Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020 Ran by gary_ (administrator) on LAPTOP-D7R02BVQ (TOSHIBA Satellite P55t-C) (17-06-2020 11:48:23) Running from C:\Users\gary_\Desktop Loaded Profiles: gary_ Platform: Windows 10 Home Version 1903 18362.900 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AVAST Software s.r.o. -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\CCleanerBrowserCrashHandler.exe (AVAST Software s.r.o. -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\CCleanerBrowserCrashHandler64.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Corel Corporation -> WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTAgent.exe (Dropbox, Inc -> Dropbox, Inc.) [File not signed] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\99.4.501\QtWebEngineProcess.exe <2> (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a9d116625f58b0a8\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a9d116625f58b0a8\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a9d116625f58b0a8\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_a9d116625f58b0a8\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (IS AppCloud Software) [File not signed] C:\Program Files (x86)\TOSHIBA\AppPlace\toshibaappplace.exe <4> (Kristjan Skutta -> ) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Mega Limited -> Mega Limited) C:\Users\gary_\AppData\Local\MEGAsync\MEGAsync.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\gary_\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\gary_\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <3> (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA CORPORATION -> TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe (WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe (Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [601944 2015-08-14] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3873000 2016-06-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [559920 2015-10-09] (TOSHIBA CORPORATION -> TOSHIBA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1922496 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-11] (Corel Corporation -> WinZip) [File not signed] HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [123848 2017-12-11] (Corel Corporation -> WinZip Computing, S.L.) HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2017-12-11] (WinZip Computing LLC -> WinZip Computing, S.L.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-28] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7916032 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.) [File not signed] HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare) HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Arc\ArcLauncher.exe [445488 2020-05-26] (Perfect World Entertainment -> Perfect World Entertainment) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [238440 2020-05-27] (IDSA Production signing key -> Intel) HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\...\Policies\Explorer: [NoFile] 0 HKLM\...\Policies\Explorer: [HideClock] 0 HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0 HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKLM\...\Policies\Explorer: [NoSetFolders] 0 HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKLM\...\Policies\Explorer: [NoSetTaskbar] 0 HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 HKLM\...\Policies\Explorer: [NoDFSTab] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoLogoff] 0 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 0 HKLM\...\Policies\Explorer: [NoSaveSettings] 0 HKLM\...\Policies\Explorer: [NoHardwareTab] 0 HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKLM\...\Policies\Explorer: [NoDesktop] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [Discord] => C:\Users\gary_\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\gary_\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1136104 2020-05-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [WallpaperEngine] => C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2578936 2020-02-16] (Kristjan Skutta -> ) HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32339344 2020-06-16] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4506304 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22256824 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\system: [DisableCMD] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-369767717-942642580-508085590-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\81.1.4223.141\Installer\chrmstp.exe [2020-06-02] (Piriform Software Ltd -> Piriform Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.106\Installer\chrmstp.exe [2020-06-16] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\Installer\setup.exe [2020-06-17] (Microsoft Corporation -> Microsoft Corporation) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2017-04-19] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2017-04-19] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Inc. -> Webroot Software, Inc.) Startup: C:\Users\gary_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-07-26] ShortcutTarget: MEGAsync.lnk -> C:\Users\gary_\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05C7DD53-A1E8-4232-9752-47CB225E0DB1} - System32\Tasks\IS AppCloud Software\App Place for Toshiba => C:\Program Files (x86)\Toshiba\AppPlace\toshibaappplace.exe [47142944 2016-06-08] (IS AppCloud Software) [File not signed] Task: {05E80FD0-1272-4E89-B96E-806DAD7D6A1B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {06A1FC64-E596-48A8-8828-6F0285A029A5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {0B7439ED-CBF7-4188-8888-5C0078458996} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-22] (AVAST Software s.r.o. -> Piriform Software) Task: {10EE4416-F90A-466A-8739-53EF1897D122} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation) Task: {112761ED-7ED7-4DFF-AD7D-02201AB6C400} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-22] (AVAST Software s.r.o. -> Piriform Software) Task: {11E311AE-7B05-467D-AC58-DEC98717945F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946112 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {1B6176D5-C8EA-4647-B7BE-7B9AB00310E0} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {1CF8AF11-75B1-4C41-B6A3-03A8C5B87509} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {20467A26-3A90-4AF7-AD51-277CA7D66A04} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd) Task: {23797D25-CDAB-4402-9D01-CBB1E794F2A1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {30A11789-1799-4A2E-857F-5CD981040D73} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {3251053F-2904-4E17-A8BD-0762887D7B08} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-19] (Adobe Inc. -> Adobe) Task: {32778C62-7036-4619-AC63-ADB16330B892} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [14320 2015-05-27] (DTS, Inc. -> ) Task: {33EB9F40-8EB5-4BB8-A4E0-9634F69A6FFC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd) Task: {447229FD-459E-4060-B27F-298465623670} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) Task: {4624D496-E143-4FB3-B64A-0F46ECC51BAF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {47A3ED6A-366D-4BA3-89D5-58626F302E8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-28] (Google Inc -> Google Inc.) Task: {4AD9867C-52D4-4A1D-BA38-B2E66961870C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc -> Dropbox, Inc.) Task: {5BE5BC22-F50D-4FD3-963F-6A828453CE00} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {5C74256B-A512-4FD7-980F-855B7149A731} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-04] (Microsoft Corporation -> Microsoft Corporation) Task: {652084E9-6085-4E35-8025-620D75AF412E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-19] (Adobe Inc. -> Adobe) Task: {676AE850-41FE-443E-9EB2-DEA1D5AE3CB8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) Task: {69B9C631-96D2-47D9-89B4-140163A0D05A} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation) Task: {6D43A56C-C03D-4C5E-ADC3-6AB3FB399C60} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-369767717-942642580-508085590-1001 => C:\Users\gary_\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2020-03-18] (Mega Limited -> Mega Limited) Task: {74DA756C-D2DA-40CD-9F1E-48599937BF3E} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [2047744 2017-12-11] (Corel Corporation -> WinZip) [File not signed] Task: {79D04C7D-B048-4E89-B7D7-1F0F9C61761A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-28] (Google Inc -> Google Inc.) Task: {7B69B4FE-A925-4365-9CEF-99FB7A8D0F2B} - System32\Tasks\IS AppCloud Software\App Place for Toshiba-Reminder => C:\Program Files (x86)\Toshiba\AppPlace\toshibaappplace.exe [47142944 2016-06-08] (IS AppCloud Software) [File not signed] Task: {7E15D45A-9F21-4A75-AAC5-C535EB25D7B3} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2019736 2020-05-11] (Piriform Software Ltd -> Piriform Software) Task: {80528D66-15EB-4978-911B-AEDEEDA453B7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1714112 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8C141472-C74E-4250-8D93-AB17401CF4E3} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {8C383ADC-7631-47CF-B82B-3C3E183A26CC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe Task: {935576B2-78C9-41D8-8AB7-A185EC621B22} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {9E7C77C9-AAE4-415E-B898-44E3E9A2BAE2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [647616 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A47E5AD3-4D8D-4E5A-AD91-FA34669D72A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) Task: {A9404B78-1E90-4121-A2A8-042CFC3F38C9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {AC462B01-693A-43E2-8E41-18B5AD9A7529} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-04] (Microsoft Corporation -> Microsoft Corporation) Task: {BD07B861-0EC2-4FEB-8F2A-31FB96261B61} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [135504 2015-07-08] (TOSHIBA CORPORATION -> Toshiba Corporation) Task: {C7F14A52-6D31-4125-9525-9E8E31E4F215} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {D04D1499-902C-47C0-8710-2BA545448D4B} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-14] (Mozilla Corporation -> Mozilla Foundation) Task: {D89496AD-2FCA-4D0D-A47F-A1E1B9A4C038} - System32\Tasks\Driver Booster SkipUAC (gary_) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe [6074128 2018-07-06] (IObit Information Technology -> IObit) Task: {DBC59D7B-AEC8-4F8C-9890-A67DFC6F98B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) Task: {E580A1D7-A3C1-478C-9873-642B653330EB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2019736 2020-05-11] (Piriform Software Ltd -> Piriform Software) Task: {EEBE6043-FD7C-4962-A33F-64AA6C09A950} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [747016 2020-06-02] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {F08AC8A0-5C79-47F3-83B4-28AAF27B4285} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F4918F2A-B3DA-464F-9556-55579C18649F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc -> Dropbox, Inc.) Task: {FE0E7BCD-24E1-4750-9E16-71EF555C5FE0} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436672 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54 Tcpip\..