\ObjectDock Plus2.01) (Version: 2.01 - Stardock Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
OpenGL Extensions Viewer 6.0 (HKLM-x32\...\GLVIEW3) (Version: 605 - )
Paquete de controladores de Windows - NVIDIA Corporation (NVHDA) MEDIA  (11/28/2013 1.3.30.1) (HKLM\...\1E02441AEE6F23C864F26845CA7854B5D909E21A) (Version: 11/28/2013 1.3.30.1 - NVIDIA Corporation)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 4.0.9.0 - Goversoft LLC)
PS_AIO_02_ProductContext (HKLM-x32\...\{720C16FC-5423-47B3-A249-5C05FB376E9A}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software (HKLM-x32\...\{97AD3490-480B-42B2-8001-326621AF34AC}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PS_AIO_02_Software_Min (HKLM-x32\...\{7AB63BFD-91C6-4C21-B2C6-D33A1FC8DE8F}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
PSD Codec by Ardfry Imaging, LLC (32 bit) (HKLM-x32\...\{345E25C8-EC20-45D5-A088-C5891FC603D4}) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD Codec by Ardfry Imaging, LLC (64 bit) (HKLM\...\{AD4E43FF-20E5-4E91-9B10-5BFAB7F66EE2}) (Version: 1.0.15.0 - Ardfry Imaging, LLC) Hidden
PSD CODEC Version 1.6.1.0 (HKLM\...\Ardfry PSD CODEC_is1) (Version: 1.6.1.0 - Ardfry Imaging, LLC)
Quick CPU x64 (HKLM\...\{3373D4A7-69A1-42BE-A6F4-A196FB681F60}) (Version: 3.1.6.0 - CoderBag)
Reg Organizer versión 8.30 (HKLM-x32\...\Reg Organizer_is1) (Version: 8.30 - ChemTable Software)
SageThumbs 2.0.0.23 (HKLM\...\SageThumbs) (Version: 2.0.0.23 - Cherubic Software)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Snagit 2020 (HKLM\...\{38DFC83A-CA30-4106-A48A-E54196B8E358}) (Version: 20.1.4 - TechSmith Corporation) Hidden
Snagit 2020 (HKLM-x32\...\{2a7bec94-c903-4082-83dd-b42c7a165ae7}) (Version: 20.1.4.6413 - TechSmith Corporation)
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
SSDToolBox (HKLM-x32\...\{C75B1BE9-F064-49B6-B614-3D5B1679B7B0}) (Version: 1.19.0823.1 - GIGABYTE) Hidden
SSDToolBox (HKLM-x32\...\InstallShield_{C75B1BE9-F064-49B6-B614-3D5B1679B7B0}) (Version: 1.19.0823.1 - GIGABYTE)
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.09 - Stardock Software, Inc.)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1202 - SUPERAntiSpyware.com)
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
UltraISO (HKLM-x32\...\UltraISO) (Version: 9.7.3.3618 - EZB Systems, Inc.)
UltraISO Premium V9.75 (HKLM-x32\...\UltraISO_is1) (Version: 9.75 - EZB Systems, Inc.)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.5.10 - CrystalIDEA Software)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare Filmora 9.4.5.10 (HKLM\...\Wondershare Filmora_is1) (Version: 9.4.5.10 - lrepacks.ru)
Wordle 0.2 (HKLM-x32\...\6068-4591-7093-1796) (Version: 0.2 - )

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-07-23] (Adobe Systems Incorporated)
Ghostery – Bloqueador de anuncios para privacidad -> C:\Program Files\WindowsApps\Ghostery.Ghostery_8.4.6.0_neutral__kzkqe0pn505dg [2020-04-01] (Ghostery)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

