Scanzie
-
Posts
22 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Scanzie
-
-
Here.
I wonder why the Event Log and below shows up quite a bunch of errors. I have to run /sfc scannow and /dism quite frequently because there is always some corruption getting (successfuly) fixed, Chkdsk never finds anything, I do have drivers updated and yet sometimes this PC goes a bit weird and for example, an important excel file I need got damaged and Windows cannot extract from some compressed folders. I thought it might be some sort of malware, but nothing is coming out either.
-
Also, I ran MS Safety Scanner. It said it found 35 infected files, but it just says it removed VirTool:Win32/DefenderTamperingRestore, which if I'm not mistaken, usually comes out as a false positive. Here is the log anyways.
-
I don't ever recall tampering with things to make these things appear:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTIONGroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTIONOr whatever this means:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Temp\aswa2b4b00da4490296.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
-
After 20 hours, MBAM scan came out clean. No idea why it is taking longer than usual. I also ran ESET online scanner for the hell of it and it only flagged one remaining file of a previous Avast installation in a secondary drive. I'm still curious about those [Atention] details in the FRST log.
-
I forgot to add, I ran MBAM's Anti-Adware afterwards, which came out clean.
-
I run constant scans with MBAM. However, the lastest one found some stuff. The moment before I decided to run a scan, Win10 was running weird, with Firefox not being able to open up and immediately crashing after starting, Chrome able to start but not able to load tabs and MBAM not having enough memory to start. These things disappeared after a reboot and then I could run the scan. The logs are attached and together with the FRST and Addition.
-
I went away while the installation was on course. I came back when it finished, and it is missing, again. Specifically, it is missing avastui.exe .
-
14 minutes ago, kevinf80 said:
2020-05-10 01:09 - 2020-05-10 01:09
That was when I started repairing this laptop, noticed it was missing, and reinstalled it. I reinstalled it again today after all that.
-
I've noticed that Avast antivirus and the main .exe file keeps disappearing, as in, the files go missing and the service does not exist. I did install it on request because when I got asked to fix the computer, it had disappeared, installed it, and disappeared again now.
-
It loads up much faster, it boots correctly, no redirects. Malwarebytes did a scan and did not find anything.
But I noticed a desktop.ini appearing in downloads out of nowhere. The malware MBAM removed, has been removed at least twice and it has kept popping up. Right now it has not, but I don't know if it can keep reappearing. The laptop also has plenty of folders all around that get an Access Denied popup if tried to open.
-
CHKDSK log said it found nothing, and it was okay. Here it is the report, but in Spanish:
QuoteNombre de registro:Application
Origen: Microsoft-Windows-Wininit
Fecha: 13-05-2020 14:51:08
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel: Información
Palabras clave:Clásico
Usuario: No disponible
Equipo: Juan
Descripción:
Comprobando el sistema de archivos en C:
El tipo del sistema de archivos es NTFS.
La etiqueta de volumen es Acer.Se ha programado una comprobación del disco.
Windows comprobará ahora el disco.Etapa 1: Examen de la estructura básica del sistema de archivos...
595712 registros de archivos procesados.Comprobación de archivos completada.
6316 registros de archivos grandes procesados.0 registros de archivos no válidos procesados.
Etapa 2: Examen de la vinculación de nombres de archivos...
47886 registros de análisis procesados.780840 entradas de índice procesadas.
Comprobación de índices completada.
0 archivos no indizados examinados.0 archivos no indizados recuperados en objetos perdidos.
47886 registros de análisis procesados.
Etapa 3: Examen de los descriptores de seguridad...
Liberando 1627 entradas de índice no usadas del índice $SII del archivo 0x9.
Liberando 1627 entradas de índice no usadas del índice $SDH del archivo 0x9.
Liberando 1627 descriptores de seguridad no usados.
Comprobación de descriptores de seguridad completada.
92565 archivos de datos procesados.CHKDSK está comprobando el diario USN...
41234216 bytes de USN procesados.Se ha completado la comprobación del diario USN.
