Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05.2019 Ran by marce (administrator) on WINDOWS-DF7J2AA (Dell Inc. Inspiron 5570) (07-05-2019 00:21:46) Running from C:\Users\marce\OneDrive\Escritorio Loaded Profiles: marce & (Available Profiles: marce) Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Inglés (Estados Unidos) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127390.inf_amd64_e1ccb879ece8f084\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\McCSPServiceHost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_12\mcapexe.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\uihost.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\marce\AppData\Local\Microsoft\OneDrive\19.062.0331.0006\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\marce\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIFE.EXE (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9231328 2017-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.) HKU\S-1-5-21-3204175163-122777995-89603571-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIFE.EXE [283232 2014-12-04] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-3204175163-122777995-89603571-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIFE.EXE [283232 2014-12-04] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marce\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\marce\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\RunOnce: [Uninstall 19.043.0304.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marce\AppData\Local\Microsoft\OneDrive\19.043.0304.0007\amd64" HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\RunOnce: [Uninstall 19.043.0304.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\marce\AppData\Local\Microsoft\OneDrive\19.043.0304.0007" HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE [179192 2019-05-04] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1723888 2019-04-30] (Google LLC -> Google Inc.) HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019145810488\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIFE.EXE [283232 2014-12-04] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019145810488\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\...\Drivers32-x32: [vidc.pDAD] => prodad-codec.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.) Startup: C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2019-02-06] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0976AACD-0D5E-4849-A35F-FB73BD21F3D2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe [4025080 2019-03-06] (McAfee, Inc. -> McAfee, Inc.) Task: {09C7FCE0-464F-43A7-9D2A-42F993FAC37C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {1F47B977-04AF-4134-A76C-BD683E58D82D} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.) Task: {44CB9A26-4235-4E16-88C2-85AEE8DB680D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {47E6E289-96F9-4906-848A-6AC1DD2C7A21} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {4ACA578A-D3AE-45A5-846C-56C0BC5508FA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink) Task: {4C36F0CD-1A48-44E2-94D4-06F337CD178C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.) Task: {54091605-632D-4100-9176-C25B53197E26} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [439544 2015-05-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.) Task: {5779FB85-4F1B-4980-8A02-E4229F286C63} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.) Task: {78AB1FB6-589D-4397-8E14-528E39BC13FA} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {79BF71BE-2402-40A0-B57B-608F42CD712B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation) Task: {9FFB2C42-EA34-47F9-9AD9-26A2BBF68DA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-02] (Google Inc -> Google Inc.) Task: {A5961C8F-7E0F-456B-A4B8-62316D5A5F5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-02] (Google Inc -> Google Inc.) Task: {A7C9AB0D-0129-4C3E-BCCE-BAE15FE193CB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {A88A481C-44E5-403A-B4C0-89F9CB3EB623} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AB9E11BC-06F2-475C-A015-14B9D7A55CE9} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.) Task: {C4EE833B-B5BE-4D78-BEFB-38BBF74E7235} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [756672 2018-11-13] (McAfee, Inc. -> McAfee, Inc.) Task: {C8F30A41-2AC6-494C-85F6-36833EE71023} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {CC8AB41F-447A-4951-9082-1F1468603B80} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-04] (Microsoft Corporation -> Microsoft Corporation) Task: {CD5D38B1-B9E9-42EE-8346-E5D32C65CBA4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {D75E4AA6-E433-456E-8EBE-CFC353B61FB7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 100.72.3.113 100.72.3.5 Tcpip\..\Interfaces\{8e282aae-db62-48f6-afeb-77c83a83d86f}: [DhcpNameServer] 100.72.3.113 100.72.3.5 Tcpip\..\Interfaces\{99156db2-9dd2-4b5f-8ea5-e3bff70c1ced}: [DhcpNameServer] 192.168.49.1 Tcpip\..\Interfaces\{a2aaaf0e-2b24-476e-b98d-9f567e5493a9}: [DhcpNameServer] 10.49.34.6 10.49.34.5 Internet Explorer: ================== HKU\S-1-5-21-3204175163-122777995-89603571-1002\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com HKU\S-1-5-21-3204175163-122777995-89603571-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019005347392\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019145810488\Software\Microsoft\Internet Explorer\Main,Start Page = www.dell.com HKU\S-1-5-21-3204175163-122777995-89603571-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05062019145810488\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-18] (McAfee, Inc. -> McAfee, Inc.) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-18] (McAfee, Inc. -> McAfee, Inc.) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.) FireFox: ======== FF DefaultProfile: 2hbd9bz2.default FF ProfilePath: C:\Users\marce\AppData\Roaming\Mozilla\Firefox\Profiles\2hbd9bz2.default [2019-05-06] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-05-02] FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-03-11] [Legacy] [not signed] FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-02-15] (McAfee, Inc. -> ) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-02-15] (McAfee, Inc. -> ) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-05] (Google Inc -> Google LLC) Chrome: ======= CHR Profile: C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default [2019-05-07] CHR Extension: (Presentaciones) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-02] CHR Extension: (Documentos) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-02] CHR Extension: (Google Drive) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-02] CHR Extension: (YouTube) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-02] CHR Extension: (Hojas de cálculo) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-02] CHR Extension: (McAfee® WebAdvisor) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-05-02] CHR Extension: (Avira Navegación segura) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-03-21] CHR Extension: (Documentos de Google sin conexión) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-04] CHR Extension: (Rick And Morty Theme) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjlbjnagciolegpimabclliiolgeobdn [2019-03-06] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-02] CHR Extension: (Gmail) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02] CHR Extension: (Chrome Media Router) - C:\Users\marce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-03] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146240 2019-04-26] (Microsoft Corporation -> Microsoft Corporation) S2 CLKMSVC10_3CD7F304; C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD14\Common\NavFilter\KmSvc.exe [312088 2016-05-10] (CyberLink Corp. -> CyberLink) R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [1700968 2017-05-10] (Intel Corporation -> Intel Corporation) S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413744 2017-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-06-26] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-18] (McAfee, Inc. -> McAfee, Inc.) R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-23] (McAfee, Inc. -> McAfee, Inc.) S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [419096 2016-04-01] (McAfee, Inc. -> McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2019-01-15] (McAfee, Inc. -> McAfee, LLC) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2019-01-15] (McAfee, Inc. -> McAfee, LLC) R3 mfevtp; C:\windows\system32\mfevtps.exe [509728 2019-01-15] (McAfee, Inc. -> McAfee, LLC) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.) R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1360384 2019-02-05] (McAfee, Inc. -> McAfee, Inc.) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2015-09-02] (CyberLink Corp. -> CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [882496 2018-03-06] (Waves Inc -> Waves Audio Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77384 2019-01-22] (McAfee, Inc. -> McAfee, LLC) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74168 2017-05-10] (Intel Corporation -> Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69560 2017-05-10] (Intel Corporation -> Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382392 2017-05-10] (Intel Corporation -> Intel Corporation) R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54816 2017-06-12] (Intel(R) Software -> Intel Corporation) S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.) S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70656 2017-06-30] (Intel(R) Rapid Storage Technology -> Intel Corporation) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-05-04] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-05-06] (Malwarebytes Corporation -> Malwarebytes) R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC) R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [373808 2019-01-22] (McAfee, Inc. -> McAfee, LLC) S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86136 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC) R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517168 2019-01-22] (McAfee, Inc. -> McAfee, LLC) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [981032 2019-01-22] (McAfee, Inc. -> McAfee, LLC) R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.) S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.) R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC) R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254024 2019-01-22] (McAfee, Inc. -> McAfee, LLC) R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984040 2017-06-19] (Realtek Semiconductor Corp. -> Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-07 00:23 - 2019-05-07 00:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2019-05-06 15:09 - 2019-05-06 15:12 - 000027555 _____ C:\Users\marce\Downloads\Addition.txt 2019-05-06 15:07 - 2019-05-07 00:21 - 000000000 ____D C:\FRST 2019-05-06 15:07 - 2019-05-06 15:12 - 