CustomCLSID: HKU\S-1-5-21-1742535224-2617996105-2139470584-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CF295C30B57B} -> [Creative Cloud Files] => C:\Users\Joseph\Creative Cloud Files [2020-07-15 20:26]
CustomCLSID: HKU\S-1-5-21-1742535224-2617996105-2139470584-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Joseph\Dropbox [2020-03-11 07:15]
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-05-19] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers1: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-04-22] (Goversoft LLC -> )
ContextMenuHandlers1: [SageThumbs] -> {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} => C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll [2017-05-09] (CherubicSoft) [Archivo no firmado]
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2020\DLLx64\SnagitShellExt64.dll [2020-07-23] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers2: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-04-22] (Goversoft LLC -> )
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2019-08-31] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers3: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-04-22] (Goversoft LLC -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-07-11] (Florian Heidenreich) [Archivo no firmado]
ContextMenuHandlers4: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-04-22] (Goversoft LLC -> )
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2020\DLLx64\SnagitShellExt64.dll [2020-07-23] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2019-08-31] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.45.0.dll [2020-09-09] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [Archivo no firmado]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-05-19] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2018-05-25] (Stardock Corporation -> Stardock)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [PrivaZer] -> {7691BE2F-3D79-AADE-9C87-4D6EBCC76682} => C:\Program Files (x86)\PrivaZer\PrivaMenu6.dll [2020-04-22] (Goversoft LLC -> )
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2019-08-31] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.) [Archivo no firmado]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 6.0\OpenGL Extensions Viewer 6.0 Home Page.lnk -> hxxp://www.realtech-vr.com/glview
Shortcut: C:\Users\Joseph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\realtech VR\OpenGL Extensions Viewer 6.0\realtech VR Home Page.lnk -> hxxp://www.realtech-vr.com

==================== Módulos cargados (Lista blanca) =============

2011-08-11 15:12 - 2020-06-26 09:29 - 000807936 _____ () [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\CrashRpt.dll
2011-11-11 19:49 - 2011-11-11 19:49 - 000730624 _____ () [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\Dock64.dll
2011-08-11 15:12 - 2011-08-11 15:12 - 000094208 _____ () [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\Docklets\Clock\Clock.dll
2011-11-11 19:49 - 2011-11-11 19:49 - 000626688 _____ () [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\DockShellHook.dll
2011-08-11 15:12 - 2011-08-11 15:12 - 000053760 _____ () [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\zlib.dll
2020-06-26 09:54 - 2020-06-26 09:54 - 000095744 _____ () [Archivo no firmado] C:\Windows\Womtrust.dll
2020-05-19 17:05 - 2020-05-19 17:05 - 000021504 _____ (Adobe Systems Inc.) [Archivo no firmado] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2017-05-09 02:40 - 2017-05-09 02:40 - 000475648 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll
2017-05-09 02:40 - 2017-05-09 02:40 - 000716288 _____ (CherubicSoft) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\sqlite3.dll
2020-07-11 04:28 - 2020-07-11 04:28 - 000398336 _____ (Florian Heidenreich) [Archivo no firmado] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [Archivo no firmado] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2020-03-04 09:39 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [Archivo no firmado] C:\Program Files\7-Zip\7-zip.dll
2011-08-11 15:12 - 2011-08-11 15:12 - 001038848 _____ (Microsoft Corporation) [Archivo no firmado] C:\Program Files (x86)\Stardock\ObjectDock Plus\dbghelp.dll
2011-08-11 15:12 - 2011-08-11 15:12 - 000106496 _____ (Microsoft) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Stardock\ObjectDock Plus\RenderPanel.dll
2017-11-02 15:19 - 2018-02-20 09:06 - 001324504 _____ (Stardock Corporation -> Stardock Corporation) [Archivo no firmado] [El archivo está en uso] c:\program files (x86)\stardock\fences\SdAppServices_x64.dll
2018-05-25 14:46 - 2018-05-25 14:46 - 003324856 _____ (Stardock Corporation -> Stardock) [Archivo no firmado] [El archivo está en uso] c:\program files (x86)\stardock\fences\DesktopDock64.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 001519104 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfl340.dll
2014-02-07 11:47 - 2014-02-07 11:47 - 000256000 _____ (XnView) [Archivo no firmado] C:\Program Files (x86)\SageThumbs\64\libgfle340.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
AlternateDataStreams: C:\Users\Joseph\Desktop\FRST64.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Joseph\Desktop\iExplore.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Joseph\Desktop\mb-clean-3.1.0.1035.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Joseph\Desktop\mbar-1.10.3.1001.exe:SmartScreen [7]

==================== Modo Seguro (Lista blanca) ==================

==================== Asociación (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado.)

HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <==== ATENCIÓN

==================== Internet Explorer (Lista blanca) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-03-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-03-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1742535224-2617996105-2139470584-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-05-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-08-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2020-08-18 10:52 - 2020-09-12 23:27 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\Control Panel\Desktop\\Wallpaper -> E:\Mis Imagenes\BG-OSCUROS-170\Wall.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AviraPhantomVPN => 2
MSCONFIG\Services: Chemtable Startup Checking => 2
MSCONFIG\Services: CleanupPSvc => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: FoxitPhantomPDFUpdateService => 2
MSCONFIG\Services: nvsvc => 2
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Fences"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "WAHELPER.EXE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "Adguard"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3856E68BA95DC3D50720C26AAEF4DDA6"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "Fences"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{94FD4C49-AE6E-44D7-A0B5-EDFF545E09A5}E:\portables\operaportable\app\opera\70.0.3728.178\opera.exe] => (Allow) E:\portables\operaportable\app\opera\70.0.3728.178\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{277C1FB6-5898-40AA-A263-4C35DDB8D9B8}E:\portables\operaportable\app\opera\70.0.3728.178\opera.exe] => (Allow) E:\portables\operaportable\app\opera\70.0.3728.178\opera.exe (Opera Software AS -> Opera Software)

==================== Puntos de Restauración =========================

13-09-2020 08:20:57 End of disinfection

==================== Dispositivos defectuosos en el Administrador de dispositivos ============


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance(CLSID_VSSCoordinator). HR = 0x80040154, Clase no registrada
.

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 22) (User: )
Description: Error del Servicio de instantáneas de volumen: un componente crítico requerido por el Servicio de instantáneas de volumen no está registrado.
Esto puede ocurrir si se produjo un error durante la instalación de Windows o durante la instalación de un proveedor de instantáneas.
Error devuelto desde CoCreateInstance en la clase con CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} y nombre Coordinator es [0x80040154, Clase no registrada
].

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance(CLSID_VSSCoordinator). HR = 0x80040154, Clase no registrada
.

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 22) (User: )
Description: Error del Servicio de instantáneas de volumen: un componente crítico requerido por el Servicio de instantáneas de volumen no está registrado.
Esto puede ocurrir si se produjo un error durante la instalación de Windows o durante la instalación de un proveedor de instantáneas.
Error devuelto desde CoCreateInstance en la clase con CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} y nombre Coordinator es [0x80040154, Clase no registrada
].

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance(CLSID_VSSCoordinator). HR = 0x80040154, Clase no registrada
.

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 22) (User: )
Description: Error del Servicio de instantáneas de volumen: un componente crítico requerido por el Servicio de instantáneas de volumen no está registrado.
Esto puede ocurrir si se produjo un error durante la instalación de Windows o durante la instalación de un proveedor de instantáneas.
Error devuelto desde CoCreateInstance en la clase con CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} y nombre Coordinator es [0x80040154, Clase no registrada
].

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance(CLSID_VSSCoordinator). HR = 0x80040154, Clase no registrada
.

Error: (09/13/2020 02:29:22 PM) (Source: VSS) (EventID: 22) (User: )
Description: Error del Servicio de instantáneas de volumen: un componente crítico requerido por el Servicio de instantáneas de volumen no está registrado.
Esto puede ocurrir si se produjo un error durante la instalación de Windows o durante la instalación de un proveedor de instantáneas.
Error devuelto desde CoCreateInstance en la clase con CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} y nombre Coordinator es [0x80040154, Clase no registrada
].


Errores del sistema:
=============
Error: (09/13/2020 02:39:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80240017: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.323.1101.0).

Error: (09/13/2020 02:39:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200b: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.323.1101.0).

Error: (09/13/2020 02:39:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Microsoft Defender Antivirus Service se cerró con el siguiente error: 
%%2147942402 = El sistema no puede encontrar el archivo especificado.

Error: (09/13/2020 02:32:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio WinDefend se cerró con el siguiente error: 
%%2147942402 = El sistema no puede encontrar el archivo especificado.

Error: (09/13/2020 02:31:58 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: El servicio NetMsmqActivator depende del siguiente servicio: msmq. Este servicio podría no estar instalado.

Error: (09/13/2020 02:31:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DrvCovEx no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (09/13/2020 02:31:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio MBAMChameleon no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (09/13/2020 02:31:49 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 34) (User: NT AUTHORITY)
Description: Se deshabilitaron las características de administración de energía en estado de inactividad en el procesador lógico Hyper-V 1 debido a un problema de firmware. Consulte al fabricante del equipo si hay firmware actualizado.