Etapa 4: Búsqueda de clústeres incorrectos en los datos del archivo de usuario...
595696 archivos procesados.Comprobación de datos de archivo completada.
Etapa 5: Búsqueda de clústeres incorrectos disponibles...
43335199 clústeres disponibles procesados.La comprobación del espacio disponible se completó.
Se examinó el sistema de archivos sin encontrar problemas.
No se requieren más acciones.469717094 KB de espacio total en disco.
295388256 KB en 423149 archivos.
267748 KB en 92566 índices.
0 KB en sectores defectuosos.
720294 KB en uso por el sistema.
El archivo de registro ha ocupado 65536 kilobytes.
173340796 KB disponibles en disco.4096 bytes en cada unidad de asignación.
117429273 unidades de asignación en disco en total.
43335199 unidades de asignación disponibles en disco.Información interna:
00 17 09 00 5d de 07 00 28 fd 0d 00 00 00 00 00 ....]...(.......
b9 ba 00 00 55 00 00 00 00 00 00 00 00 00 00 00 ....U...........Windows ha finalizado la comprobación del disco.
Espere mientras se reinicia el sistema.XML de evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2020-05-13T18:51:08.239006900Z" />
<EventRecordID>14700</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Juan</Computer>
<Security />
</System>
<EventData>
<Data>Comprobando el sistema de archivos en C:
El tipo del sistema de archivos es NTFS.
La etiqueta de volumen es Acer.Se ha programado una comprobación del disco.
Windows comprobará ahora el disco.Etapa 1: Examen de la estructura básica del sistema de archivos...
595712 registros de archivos procesados.Comprobación de archivos completada.
6316 registros de archivos grandes procesados.0 registros de archivos no válidos procesados.
Etapa 2: Examen de la vinculación de nombres de archivos...
47886 registros de análisis procesados.780840 entradas de índice procesadas.
Comprobación de índices completada.
0 archivos no indizados examinados.0 archivos no indizados recuperados en objetos perdidos.
47886 registros de análisis procesados.
Etapa 3: Examen de los descriptores de seguridad...
Liberando 1627 entradas de índice no usadas del índice $SII del archivo 0x9.
Liberando 1627 entradas de índice no usadas del índice $SDH del archivo 0x9.
Liberando 1627 descriptores de seguridad no usados.
Comprobación de descriptores de seguridad completada.
92565 archivos de datos procesados.CHKDSK está comprobando el diario USN...
41234216 bytes de USN procesados.Se ha completado la comprobación del diario USN.
Etapa 4: Búsqueda de clústeres incorrectos en los datos del archivo de usuario...
595696 archivos procesados.Comprobación de datos de archivo completada.
Etapa 5: Búsqueda de clústeres incorrectos disponibles...
43335199 clústeres disponibles procesados.La comprobación del espacio disponible se completó.
Se examinó el sistema de archivos sin encontrar problemas.
No se requieren más acciones.469717094 KB de espacio total en disco.
295388256 KB en 423149 archivos.
267748 KB en 92566 índices.
0 KB en sectores defectuosos.
720294 KB en uso por el sistema.
El archivo de registro ha ocupado 65536 kilobytes.
173340796 KB disponibles en disco.4096 bytes en cada unidad de asignación.
117429273 unidades de asignación en disco en total.
43335199 unidades de asignación disponibles en disco.Información interna:
00 17 09 00 5d de 07 00 28 fd 0d 00 00 00 00 00 ....]...(.......
b9 ba 00 00 55 00 00 00 00 00 00 00 00 00 00 00 ....U...........Windows ha finalizado la comprobación del disco.
Espere mientras se reinicia el sistema.
</Data>
</EventData>
</Event>As for the CBS log, SFC did find and fix stuff. Interestingly, the lastest CBS log of that SFC was tiny compared to other previous logs, one from a few hours before, and one from yesterday. I put them in the zip just in case, and with the lastest log.