000062994 _____ C:\Users\marce\Downloads\FRST.txt 2019-05-06 00:56 - 2019-05-06 00:56 - 000000000 ___HD C:\OneDriveTemp 2019-05-06 00:53 - 2019-05-06 00:53 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-05-06 00:50 - 2019-05-06 00:50 - 000001250 _____ C:\Users\marce\Downloads\AdwCleaner[S00].txt 2019-05-06 00:37 - 2019-05-06 00:37 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-05-06 00:37 - 2019-05-06 00:37 - 000002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2019-05-06 00:37 - 2019-05-06 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-05-06 00:37 - 2019-05-06 00:37 - 000000000 ____D C:\Program Files\CCleaner 2019-05-06 00:35 - 2019-05-06 00:35 - 021254208 _____ (Piriform Software Ltd) C:\Users\marce\Downloads\ccsetup556.exe 2019-05-06 00:32 - 2019-05-06 00:33 - 000000000 ____D C:\AdwCleaner 2019-05-06 00:31 - 2019-05-06 00:31 - 007025360 _____ (Malwarebytes) C:\Users\marce\Downloads\adwcleaner_7.3 (1).exe 2019-05-04 04:21 - 2019-05-04 04:21 - 007025360 _____ (Malwarebytes) C:\Users\marce\Downloads\adwcleaner_7.3.exe 2019-05-04 02:09 - 2019-05-04 02:09 - 000000000 ____D C:\Users\marce\AppData\Local\mbamtray 2019-05-04 02:09 - 2019-05-04 02:09 - 000000000 ____D C:\Users\marce\AppData\Local\mbam 2019-05-04 02:08 - 2019-05-04 02:08 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-05-04 02:08 - 2019-05-04 02:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-05-04 02:08 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-05-04 02:08 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-05-04 02:07 - 2019-05-04 02:07 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-05-04 02:07 - 2019-05-04 02:07 - 000000000 ____D C:\Program Files\Malwarebytes 2019-05-04 02:06 - 2019-05-04 02:06 - 063202456 _____ (Malwarebytes ) C:\Users\marce\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10446.exe 2019-05-02 21:34 - 2019-05-06 00:53 - 000000000 ____D C:\ProgramData\McInstTemp0083741556843658 2019-04-17 17:49 - 2019-04-02 09:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-04-17 17:49 - 2019-04-02 09:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-04-17 17:49 - 2019-04-02 09:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-04-17 17:49 - 2019-04-02 09:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-04-17 17:49 - 2019-04-02 09:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-04-17 17:49 - 2019-04-02 09:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-04-17 17:49 - 2019-04-02 09:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-04-17 17:49 - 2019-04-02 06:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-04-17 17:49 - 2019-04-02 06:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-04-17 17:49 - 2019-04-02 06:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-04-17 17:49 - 2019-04-02 06:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-04-17 17:49 - 2019-04-02 06:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-04-17 17:49 - 2019-04-02 06:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-04-17 17:49 - 2019-04-02 05:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-04-17 17:49 - 2019-04-02 05:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-04-17 17:49 - 2019-04-02 05:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-04-17 17:49 - 2019-04-02 05:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-04-17 17:49 - 2019-04-02 05:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-04-17 17:49 - 2019-04-02 05:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-04-17 17:49 - 2019-04-02 05:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-04-17 17:49 - 2019-04-02 05:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-04-17 17:49 - 2019-04-02 05:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-04-17 17:49 - 2019-04-02 05:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-04-17 17:49 - 2019-04-02 05:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-04-17 17:49 - 2019-04-02 05:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-04-17 17:49 - 2019-04-02 05:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-04-17 17:49 - 2019-04-02 05:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-04-17 17:49 - 2019-04-02 05:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-04-17 17:49 - 2019-04-02 04:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-04-17 17:49 - 2019-04-02 04:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-04-17 17:49 - 2019-04-02 04:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-04-17 17:49 - 2019-04-02 04:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-04-17 17:49 - 2019-04-02 04:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-04-17 17:49 - 2019-04-02 04:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2019-04-17 17:49 - 2019-04-02 04:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-04-17 17:49 - 2019-04-02 04:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-04-17 17:49 - 2019-04-02 04:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys 2019-04-17 17:49 - 2019-04-02 04:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-04-17 17:49 - 2019-04-02 04:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-04-17 17:49 - 2019-04-02 04:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-04-17 17:49 - 2019-04-02 04:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2019-04-17 17:49 - 2019-04-02 04:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-04-17 17:49 - 2019-04-02 04:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-04-17 17:49 - 2019-04-02 04:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-04-17 17:49 - 2019-04-02 04:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-04-17 17:49 - 2019-04-02 02:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-04-17 17:49 - 2019-04-02 02:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-04-17 17:49 - 2019-04-02 02:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-04-17 17:49 - 2019-04-02 02:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-04-17 17:49 - 2019-04-02 01:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-04-17 17:49 - 2019-04-02 01:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2019-04-17 17:49 - 2019-04-02 01:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2019-04-17 17:49 - 2019-04-02 01:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2019-04-17 17:49 - 2019-04-02 01:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2019-04-17 17:49 - 2019-04-02 01:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-04-17 17:49 - 2019-03-14 11:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-04-17 17:49 - 2019-03-14 11:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2019-04-17 17:49 - 2019-03-14 11:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys 2019-04-17 17:49 - 2019-03-14 11:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll 2019-04-17 17:49 - 2019-03-14 11:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-04-17 17:49 - 2019-03-14 10:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll 2019-04-17 17:49 - 2019-03-14 05:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2019-04-17 17:49 - 2019-03-14 05:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2019-04-17 17:49 - 2019-03-14 05:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-04-17 17:49 - 2019-03-14 05:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-04-17 17:49 - 2019-03-14 05:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-04-17 17:49 - 2019-03-14 05:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-04-17 17:49 - 2019-03-14 05:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-04-17 17:49 - 2019-03-14 05:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-04-17 17:49 - 2019-03-14 05:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-04-17 17:49 - 2019-03-14 05:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys 2019-04-17 17:49 - 2019-03-14 05:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2019-04-17 17:49 - 2019-03-14 05:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-04-17 17:49 - 2019-03-14 05:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-04-17 17:49 - 2019-03-14 05:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-04-17 17:49 - 2019-03-14 05:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-04-17 17:49 - 2019-03-14 05:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2019-04-17 17:49 - 2019-03-14 05:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2019-04-17 17:49 - 2019-03-14 05:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-04-17 17:49 - 2019-03-14 05:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll 2019-04-17 17:49 - 2019-03-14 05:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-04-17 17:49 - 2019-03-14 05:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-04-17 17:49 - 2019-03-14 05:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2019-04-17 17:49 - 2019-03-14 05:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2019-04-17 17:49 - 2019-03-14 05:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll 2019-04-17 17:49 - 2019-03-14 05:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2019-04-17 17:49 - 2019-03-14 05:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-04-17 17:49 - 2019-03-14 05:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2019-04-17 17:49 - 2019-03-14 05:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2019-04-17 17:49 - 2019-03-14 05:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-04-17 17:49 - 2019-03-14 05:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll 2019-04-17 17:49 - 2019-03-14 05:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-04-17 17:49 - 2019-03-14 04:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-04-17 17:49 - 2019-03-14 04:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-04-17 17:49 - 2019-03-14 04:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2019-04-17 17:49 - 2019-03-14 04:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2019-04-17 17:49 - 2019-03-14 04:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2019-04-17 17:49 - 2019-03-14 04:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll 2019-04-17 17:49 - 2019-03-14 04:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2019-04-17 17:49 - 2019-03-14 04:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2019-04-17 17:49 - 2019-03-14 04:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2019-04-17 17:49 - 2019-03-14 04:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-04-17 17:49 - 2019-03-14 04:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-04-17 17:49 - 2019-03-14 04:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll 2019-04-17 17:49 - 2019-03-14 04:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2019-04-17 17:49 - 2019-03-14 04:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2019-04-17 17:49 - 2019-03-14 04:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2019-04-17 17:49 - 2019-03-14 04:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-04-17 17:49 - 2019-03-14 04:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-04-17 17:49 - 2019-03-14 04:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-04-17 17:49 - 2019-03-14 04:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-04-17 17:49 - 2019-03-14 04:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2019-04-17 17:49 - 2019-03-14 04:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2019-04-17 17:49 - 2019-03-14 04:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2019-04-17 17:49 - 2019-03-14 04:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2019-04-17 17:49 - 2019-03-14 04:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2019-04-17 17:49 - 2019-03-14 04:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-04-17 17:49 - 2019-03-14 04:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-04-17 17:49 - 2019-03-14 04:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2019-04-17 17:49 - 2019-03-14 04:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2019-04-17 17:48 - 2019-04-02 09:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-04-17 17:48 - 2019-04-02 09:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-04-17 17:48 - 2019-04-02 09:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2019-04-17 17:48 - 2019-04-02 09:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-04-17 17:48 - 2019-04-02 09:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-04-17 17:48 - 2019-04-02 09:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-04-17 17:48 - 2019-04-02 09:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2019-04-17 17:48 - 2019-04-02 09:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2019-04-17 17:48 - 2019-04-02 06:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-04-17 17:48 - 2019-04-02 06:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-04-17 17:48 - 2019-04-02 05:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-04-17 17:48 - 2019-04-02 05:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-04-17 17:48 - 2019-04-02 02:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-04-17 17:48 - 2019-04-02 01:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-04-17 17:48 - 2019-04-02 01:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-04-17 17:48 - 2019-04-02 01:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-04-17 17:48 - 2019-04-02 01:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-04-17 17:48 - 2019-03-16 09:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-04-17 17:48 - 2019-03-16 06:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-04-17 17:48 - 2019-03-14 11:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll 2019-04-17 17:48 - 2019-03-14 11:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2019-04-17 17:48 - 2019-03-14 10:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2019-04-17 17:48 - 2019-03-14 05:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll 2019-04-17 17:48 - 2019-03-14 05:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2019-04-17 17:48 - 2019-03-14 05:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll 2019-04-17 17:48 - 2019-03-14 05:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-04-17 17:48 - 2019-03-14 05:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-04-17 17:48 - 2019-03-14 05:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-04-17 17:48 - 2019-03-14 05:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2019-04-17 17:48 - 2019-03-14 05:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-04-17 17:48 - 2019-03-14 05:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2019-04-17 17:48 - 2019-03-14 05:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2019-04-17 17:48 - 2019-03-14 05:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-04-17 17:48 - 2019-03-14 05:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll 2019-04-17 17:48 - 2019-03-14 05:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2019-04-17 17:48 - 2019-03-14 05:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-04-17 17:48 - 2019-03-14 04:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2019-04-17 17:48 - 2019-03-14 04:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-04-17 17:48 - 2019-03-14 04:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2019-04-17 17:48 - 2019-03-14 04:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2019-04-17 17:48 - 2019-03-14 04:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe 2019-04-17 17:48 - 2019-03-14 04:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-04-17 17:48 - 2019-03-14 04:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-04-17 17:48 - 2019-03-14 04:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2019-04-17 17:48 - 2019-03-14 04:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2019-04-17 17:48 - 2019-03-14 04:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll 2019-04-17 17:48 - 2019-03-14 04:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2019-04-17 17:48 - 2019-03-14 04:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-04-17 17:48 - 2019-03-13 22:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-04-17 17:48 - 2019-03-13 22:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-04-17 17:48 - 2019-03-13 22:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-04-17 17:47 - 2019-04-02 09:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2019-04-17 17:47 - 2019-04-02 06:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll 2019-04-17 17:47 - 2019-04-02 04:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-04-17 