\Interfaces\{65ce82dc-e0f7-4ae9-af66-53c80d0e4cb3}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54 Tcpip\..\Interfaces\{6d95562f-645e-4000-9e91-1b86d54c3fca}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-369767717-942642580-508085590-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba15.msn.com/?pc=TBTE HKU\S-1-5-21-369767717-942642580-508085590-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.new.toshiba.com?cid=H16C1 SearchScopes: HKLM -> DefaultScope {61275CAF-F619-42F8-812A-7F530A7F7DEC} URL = SearchScopes: HKLM-x32 -> DefaultScope {61275CAF-F619-42F8-812A-7F530A7F7DEC} URL = SearchScopes: HKU\S-1-5-21-369767717-942642580-508085590-1001 -> DefaultScope {61275CAF-F619-42F8-812A-7F530A7F7DEC} URL = SearchScopes: HKU\S-1-5-21-369767717-942642580-508085590-1001 -> {0044E731-F8D9-4FC3-8AEF-607283F3A42F} URL = hxxps://pe.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll => No File BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll => No File BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-05-12] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll => No File BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2020-03-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-31] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll => No File BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll => No File BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2020-05-12] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-31] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll No File Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll No File Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll No File Toolbar: HKU\S-1-5-21-369767717-942642580-508085590-1001 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== Edge Profile: C:\Users\gary_\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-17] Edge HomePage: Default -> hxxps://web-start-page.com/?s=toshibaupd&m=home&brw=ch FireFox: ======== FF DefaultProfile: 0rnmugtd.default FF ProfilePath: C:\Users\gary_\AppData\Roaming\Mozilla\Firefox\Profiles\0rnmugtd.default [2020-06-17] FF Homepage: Mozilla\Firefox\Profiles\0rnmugtd.default -> hxxps://links.malwarebytes.com/link/restorebrowser?lic=trial&product=MBAM-Cdmontlsfs_18_05¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dpe%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzuyB0AyBzytCzytD0EyDzztCyCtD0EzztAtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtCyCtFtDtFyDzztN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyDtCtDyE0BtC0BtGyB0B0ByBtGtC0E0EtAtGtB0EyC0BtGtDtD0EtAtA0B0A0CzyyEyByE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1Rzy1PyDyC1QzzzytGzzzzyCzztGyEyBtAtBtGzz1R1TtBtG1Q1TyDtB1Qzz1P1QtD1O1RyB2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzzzyzytN1Q2Z1B1P1RzutCyDtCyByDzyyDzzyDyB%26cr%3D549239080%26a%3Dwny_dmontlsfs_18_05%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome FF NewTab: Mozilla\Firefox\Profiles\0rnmugtd.default -> hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ff_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_72b5c17f_1201_1403_20161024_PE_ff_nt_ FF Extension: (MEGA) - C:\Users\gary_\AppData\Roaming\Mozilla\Firefox\Profiles\0rnmugtd.default\Extensions\firefox@mega.co.nz.xpi [2020-06-15] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-19] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-19] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-31] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-31] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-08-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [No File] FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-03-22] (AVAST Software s.r.o. -> Piriform Software) FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [2020-03-22] (AVAST Software s.r.o. -> Piriform Software) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\gary_\AppData\Local\Google\Chrome\User Data\Default [2020-06-17] CHR HomePage: Default -> hxxps://web-start-page.com/?s=toshibaupd&m=home&brw=ch CHR StartupUrls: Default -> "hxxps://web-start-page.com/?s=toshibaupd&m=start&brw=ch" CHR Extension: (Google Drive) - C:\Users\gary_\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (YouTube) - C:\Users\gary_\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-28] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\gary_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30] CHR Extension: (Gmail) - C:\Users\gary_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-28] CHR Extension: (Chrome Media Router) - C:\Users\gary_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-27] CHR Profile: C:\Users\gary_\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-17] CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [125488 2020-05-26] (Perfect World Entertainment -> Perfect World Entertainment Inc) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-12] (BattlEye Innovations e.K. -> ) S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2018-08-11] (BitRaider LLC -> BitRaider, LLC) S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-22] (AVAST Software s.r.o. -> Piriform Software) S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\81.1.4223.141\elevation_service.exe [1106528 2020-05-11] (Piriform Software Ltd -> Piriform Software) S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-22] (AVAST