-
MBAM scan did not find anything. Here is the log in case:
Malwarebytes
www.malwarebytes.com-Detalles del registro-
Fecha del análisis: 12/5/20
Hora del análisis: 18:51
Archivo de registro: 26f45a5c-94a3-11ea-b62c-089e0175137f.json-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.896
Versión del paquete de actualización: 1.0.23734
Licencia: Prueba-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: Juan\Juan Munzenmayer-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 309052
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 22 min, 36 seg-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)Módulo: 0
(No hay elementos maliciosos detectados)Clave del registro: 0
(No hay elementos maliciosos detectados)Valor del registro: 0
(No hay elementos maliciosos detectados)Datos del registro: 0
(No hay elementos maliciosos detectados)Secuencia de datos: 0
(No hay elementos maliciosos detectados)Carpeta: 0
(No hay elementos maliciosos detectados)Archivo: 0
(No hay elementos maliciosos detectados)Sector físico: 0
(No hay elementos maliciosos detectados)WMI: 0
(No hay elementos maliciosos detectados)
(end) -
Nombre de imagen PID Servicios
========================= ======== =============================================
System Idle Process 0 N/D
System 4 N/D
Registry 88 N/D
smss.exe 392 N/D
csrss.exe 672 N/D
wininit.exe 748 N/D
csrss.exe 760 N/D
services.exe 840 N/D
winlogon.exe 848 N/D
lsass.exe 856 KeyIso, SamSs, VaultSvc
svchost.exe 992 PlugPlay
fontdrvhost.exe 1000 N/D
fontdrvhost.exe 1008 N/D
svchost.exe 596 BrokerInfrastructure, DcomLaunch, Power,
SystemEventsBroker
svchost.exe 740 RpcEptMapper, RpcSs
svchost.exe 744 LSM
dwm.exe 1100 N/D
svchost.exe 1184 NcbService
svchost.exe 1236 DisplayEnhancementService
svchost.exe 1288 hidserv
svchost.exe 1312 CoreMessagingRegistrar
svchost.exe 1328 TimeBrokerSvc
svchost.exe 1384 EventLog
svchost.exe 1532 StateRepository
svchost.exe 1544 DispBrokerDesktopSvc
svchost.exe 1576 camsvc
svchost.exe 1604 nsi
RapportMgmtService.exe 1696 RapportMgmtService
svchost.exe 1708 Dhcp
svchost.exe 1832 ProfSvc
svchost.exe 1856 NlaSvc
svchost.exe 1868 Schedule
svchost.exe 1896 SEMgrSvc
svchost.exe 1948 UserManager
svchost.exe 2036 FontCache
svchost.exe 1808 Dnscache
svchost.exe 2152 EventSystem
svchost.exe 2168 SysMain
svchost.exe 2184 Themes
svchost.exe 2212 netprofm
Memory Compression 2272 N/D
svchost.exe 2292 SENS
igfxCUIService.exe 2364 igfxCUIService1.0.0.0
svchost.exe 2404 AudioEndpointBuilder
svchost.exe 2464 Audiosrv
svchost.exe 2584 DusmSvc
svchost.exe 2592 Wcmsvc
svchost.exe 2732 WinHttpAutoProxySvc
svchost.exe 2796 WlanSvc
svchost.exe 2852 ShellHWDetection
spoolsv.exe 2948 Spooler
svchost.exe 2992 BFE, mpssvc
svchost.exe 3032 LanmanWorkstation
svchost.exe 2500 DeviceAssociationService
dasHost.exe 2748 N/D
svchost.exe 3088 SSDPSRV
mDNSResponder.exe 3208 Bonjour Service
svchost.exe 3216 CryptSvc
svchost.exe 3228 DiagTrack
svchost.exe 3248 DPS
RIconMan.exe 3272 IconMan_R
dsiwmis.exe 3280 DsiWMIService
svchost.exe 3296 Winmgmt
HeciServer.exe 3324 Intel(R) Capability Licensing Service Interfa
ce
Jhi_service.exe 3344 jhi_service
svchost.exe 3404 LanmanServer