17:47 - 2019-04-02 03:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim 2019-04-17 17:47 - 2019-04-02 01:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-04-17 17:47 - 2019-03-14 11:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2019-04-17 17:47 - 2019-03-14 11:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll 2019-04-17 17:47 - 2019-03-14 11:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2019-04-17 17:47 - 2019-03-14 11:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe 2019-04-17 17:47 - 2019-03-14 11:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll 2019-04-17 17:47 - 2019-03-14 11:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll 2019-04-17 17:47 - 2019-03-14 10:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll 2019-04-17 17:47 - 2019-03-14 10:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe 2019-04-17 17:47 - 2019-03-14 10:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll 2019-04-17 17:47 - 2019-03-14 10:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll 2019-04-17 17:47 - 2019-03-14 05:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2019-04-17 17:47 - 2019-03-14 05:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll 2019-04-17 17:47 - 2019-03-14 05:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-04-17 17:47 - 2019-03-14 05:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll 2019-04-17 17:47 - 2019-03-14 05:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll 2019-04-17 17:47 - 2019-03-14 05:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll 2019-04-17 17:47 - 2019-03-14 04:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-04-17 17:47 - 2019-03-14 04:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2019-04-17 17:47 - 2019-03-14 04:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll 2019-04-17 17:47 - 2019-03-14 04:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll 2019-04-17 17:47 - 2019-03-14 04:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll 2019-04-17 17:47 - 2019-03-14 04:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll 2019-04-17 17:47 - 2019-03-14 04:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2019-04-17 17:47 - 2019-03-14 04:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2019-04-17 17:47 - 2019-03-14 04:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll 2019-04-17 17:47 - 2019-03-14 04:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll 2019-04-17 17:47 - 2019-03-14 04:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll 2019-04-17 17:47 - 2019-03-13 22:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll 2019-04-17 17:47 - 2019-03-13 22:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-05-06 19:02 - 2019-02-05 18:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-05-06 19:02 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-05-06 15:16 - 2019-02-05 18:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2019-05-06 00:56 - 2018-11-23 00:59 - 000000000 ___RD C:\Users\marce\OneDrive 2019-05-06 00:55 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-05-06 00:55 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-05-06 00:53 - 2018-11-23 00:54 - 000000000 __SHD C:\Users\marce\IntelGraphicsProfiles 2019-05-06 00:53 - 2018-07-31 10:12 - 000000000 ____D C:\Program Files (x86)\McAfee 2019-05-06 00:53 - 2018-07-31 09:55 - 000190664 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_3CD7F304.sys 2019-05-06 00:52 - 2019-02-05 18:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-05-06 00:51 - 2018-04-11 18:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-05-06 00:39 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-05-06 00:39 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF 2019-05-06 00:28 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2019-05-04 02:15 - 2018-07-31 09:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-05-04 02:08 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-05-04 02:02 - 2019-02-05 18:38 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3204175163-122777995-89603571-1002 2019-05-04 02:02 - 2019-02-05 18:18 - 000002395 _____ C:\Users\marce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-05-03 01:53 - 2019-02-27 18:00 - 000000000 ____D C:\Users\marce\AppData\Local\D3DSCache 2019-05-02 21:39 - 2018-11-23 00:54 - 000000000 ____D C:\Users\marce\AppData\Local\Packages 2019-05-02 21:22 - 2019-02-05 18:18 - 000000000 ____D C:\Users\marce 2019-05-02 21:21 - 2019-02-05 18:12 - 000269256 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-05-02 21:17 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-05-02 21:17 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2019-05-02 21:17 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-05-02 21:17 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-05-02 21:17 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files\Windows Defender 2019-05-02 21:16 - 2019-01-02 01:14 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-02 21:13 - 2018-04-11 18:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2019-04-17 18:03 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-04-17 17:46 - 2018-11-25 23:24 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-04-16 01:32 - 2018-11-25 23:24 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2019-03-21 17:02 - 2019-03-21 17:02 - 000007606 _____ () C:\Users\marce\AppData\Local\Resmon.ResmonCfg ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================