Software s.r.o. -> Piriform Software) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3051928 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-20] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-06-09] (Dropbox, Inc -> Dropbox, Inc.) R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1841344 2017-05-17] (Disc Soft Ltd -> Disc Soft Ltd) R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [37736 2020-05-27] (IDSA Production signing key -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [154472 2020-05-27] (IDSA Production signing key -> Intel) S3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] (DTS, Inc. -> ) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-02-16] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-04] (Microsoft Corporation -> Microsoft Corporation) S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-04] (Microsoft Corporation -> Microsoft Corporation) R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [941368 2020-03-10] (Intel(R) Software Development Products -> ) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2016-06-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel(R) Software Asset Manager -> Intel Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-12] (Malwarebytes Inc -> Malwarebytes) S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe [1507216 2020-06-17] (Microsoft Corporation -> Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-02-28] (Intel Corporation -> ) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [464456 2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> ) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1688720 2020-03-09] (Rockstar Games, Inc. -> Rockstar Games) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [208696 2020-03-10] (Intel(R) Software Development Products -> ) R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [330032 2015-11-20] (TOSHIBA CORPORATION -> TOSHIBA) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-03-13] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [941368 2020-03-10] (Intel(R) Software Development Products -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\NisSrv.exe [2484256 2020-05-31] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2005.5-0\MsMpEng.exe [103168 2020-05-31] (Microsoft Windows Publisher -> Microsoft Corporation) S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-02-28] (Intel Corporation -> Intel® Corporation) R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" S2 WinZip Compression Smart Monitor Service; "C:\Program Files\WinZip\WinZip Smart Monitor\WinZip Compression Smart Monitor Service.exe" [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2018-08-11] (BitRaider -> BitRaider) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-01-09] (Bluestack Systems, Inc. -> Bluestack System Inc.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-10] (Microsoft Corporation) [File not signed] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-02-02] (Disc Soft Ltd -> Disc Soft Ltd) S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-02] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2019-10-23] (Disc Soft Ltd -> Disc Soft Ltd) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-12] (Malwarebytes Corporation -> Malwarebytes) S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2018-08-31] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-08-31] (Martin Malik - REALiX -> REALiX(tm)) S3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [52128 2013-11-26] (Visicom Media Inc. -> Visicom Media Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-12] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-06-16] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-06-17] (Malwarebytes Inc -> Malwarebytes) R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-12] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131736 2020-06-16] (Malwarebytes Inc -> Malwarebytes) S3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc. -> Visicom Media Inc.) S3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [38216 2017-03-11] (SoftEther Corporation -> SoftEther Corporation) S3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw04.sys [3629008 2019-02-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtd.inf_amd64_e77181c117d0dee7\nvlddmkm.sys [17538088 2018-06-07] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-05-19] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation) R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [14000 2015-05-05] (WDKTestCert 1,130752733198717037 -> TOSHIBA) R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [347704 2020-02-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2003-09-12] () [File not signed] R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2019-01-06] (SoftEther Corporation -> SoftEther Corporation) R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41816 2020-03-10] (Intel Corporation -> ) R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-03-05] (Synaptics Incorporated -> Synaptics Incorporated) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> ) R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> ) S3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-02-17] (AnchorFree Inc -> Anchorfree Inc.) R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45944 2018-08-31] (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Toshiba Client Solutions Co., Ltd.) S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [401120 2020-05-31] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-05-31] (Microsoft