RfBtnSvc64.exe 3420 RfButtonDriverService
SynTPEnhService.exe 3444 SynTPEnhService
svchost.exe 3484 stisvc
svchost.exe 3504 SstpSvc
svchost.exe 3548 TrkWks
svchost.exe 3572 WpnService
svchost.exe 3664 iphlpsvc
svchost.exe 3760 WdiServiceHost
svchost.exe 3876 lmhosts
svchost.exe 3948 RasMan
MBAMService.exe 4088 MBAMService
svchost.exe 3564 fdPHost
svchost.exe 4120 NcdAutoSetup
WmiPrvSE.exe 4440 N/D
svchost.exe 4476 FDResPub
SynTPEnh.exe 5036 N/D
LMutilps32.exe 4212 N/D
sihost.exe 5176 N/D
svchost.exe 5224 CDPUserSvc_61f0e
svchost.exe 5304 WpnUserService_61f0e
taskhostw.exe 5376 N/D
GoogleUpdate.exe 5532 N/D
svchost.exe 5636 TokenBroker
svchost.exe 5684 TabletInputService
ctfmon.exe 5828 N/D
svchost.exe 6076 CDPSvc
svchost.exe 6120 Appinfo
SynTPHelper.exe 5280 N/D
explorer.exe 5260 N/D
svchost.exe 6028 PcaSvc
LManager.exe 5564 N/D
svchost.exe 5268 cbdhsvc_61f0e
unsecapp.exe 1028 N/D
MMDx64Fx.exe 6348 N/D
mbamtray.exe 6404 N/D
igfxEM.exe 6496 N/D
igfxext.exe 6520 N/D
igfxHK.exe 6584 N/D
igfxTray.exe 6616 N/D
AppleMobileDeviceService. 6828 Apple Mobile Device Service
RapportInjService_x64.exe 6924 N/D
StartMenuExperienceHost.e 2808 N/D
RuntimeBroker.exe 6792 N/D
IntelMeFWService.exe 4064 Intel(R) ME Service
svchost.exe 6740 OneSyncSvc_61f0e
RapportService.exe 6372 N/D
LMS.exe 7140 LMS
SearchUI.exe 4028 N/D
svchost.exe 6624 LicenseManager
RapportInjService_x64.exe 5572 N/D
ApplicationFrameHost.exe 6472 N/D
MicrosoftEdge.exe 6460 N/D
SkypeBackgroundHost.exe 6388 N/D
YourPhone.exe 7200 N/D
RuntimeBroker.exe 7276 N/D
SkypeApp.exe 7592 N/D
browser_broker.exe 7660 N/D
SearchIndexer.exe 7840 WSearch
dllhost.exe 7860 N/D
RuntimeBroker.exe 3380 N/D
RuntimeBroker.exe 7948 N/D
RuntimeBroker.exe 8560 N/D
smartscreen.exe 8776 N/D
SecurityHealthSystray.exe 8916 N/D
SecurityHealthService.exe 9076 SecurityHealthService
RAVCpl64.exe 9108 N/D
svchost.exe 7120 WdiSystemHost
RuntimeBroker.exe 8816 N/D
SgrmBroker.exe 9184 SgrmBroker
MicrosoftEdgeSH.exe 8904 N/D
MicrosoftEdgeCP.exe 8444 N/D
svchost.exe 8196 InstallService
MicrosoftEdgeCP.exe 9000 N/D
svchost.exe 8296 UsoSvc
svchost.exe 5600 wscsvc
UNS.exe 9816 UNS
svchost.exe 10096 StorSvc
svchost.exe 8592 ClipSVC
Video.UI.exe 1224 N/D
RuntimeBroker.exe 2688 N/D
ShellExperienceHost.exe 7900 N/D
RuntimeBroker.exe 6532 N/D
chrome.exe 6548 N/D
chrome.exe 2980 N/D
chrome.exe 4236 N/D
chrome.exe 6956 N/D
chrome.exe 6712 N/D
chrome.exe 3500 N/D
chrome.exe 2176 N/D
chrome.exe 2228 N/D
cmd.exe 4224 N/D
conhost.exe 8932 N/D
RapportHelper.exe 2624 N/D
chrome.exe 6940 N/D
chrome.exe 3740 N/D
chrome.exe 7896 N/D
chrome.exe 7800 N/D
audiodg.exe 6240 N/D
svchost.exe 7872 BITS
backgroundTaskHost.exe 8556 N/D
RuntimeBroker.exe 4380 N/D
RuntimeBroker.exe 8288 N/D
svchost.exe 4668 wuauserv
WmiPrvSE.exe 9460 N/D
backgroundTaskHost.exe 10156 N/D
cmd.exe 9564 N/D
conhost.exe 7820 N/D
WindowsInternal.Composabl 9352 N/D
tasklist.exe 4972 N/D
-
1 hour ago, kevinf80 said:
he fixlist removed several remnants from Windows 10 upgrade, remnants from uninstalled or removed toolbars. Emptied all of the temp caches, also some basic function checks... Do you intend running the fix?