Windows Defender:
===================================
Date: 2020-09-12 08:46:38.8540000Z
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {37C22EBA-43CB-4E61-BE84-78254B00400F}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-06 18:48:08.5960000Z
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {4C8FFDBE-6CEF-4DB4-BE5D-2E40624DEE11}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-06 17:51:32.4390000Z
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {6C1FA701-7349-45FB-BC0B-5B1D5F8ABF0C}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2020-09-05 14:58:51.2120000Z
Description: 
Antivirus de Microsoft Defender detectó un comportamiento sospechoso.
Nombre: Behavior:Win32/ModifiedBootRecord
Id.: 944451854
Gravedad: Low
Categoría: Suspicious Behavior
Ruta de acceso encontrada: file:_C:\Program Files (x86)\HDD Regenerator\hddreg.exe; process:_1768
Origen de detección: Equipo local
Tipo de detección: Sospechoso
Origen de detección: Protección en tiempo real
Estado: Ejecutando
Usuario: DESKTOP-I4EA06H\Joseph
Nombre de proceso: C:\Program Files (x86)\HDD Regenerator\hddreg.exe
Id. de inteligencia de seguridad: 23858570787236
Versión de inteligencia de seguridad: AV: 1.323.580.0, AS: 1.323.580.0
Versión de motor: 1.1.17400.5
Etiqueta de fidelidad:  Medio
Nombre de archivo de destino:  

Date: 2020-08-26 16:38:42.6990000Z
Description: 
El examen de Antivirus de Microsoft Defender se detuvo antes de completarse.
Id. de examen: {DE8D3420-5575-43A8-A428-762125D3B45A}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: DESKTOP-I4EA06H\Joseph

Date: 2020-09-12 08:54:55.3360000Z
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: This service cannot be started in Safe Mode 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2020-09-12 07:26:26.8350000Z
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x80070057
Descripción del error: The parameter is incorrect. 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2020-09-02 18:39:02.6320000Z
Description: 
La característica Protección en tiempo real de Antivirus de Microsoft Defender encontró un error:
Característica: Sistema de inspección de red
Código de error: 0x8007045b
Descripción del error: A system shutdown is in progress. 
Motivo: El sistema no tiene las actualizaciones necesarias para ejecutar el Sistema de inspección de red. Instala las actualizaciones requeridas y reinicia el dispositivo.

Date: 2020-08-26 16:14:04.0220000Z
Description: 
Antivirus de Microsoft Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.321.2244.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.17400.5
Código de error: 0x80240438
Descripción del error: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 

CodeIntegrity:
===================================

Date: 2020-09-13 14:24:00.5200000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:24:00.3730000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:17:03.4870000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:16:52.4300000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:16:37.8510000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:13:23.2360000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:13:20.9220000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-09-13 14:10:05.8440000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: Intel Corp. PRG3110H.86A.0047.2008.0227.1745 02/27/2008
Placa base: Intel Corporation DG31PR
Procesador: Intel(R) Core(TM)2 Duo CPU E7200 @ 2.53GHz
Porcentaje de memoria en uso: 44%
RAM física total: 4092.9 MB
RAM física disponible: 2264.89 MB
Virtual total: 12092.9 MB
Virtual disponible: 10116.05 MB

==================== Unidades ================================

Drive c: (W10Edu) (Fixed) (Total:476.41 GB) (Free:417.99 GB) NTFS ==>[unidad con componentes de arranque (obtenido de BCD)]
Drive d: (WDOSW7) (Fixed) (Total:113.79 GB) (Free:32.51 GB) NTFS
Drive e: (SeaGate 1.5) (Fixed) (Total:1397.26 GB) (Free:30.87 GB) NTFS
Drive f: (Descargas F) (Fixed) (Total:184.29 GB) (Free:12.77 GB) NTFS

\\?\Volume{dcdadcda-0000-0000-0000-801a77000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: DCDADCDA)
Partition 1: (Active) - (Size=476.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=536 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 0D312A61)
Partition 1: (Not Active) - (Size=113.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 30F77191)
Partition 1: (Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== Final de Addition.txt =======================

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <==== ATENCIÓN
MSCONFIG\Services: AviraPhantomVPN => 2
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
GroupPolicy: Restricción ? <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
Task: {495864CE-7E0A-4584-96C9-AD7F042FC9F7} - System32\Tasks\Driver Booster SkipUAC (Joseph) => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\DriverBooster.exe
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S3 MBAMProtector; no ImagePath
S3 MBAMWebAccessControl-BackupByMalwarebytesPortable; no ImagePath
R3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [45056 2020-02-24] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
U4 ekrn; no ImagePath
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
2020-09-13 14:26 - 2020-09-13 14:26 - 000858912 _____ (Malwarebytes) C:\Users\Joseph\Desktop\mb-clean-3.1.0.1035.exe
2020-09-13 09:53 - 2020-09-13 09:53 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\421F7730.sys
2020-09-13 09:39 - 2020-09-13 09:39 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Joseph\Desktop\mbar-1.10.3.1001.exe
2020-09-12 15:54 - 2020-05-29 14:16 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