Windows -> Microsoft Corporation) S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2018-03-11] (Nemea Mjukvaruutveckling AB -> Basil Projects) S3 xhunter1; C:\WINDOWS\xhunter1.sys [2719256 2020-03-16] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-06-17 10:51 - 2020-06-17 11:12 - 001720356 _____ C:\WINDOWS\Minidump\061720-55562-01.dmp 2020-06-17 10:51 - 2020-06-17 10:51 - 1126899359 _____ C:\WINDOWS\MEMORY.DMP 2020-06-17 10:16 - 2020-06-17 11:53 - 000051368 _____ C:\Users\gary_\Desktop\FRST.txt 2020-06-17 10:13 - 2020-06-17 10:13 - 000000000 ____D C:\Users\gary_\AppData\LocalLow\IGDump 2020-06-16 16:22 - 2020-06-17 10:53 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2020-06-16 16:22 - 2020-06-16 16:22 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2020-06-16 16:22 - 2020-06-16 16:22 - 000131736 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2020-06-16 16:18 - 2020-06-16 16:18 - 000000000 ____D C:\Users\gary_\AppData\Roaming\Intel Corporation 2020-06-16 16:18 - 2020-06-16 16:18 - 000000000 ____D C:\Program Files\Common Files\Intel Corporation 2020-06-16 16:17 - 2020-06-16 16:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2020-06-16 16:07 - 2020-06-16 16:07 - 000000000 ____D C:\Users\gary_\Intel 2020-06-16 16:01 - 2020-06-16 16:01 - 000000000 ____D C:\Users\gary_\Downloads\Intel Driver and Support Assistant 2020-06-16 15:35 - 2020-06-16 15:35 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-06-16 15:35 - 2020-06-16 15:35 - 000002339 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-06-16 15:35 - 2020-06-16 15:35 - 000002339 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-06-16 13:42 - 2020-06-16 13:42 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000004-000000.txt 2020-06-16 13:28 - 2020-06-16 13:28 - 011070192 _____ (McAfee, LLC) C:\Users\gary_\Downloads\MCPR.exe 2020-06-16 13:25 - 2020-06-16 13:25 - 010709184 _____ (AVAST Software) C:\Users\gary_\Downloads\avastclear.exe 2020-06-15 20:17 - 2020-06-15 20:17 - 000000000 ____D C:\Users\gary_\Downloads\Daggerfall Mods 2020-06-14 14:42 - 2020-06-14 14:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-06-14 11:12 - 2020-06-14 11:12 - 001295576 _____ (Google LLC) C:\Users\gary_\Downloads\ChromeSetup.exe 2020-06-14 10:59 - 2020-06-14 15:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-06-14 01:41 - 2020-06-14 01:41 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt 2020-06-13 18:37 - 2020-06-13 18:37 - 000046397 _____ C:\Users\gary_\Downloads\FRST (1).txt 2020-06-13 18:27 - 2020-06-13 18:32 - 000086984 _____ C:\Users\gary_\Downloads\Addition.txt 2020-06-13 18:23 - 2020-06-13 18:32 - 000067590 _____ C:\Users\gary_\Downloads\FRST.txt 2020-06-13 18:17 - 2020-06-17 11:52 - 000000000 ____D C:\FRST 2020-06-13 18:17 - 2020-06-13 18:17 - 002289152 _____ (Farbar) C:\Users\gary_\Desktop\FRST64.exe 2020-06-13 18:12 - 2020-06-13 18:12 - 009181353 _____ C:\Users\gary_\Downloads\Manual 2019 03 Comportamiento Organizacional (2306)(1).pdf 2020-06-13 18:07 - 2020-06-13 18:07 - 001475141 _____ C:\Users\gary_\Downloads\Fwd__Silabos_de_3_ciclo.zip 2020-06-13 11:57 - 2020-06-13 11:57 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2020-06-13 11:57 - 2020-06-13 11:57 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2020-06-13 11:57 - 2020-06-13 11:57 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2020-06-13 11:57 - 2020-06-13 11:57 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe 2020-06-13 11:57 - 2020-06-13 11:57 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll 2020-06-13 11:57 - 2020-06-13 11:57 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe 2020-06-13 11:56 - 2020-06-13 11:56 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll 2020-06-13 11:56 - 2020-06-13 11:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll 2020-06-13 11:55 - 2020-06-13 11:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-06-13 11:55 - 2020-06-13 11:55 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe 2020-06-13 11:55 - 2020-06-13 11:55 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2020-06-13 11:55 - 2020-06-13 11:55 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2020-06-13 11:55 - 2020-06-13 11:55 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax 2020-06-13 11:55 - 2020-06-13 11:55 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2020-06-13 11:55 - 2020-06-13 11:55 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll 2020-06-13 11:55 - 2020-06-13 11:55 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-06-13 11:53 - 2020-06-13 11:53 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe 2020-06-13 11:53 - 2020-06-13 11:53 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe 2020-06-13 11:53 - 2020-06-13 11:53 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2020-06-13 11:53 - 2020-06-13 11:53 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax 2020-06-13 11:53 - 2020-06-13 11:53 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe 2020-06-13 11:53 - 2020-06-13 11:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe 2020-06-13 11:53 - 2020-06-13 11:53 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe 2020-06-13 11:53 - 2020-06-13 11:53 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll 2020-06-13 11:53 - 2020-06-13 11:53 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2020-06-13 11:52 - 2020-06-13 11:52 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe 2020-06-13 11:52 - 2020-06-13 11:52 