I ran it as the first thing. It said it was succesfully applied and needed a restart. So it shut down, but got stuck in "Preparing Windows. Do not turn off", and has been like that for hours now.
-
What's that fixlist for?
When I was installing MBAM from that link, I went somewhere else, and finished and started scanning before I could put the setting you said. It had found stuff. I stopped, quarantined them, and then started another scan with the settings, finding more stuff, and MBAM wanted to make a reboot after quarantine, so there are 2 logs. It found the very same stuff that had already found, quarantined and deleted referenced in the first post.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2020
# Duration: 00:00:13
# OS: Windows 10 Home Single Language
# Cleaned: 2
# Failed: 0
***** [ Services ] *****No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\pctonics.com
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerGames Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent acer Master Uninstall
*************************[+] Delete Tracing Keys
[+] Reset Winsock*************************
AdwCleaner[S00].txt - [1563 octets] - [12/05/2020 12:40:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
When typing that command into Run, it says it does not find it and to create a new notepad file. Looking up that folder there is this log called msert.log
---------------------------------------------------------------------------------------Microsoft Safety Scanner v1.0, (build 1.315.501.0)
Started On Tue May 12 12:54:22 2020
->Scan ERROR: resource process://pid:88,ProcessStart:132337756395371174 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:392,ProcessStart:132337756476063556 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:672,ProcessStart:132337756713782116 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:744,ProcessStart:132337756718298475 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:756,ProcessStart:132337756718415762 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:872,ProcessStart:132337756719989781 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:2272,ProcessStart:132337756762917059 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4196,ProcessStart:132337756839069951 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4528,ProcessStart:132337756953063742 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:1748,ProcessStart:132337758063586362 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:8936,ProcessStart:132337758620928471 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:6784,ProcessStart:132337758676975616 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:7276,ProcessStart:132337759063404843 (code 0x0000012B (299))
->Scan ERROR: resource process://pid:9808,ProcessStart:132337759425160681 (code 0x0000012B (299))
->Scan ERROR: resource process://pid:10192,ProcessStart:132337759846312137 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:10480,ProcessStart:132337760410973084 (code 0x0000012B (299))
->Scan ERROR: resource process://pid:10856,ProcessStart:132337760576129472 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4528,ProcessStart:132337756953063742 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:1748,ProcessStart:132337758063586362 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4196,ProcessStart:132337756839069951 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:6784,ProcessStart:132337758676975616 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:8936,ProcessStart:132337758620928471 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:10856,ProcessStart:132337760576129472 (code 0x00000005 (5))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\swapfile.sys (code 0x00000021 (33))
->Scan ERROR: resource file://C:\swapfile.sys (code 0x00000021 (33))
->Scan ERROR: resource process://pid:4196,ProcessStart:132337756839069951 (code 0x00000005 (5))
->Scan ERROR: resource process://pid:4196,ProcessStart:132337756839069951 (code 0x00000005 (5))Quick Scan Results for 529D552A-8B06-4DEB-BD2D-C667F2834BA1:
----------------
Threat detected: VirTool:Win32/DefenderTamperingRestore
regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware
SigSeq: 0x0000055555C57273Quick Scan Removal Results
----------------
Start 'remove' for regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware
Operation succeeded !