1 me gusta

Hola @JavierHF Muchas gracias por tu interés y tiempo. He seguido las instrucciones al pie de la letra y no hubo cambios -no actualiza el Windows Defender y tampoco inicia- Aquí el FIXLOG. Saludos!!! :+1:t2: :+1:t2::+1:t2:

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 13-09-2020
Ejecutado por Joseph (14-09-2020 17:42:43) Run:1
Ejecutado desde C:\Users\Joseph\Desktop
Perfiles cargados: Joseph
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <==== ATENCIÓN
MSCONFIG\Services: AviraPhantomVPN => 2
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restricción <==== ATENCIÓN
GroupPolicy: Restricción ? <==== ATENCIÓN
GroupPolicy\User: Restricción ? <==== ATENCIÓN
Task: {495864CE-7E0A-4584-96C9-AD7F042FC9F7} - System32\Tasks\Driver Booster SkipUAC (Joseph) => C:\Program Files (x86)\IObit\Driver Booster\7.5.0\DriverBooster.exe
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S3 MBAMProtector; no ImagePath
S3 MBAMWebAccessControl-BackupByMalwarebytesPortable; no ImagePath
R3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [45056 2020-02-24] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
U4 ekrn; no ImagePath
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
2020-09-13 14:26 - 2020-09-13 14:26 - 000858912 _____ (Malwarebytes) C:\Users\Joseph\Desktop\mb-clean-3.1.0.1035.exe
2020-09-13 09:53 - 2020-09-13 09:53 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\421F7730.sys
2020-09-13 09:39 - 2020-09-13 09:39 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Joseph\Desktop\mbar-1.10.3.1001.exe
2020-09-12 15:54 - 2020-05-29 14:16 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => eliminado correctamente
C:\ProgramData\TEMP => ":1AAB2E68" ADS eliminado correctamente
HKLM\Software\Classes\.scr\\"Default"="scrfile" => valor restaurado correctamente
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AviraPhantomVPN => eliminado correctamente
HKLM\System\CurrentControlSet\Services\AviraPhantomVPN => no encontrado
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Malwarebytes Anti-Exploit" => eliminado correctamente
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Malwarebytes Anti-Exploit" => no encontrado
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => eliminado correctamente
C:\Windows\system32\GroupPolicy\Machine => movido correctamente
C:\Windows\system32\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
C:\Windows\system32\GroupPolicy\User => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{495864CE-7E0A-4584-96C9-AD7F042FC9F7}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{495864CE-7E0A-4584-96C9-AD7F042FC9F7}" => eliminado correctamente
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Joseph) => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Joseph)" => eliminado correctamente
HKLM\SOFTWARE\Google\Chrome\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci => eliminado correctamente
C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx => movido correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci => eliminado correctamente
"C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx" => no encontrado
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\System\CurrentControlSet\Services\MBAMProtector => eliminado correctamente
MBAMProtector => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\MBAMWebAccessControl-BackupByMalwarebytesPortable => eliminado correctamente
MBAMWebAccessControl-BackupByMalwarebytesPortable => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\phantomtap => eliminado correctamente
phantomtap => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\ekrn => eliminado correctamente
ekrn => servicio eliminado correctamente
HKLM\System\CurrentControlSet\Services\EuGdiDrv => eliminado correctamente
EuGdiDrv => servicio eliminado correctamente
C:\Users\Joseph\Desktop\mb-clean-3.1.0.1035.exe => movido correctamente
C:\Windows\system32\Drivers\421F7730.sys => movido correctamente
C:\Users\Joseph\Desktop\mbar-1.10.3.1001.exe => movido correctamente
C:\ProgramData\Malwarebytes Anti-Exploit => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-1742535224-2617996105-2139470584-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= Final de CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= Final de CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= Final de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13769040 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3892291 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7412 B
NetworkService => 7412 B
Joseph => 3483632 B
David => 3483632 B
Administrador => 3483632 B
DefaultAppPool => 3483632 B

RecycleBin => 2740116 B
EmptyTemp: => 42.8 MB datos temporales eliminados.

================================


El sistema necesita reiniciarse.

==== Final de Fixlog 17:42:52 ====