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2020-06-13 11:52 - 2020-06-13 11:52 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2020-06-13 11:52 - 2020-06-13 11:52 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2020-06-13 11:52 - 2020-06-13 11:52 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2020-06-13 11:52 - 2020-06-13 11:52 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2020-06-13 11:51 - 2020-06-13 11:51 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2020-06-13 11:51 - 2020-06-13 11:51 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll 2020-06-13 11:51 - 2020-06-13 11:51 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2020-06-13 11:51 - 2020-06-13 11:51 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2020-06-13 11:50 - 2020-06-13 11:51 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2020-06-13 11:50 - 2020-06-13 11:50 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2020-06-13 11:50 - 2020-06-13 11:50 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2020-06-13 11:50 - 2020-06-13 11:50 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll 2020-06-13 11:50 - 2020-06-13 11:50 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2020-06-13 11:48 - 2020-06-13 11:48 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe 2020-06-13 11:48 - 2020-06-13 11:48 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe 2020-06-13 11:48 - 2020-06-13 11:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll 2020-06-13 11:48 - 2020-06-13 11:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2020-06-13 11:47 - 2020-06-13 11:48 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-06-13 11:47 - 2020-06-13 11:47 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2020-06-13 11:47 - 2020-06-13 11:47 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2020-06-13 11:47 - 2020-06-13 11:47 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe 2020-06-13 11:47 - 2020-06-13 11:47 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2020-06-13 11:47 - 2020-06-13 11:47 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2020-06-13 11:47 - 2020-06-13 11:47 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2020-06-13 11:47 - 2020-06-13 11:47 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2020-06-13 11:47 - 2020-06-13 11:47 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll 2020-06-13 11:47 - 2020-06-13 11:47 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2020-06-13 11:46 - 2020-06-13 11:47 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2020-06-13 11:46 - 2020-06-13 11:46 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2020-06-13 11:46 - 2020-06-13 11:46 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe 2020-06-13 11:44 - 2020-06-13 11:44 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2020-06-13 11:44 - 2020-06-13 11:44 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2020-06-13 11:44 - 2020-06-13 11:44 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2020-06-13 11:44 - 2020-06-13 11:44 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2020-06-13 11:44 - 2020-06-13 11:44 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2020-06-13 11:43 - 2020-06-13 11:43 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2020-06-13 11:43 - 2020-06-13 11:43 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2020-06-13 11:43 - 2020-06-13 11:43 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2020-06-13 11:43 - 2020-06-13 11:43 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-06-13 11:43 - 2020-06-13 11:43 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2020-06-13 11:43 - 2020-06-13 11:43 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe 2020-06-13 11:43 - 2020-06-13 11:43 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2020-06-13 11:43 - 2020-06-13 11:43 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-06-13 11:42 - 2020-06-13 11:43 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2020-06-13 11:42 - 2020-06-13 11:42 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll 2020-06-13 11:42 - 2020-06-13 11:42 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2020-06-13 11:42 - 2020-06-13 11:42 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll 2020-06-13 11:42 - 2020-06-13 11:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll 2020-06-13 10:41 - 2020-06-16 15:44 - 000001231 _____ C:\Users\gary_\Desktop\MBT.txt 2020-06-13 10:31 - 2020-06-12 12:56 - 000008328 _____ C:\Users\gary_\Desktop\AdwCleaner[C00].txt 2020-06-13 10:31 - 2020-06-12 12:53 - 000016030 _____ C:\Users\gary_\Desktop\AdwCleaner[S00].txt 2020-06-13 00:16 - 2020-06-13 00:17 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-06-13 00:16 - 2020-06-13 00:17 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-06-12 12:51 - 2020-06-12 12:55 - 000000000 ____D C:\AdwCleaner 2020-06-12 12:50 - 2020-06-12 12:51 - 008402608 _____ (Malwarebytes) C:\Users\gary_\Downloads\adwcleaner_8.0.5.exe 2020-06-12 11:42 - 2020-06-12 11:42 - 000000000 ____D C:\Users\gary_\AppData\Local\mbam 2020-06-12 11:41 - 2020-06-12 11:41 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-06-12 11:41 - 2020-06-12 11:41 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-06-12 11:41 - 2020-06-12 11:41 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-06-12 11:41 - 2020-06-12 11:41 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-06-12 11:41 - 2020-06-12 11:41 - 000002032 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-06-12 11:40 - 2020-06-12 11:39 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-06-12 