Results Summary:
----------------
Found VirTool:Win32/DefenderTamperingRestore and Removed!
Microsoft Safety Scanner Finished On Tue May 12 13:10:27 2020
Return code: 6 (0x6)
-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020
Ran by Juan Munzenmayer (administrator) on JUAN (Acer Aspire E1-431) (11-05-2020 19:01:30)
Running from C:\Users\Juan Munzenmayer\Desktop
Loaded Profiles: Juan Munzenmayer
Platform: Windows 10 Home Single Language Version 1903 18362.778 (X64) Language: Español (España, internacional)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc. -> Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Juan Munzenmayer\AppData\Local\Microsoft\Teams\Update.exe [2347880 2020-04-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\MountPoints2: {ce661da2-7489-11ea-bf77-089e0175137f} - "F:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-10] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02527CA5-9B7F-4AE2-A6A0-2B9D974E59CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0780DB95-7C0A-4721-9094-EF7798944C5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0B5E46D0-ADB5-4D93-859E-095495E1898C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0BE6053D-EF2B-434C-8A68-A5285BB88C15} - \WPD\SqmUpload_S-1-5-21-2145402764-1715483592-2898523831-1001 -> No File <==== ATTENTION
Task: {0EA0DA5F-945F-4F4B-BD20-EE6675114AA0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-14] (Adobe Inc. -> Adobe)
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {152D835A-179F-4292-B32F-24C58F41E68D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {1CC5467D-ABC2-43C4-9249-D05B6F598391} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20F06B7B-A240-4C17-9B09-E27A134789C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {219FA528-D561-4D4F-ABCD-AB5DF5CEC5DA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {236874E7-6EE3-450D-9E05-BF76EC8C4681} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2AF7C6B9-F13A-48F0-9ABE-577338464499} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2E5F4B78-856B-4C0F-AAF7-7CCC0ABB95D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {41BB3E64-CA99-409F-8F5A-5C5DF8F598F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {566FFE7C-EAF9-4414-AF66-FAF556F46FE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {583DDD00-0E60-47FD-A611-0F60D3DEBC51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5A49EF43-A2A1-42EE-9014-FA269F044625} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {5B640E50-0BE1-4E5E-B46B-62F775327356} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {875C273C-5E66-49F6-9162-C42196C6D001} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {8ECE8EC1-6C31-4128-9B2E-27060F643A71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {930CB162-5797-419F-A267-43A30A61F1DF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AA432DFA-7A32-4794-AE48-5DA9B13786C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AD9A9430-3DDC-4447-B88A-7847E9BA9F77} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {BB193B5C-610F-4FB1-A36F-5BE6EF0F738A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C06CE0BD-A66F-4939-8496-E55819C5FBC1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4227672 2017-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C1477C45-92AA-41A0-9B09-DC3FDD01EC6F} - System32\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001 => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-04-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C846A672-86E7-4D53-A119-A19C2EEE0AC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CFEA85FB-4711-4B45-A9C9-23AB5D966519} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {E484AFBD-CD6D-4788-AA84-95976C8DC2FB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F1C215E8-8D1E-47AE-8608-3FAB797FC1A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F282A8A6-AD1A-4A86-BA12-76BFA0BDD888} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {F4EAC96E-8AA4-4812-87BD-385EBE6B278F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F9447E7D-67E3-401B-99D8-362F9472BD6E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001 => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-04-19] (LogMeIn, Inc. -> LogMeIn, Inc.)(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 200.30.192.15 190.160.0.13 200.83.1.4
Tcpip\..\Interfaces\{1549aeaf-4602-4f9e-833c-b4e648ec31bf}: [DhcpNameServer] 200.30.192.15 190.160.0.13 200.83.1.4
Tcpip\..\Interfaces\{d0d926ef-cb08-4780-8b1f-dbd715d4717b}: [DhcpNameServer] 172.20.10.1Internet Explorer:
==================
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2145402764-1715483592-2898523831-1001 -> DefaultScope {054245C1-D986-4A92-8A2D-21B97A43ACE5} URL =