11:40 - 2020-06-12 11:39 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-06-12 11:39 - 2020-06-12 11:39 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-06-12 11:38 - 2020-06-12 11:38 - 000000000 ____D C:\Program Files\Malwarebytes 2020-06-12 11:37 - 2020-06-12 11:37 - 001928352 _____ (Malwarebytes) C:\Users\gary_\Downloads\MBSetup-0009996.0009996-consumer.exe 2020-06-11 21:25 - 2020-06-11 21:25 - 000118446 _____ C:\Users\gary_\Downloads\Plan de Estudios.pdf 2020-06-10 17:04 - 2020-06-10 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2020-06-10 14:27 - 2020-06-10 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oblivion Mod Manager 2020-06-10 14:09 - 2020-06-07 13:43 - 000000000 ____D C:\Users\gary_\Downloads\Mods - Oblivion 2020-06-10 13:04 - 2020-06-10 13:09 - 2853078111 _____ C:\Users\gary_\Downloads\Mods - Oblivion Overhaul.rar 2020-06-10 13:03 - 2020-06-10 13:03 - 000000221 _____ C:\Users\gary_\Desktop\The Elder Scrolls IV Oblivion.url 2020-06-09 13:58 - 2020-06-09 13:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2020-06-09 13:58 - 2020-06-09 13:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2020-06-09 13:58 - 2020-06-09 13:58 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2020-06-09 13:58 - 2020-06-09 13:58 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2020-06-08 19:10 - 2020-06-08 19:10 - 000198820 _____ C:\Users\gary_\Downloads\Tarea2_Qary Núñez.pdf 2020-06-04 10:40 - 2020-06-17 10:11 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-06-04 10:40 - 2020-06-17 10:11 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-06-04 10:40 - 2020-06-17 10:11 - 000002287 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2020-06-04 10:40 - 2020-06-04 11:46 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-06-04 10:40 - 2020-06-04 11:46 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-06-04 01:45 - 2020-06-04 01:45 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt 2020-06-02 00:10 - 2020-06-02 00:10 - 000924045 _____ C:\Users\gary_\Downloads\Presentation1.pptx 2020-05-31 14:31 - 2020-05-31 14:31 - 000001547 _____ C:\Users\gary_\Downloads\proyecto.txt 2020-05-26 03:31 - 2020-05-26 03:31 - 000000393 _____ C:\Users\gary_\Downloads\frase de quaniire.txt 2020-05-22 19:26 - 2020-05-22 19:26 - 001385626 _____ C:\Users\gary_\Downloads\VID-20200517-WA0113.mp4 2020-05-22 16:21 - 2020-05-22 16:21 - 001155292 _____ C:\Users\gary_\Downloads\TAREA RM 1º y 2º sec. Promedios.pdf 2020-05-21 11:28 - 2020-05-21 11:28 - 000260137 _____ C:\Users\gary_\Downloads\Ayleidoon Regular Font-88616-1-0.zip 2020-05-21 00:08 - 2020-05-21 00:08 - 000029782 _____ C:\Users\gary_\Downloads\Tarea1_Qary Núñez.pdf 2020-05-18 22:37 - 2020-06-01 22:24 - 000190444 _____ C:\Users\gary_\Downloads\ejercicio de laboratorio Número 5.pptx ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-06-17 11:48 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-06-17 11:47 - 2019-04-03 13:36 - 000000000 ____D C:\Program Files (x86)\Arc 2020-06-17 11:47 - 2016-08-01 19:07 - 000000000 ____D C:\Users\gary_\AppData\Roaming\discord 2020-06-17 11:13 - 2016-05-06 19:36 - 000000000 ____D C:\Users\gary_\AppData\Local\App Place for Toshiba 2020-06-17 11:06 - 2016-06-16 20:46 - 000000000 ____D C:\Users\gary_\AppData\Local\Battle.net 2020-06-17 10:57 - 2019-09-05 19:46 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-06-17 10:53 - 2016-05-06 19:33 - 000000000 __SHD C:\Users\gary_\IntelGraphicsProfiles 2020-06-17 10:52 - 2019-09-05 19:10 - 000000000 ____D C:\Users\gary_ 2020-06-17 10:51 - 2020-04-17 12:20 - 000000000 ____D C:\WINDOWS\Minidump 2020-06-17 10:51 - 2019-09-05 19:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-06-17 10:51 - 2019-09-05 18:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-06-17 10:51 - 2016-10-15 19:06 - 000000000 ____D C:\ProgramData\NVIDIA 2020-06-17 10:30 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF 2020-06-17 09:53 - 2016-05-06 20:25 - 001388432 _____ C:\Users\Public\VOIP.dat 2020-06-17 00:39 - 2016-11-18 17:11 - 000000000 ____D C:\Users\gary_\AppData\LocalLow\Mozilla 2020-06-17 00:07 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-06-17 00:07 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-06-16 21:48 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-06-16 21:36 - 2017-01-18 19:25 - 000000000 ____D C:\Program Files (x86)\Steam 2020-06-16 16:20 - 2019-03-18 23:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2020-06-16 16:18 - 2017-08-06 23:21 - 000000000 ____D C:\Program Files\Intel 2020-06-16 16:17 - 2019-09-05 19:24 - 000850134 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-06-16 16:17 - 2016-02-22 07:56 - 000000000 ____D C:\Program Files\Common Files\Intel 2020-06-16 16:07 - 2017-08-06 23:21 - 000000000 ____D C:\Program Files (x86)\Intel 2020-06-16 16:07 - 2016-02-22 07:27 - 000000000 ____D C:\ProgramData\Package Cache 2020-06-16 15:47 - 2018-03-08 11:10 - 000000000 ____D C:\Program Files (x86)\Amazon 2020-06-16 14:19 - 2019-06-08 11:07 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-06-16 12:16 - 2016-08-27 18:45 - 000000000 ____D C:\Program Files\Microsoft Office 15 2020-06-14 17:24 - 2020-02-17 12:32 - 000000000 ____D C:\Users\gary_\AppData\Roaming\.minecraft 2020-06-14 16:48 - 2019-08-21 18:25 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher 2020-06-14 15:23 - 2016-05-06 19:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-06-14 14:41 - 2016-05-06 19:59 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-06-14 10:01 - 2017-12-01 17:20 - 000000000 ___RD C:\Users\gary_\3D Objects 2020-06-14 10:01 - 2016-02-22 07:17 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-06-14 09:57 - 2019-09-05 18:55 - 000455864 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-06-14 01:39 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2020-06-14 01:39 - 2019-03-19 01:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\F12 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Com 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-06-14 01:39 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-06-13 12:43 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-06-13 11:42 - 2019-09-05 19:00 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2020-06-12 13:29 - 2019-10-23 20:43 - 000000000 ____D C:\Users\gary_\AppData\Roaming\DAEMON Tools Pro 2020-06-12 13:29 - 2016-05-28 17:49 - 000000000 ____D C:\Users\gary_\AppData\Roaming\DAEMON Tools Lite 2020-06-12 13:29 - 2016-05-06 23:29 - 000000000 ____D C:\Users\gary_\AppData\Roaming\uTorrent 2020-06-12 13:28 - 2019-08-21 12:53 - 000000000 ___DC C:\WINDOWS\Panther 2020-06-12 13:28 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-06-12 13:28 - 2017-02-11 17:49 - 000000000 ____D C:\Users\gary_\AppData\Local\CrashDumps 2020-06-12 13:28 - 2016-06-16 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2020-06-12 12:55 - 2018-08-31 22:55 - 000000000 ____D C:\Users\gary_\AppData\LocalLow\IObit 2020-06-12 12:55 - 2018-08-31 22:55 - 000000000 ____D C:\Program Files (x86)\IObit 2020-06-12 12:55 - 2018-08-31 22:54 - 000000000 ____D C:\Users\gary_\AppData\Roaming\IObit 2020-06-12 12:55 - 2018-08-31 22:54 - 000000000 ____D C:\ProgramData\IObit 2020-06-12 12:55 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2020-06-12 12:55 - 2018-03-29 18:06 - 000000000 ____D C:\Program Files\WinZip 2020-06-12 12:55 - 2016-10-02 18:26 - 000000000 ____D C:\Program Files (x86)\Yahoo! 2020-06-12 12:35 - 2019-09-05 19:46 - 000003038 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (gary_) 2020-06-12 12:21 - 2019-10-23 20:43 - 000000000 ____D C:\Program Files\DAEMON Tools Pro 2020-06-12 12:21 - 2017-03-09 00:50 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.5.1 2020-06-12 11:40 - 2019-03-18 23:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-06-11 22:34 - 2018-04-07 01:00 - 000000000 ____D C:\Users\gary_\OneDrive\Documents\Cibertec 2020-06-11 10:46 - 2018-08-31 22:55 - 000000000 ____D C:\ProgramData\ProductData 2020-06-10 21:14 - 2018-08-12 16:12 - 000001100 _____ C:\Users\gary_\OneDrive\Documents\omelet.txt 2020-06-10 17:05 - 2016-02-22 08:36 - 000000000 ____D C:\Program Files (x86)\Dropbox 2020-06-10 15:50 - 2016-06-01 22:12 - 000000000 ____D C:\Users\gary_\OneDrive\Documents\Nexus Mod Manager 2020-06-10 13:03 - 2017-01-18 19:56 - 000000000 ____D C:\Users\gary_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2020-06-10 12:29 - 2016-07-26 08:36 - 000000000 ____D C:\Users\gary_\OneDrive\Documents\MEGAsync Downloads 2020-06-09 19:36 - 2019-10-25 18:03 - 000000000 ____D C:\Users\gary_\BrawlhallaReplays 2020-06-09 14:18 - 2019-09-05 19:46 - 000003946 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper 2020-06-08 19:10 - 2017-12-01 16:25 - 000000000 ____D C:\Users\gary_\AppData\Local\Packages 2020-06-05 16:03 - 2020-02-20 11:14 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2020-06-05 16:03 - 2020-02-20 11:14 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2020-06-03 11:58 - 2017-08-20 16:39 - 000000000 ____D C:\Users\gary_\.junique 2020-06-02 15:22 - 2016-06-27 21:30 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-06-02 12:16 - 2020-03-22 23:02 - 000002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk 2020-06-02 12:16 - 2020-03-22 22:59 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser 2020-05-31 20:15 - 2018-05-11 16:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-05-31 20:05 - 2019-10-25 23:41 - 000001521 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk 2020-05-30 11:11 - 2017-07-06 21:35 - 000000000 ____D C:\Program Files\UNP 2020-05-29 14:13 - 2019-09-05 19:10 - 000002370 _____ C:\Users\gary_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-05-29 14:13 - 2016-05-06 19:40 - 000000000 ___RD C:\Users\gary_\OneDrive 2020-05-29 13:34 - 2019-02-23 14:20 - 000000000 ____D C:\Program Files (x86)\Battle.net 2020-05-22 17:27 - 2017-11-13 21:20 - 000000000 ____D C:\Users\gary_\AppData\Roaming\WhatsApp 2020-05-22 16:16 - 2017-11-13 21:20 - 000000000 ____D C:\Users\gary_\AppData\Local\WhatsApp 2020-05-19 11:22 - 2020-03-22 23:02 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly) 2020-05-19 11:22 - 2020-03-22 23:02 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon) ==================== Files in the root of some directories ======== 2016-05-06 20:25 - 2020-06-17 09:53 - 001388432 _____ () C:\Users\Public\VOIP.dat 2017-04-19 16:57 - 2017-04-19 16:57 - 018102328 _____ (Webroot Software, Inc.) C:\Program Files (x86)\Common Files\wruninstall.exe 2017-08-17 21:49 - 2017-08-17 21:49 - 000057542 _____ () C:\Users\gary_\AppData\Roaming\DMGR_0V1L2Z2Z1T1I1L1T1V0BtJ1V0A0V0A0S0T.txt 2016-08-06 22:27 - 2019-09-03 13:29 - 000000132 _____ () C:\Users\gary_\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 2019-06-20 17:52 - 2019-06-20 17:52 - 000000266 _____ () C:\Users\gary_\AppData\Local\digi.me-Internal-Helper.log 2017-12-06 19:14 - 2017-12-06 19:14 - 000000736 _____ () C:\Users\gary_\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================