SearchScopes: HKU\S-1-5-21-2145402764-1715483592-2898523831-1001 -> {054245C1-D986-4A92-8A2D-21B97A43ACE5} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)FireFox:
========
FF DefaultProfile: q5y3ob57.default
FF ProfilePath: C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default [2020-05-10]
FF Extension: (IBM Security Rapport) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-03-23] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Facebook Container) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default\Extensions\@contain-facebook.xpi [2018-06-16]
FF Extension: (uBlock Origin) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default\Extensions\uBlock0@raymondhill.net.xpi [2018-06-16]
FF Extension: (NoScript) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-06-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2145402764-1715483592-2898523831-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Juan Munzenmayer\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Juan Munzenmayer\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-09]Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default [2020-05-10]
CHR Notifications: Default -> hxxps://teams.microsoft.com; hxxps://www.latam.com; hxxps://www.skyairline.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.google.cl/"
CHR Extension: (Documentos) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (IBM Security Rapport) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-12-01]
CHR Extension: (YouTube) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (uBlock Origin) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
CHR Extension: (Búsqueda de Google) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (No Name) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-05-10]
CHR Extension: (No Name) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-10]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (Cisco Webex Extension) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-04-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-10]
CHR Profile: C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-07]
CHR Profile: C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-21]
CHR HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc. -> Apple Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-12] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [317416 2018-09-19] (Intel Corporation -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation -> Intel Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3001632 2019-10-06] (IBM -> IBM Corp.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-01-08] (Dritek System Inc. -> Dritek System INC.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [162344 2012-09-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-08] (Dritek System Inc. -> Dritek System Inc.)
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (Microsoft Windows Hardware Compatibility Publisher -> QUANTA)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [429112 2019-10-06] (IBM -> IBM Corp.)
R1 RapportCerberus_1950099; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys [1466824 2019-12-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [542112 2019-10-06] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [395384 2019-10-06] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [445240 2019-10-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [560568 2019-10-06] (IBM -> IBM Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-04-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-04-30] (Microsoft Windows -> Microsoft Corporation)==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-11 19:01 - 2020-05-11 19:01 - 000000000 ____D C:\Users\Juan Munzenmayer\Desktop\FRST-OlderVersion
2020-05-10 17:51 - 2020-05-10 17:55 - 000032009 _____ C:\Users\Juan Munzenmayer\Desktop\Addition.txt
2020-05-10 17:45 - 2020-05-11 19:04 - 000027609 _____ C:\Users\Juan Munzenmayer\Desktop\FRST.txt
2020-05-10 17:44 - 2020-05-11 19:02 - 000000000 ____D C:\FRST
2020-05-10 17:42 - 2020-05-11 19:01 - 002285568 _____ (Farbar) C:\Users\Juan Munzenmayer\Desktop\FRST64English.exe
2020-05-10 08:03 - 2020-05-10 08:34 - 000000000 ____D C:\Scratch
2020-05-10 01:12 - 2020-05-10 01:12 - 000000000 _____ C:\Users\Juan Munzenmayer\Desktop\Nuevo documento de texto.txt
2020-05-10 01:09 - 2020-05-10 01:09 - 000000000 ____D C:\Program Files\Avast Software
2020-05-10 00:46 - 2020-05-10 12:20 - 000000000 ____D C:\ProgramData\HitmanPro
2020-05-10 00:41 - 2020-05-10 00:44 - 000303630 _____ C:\TDSSKiller.3.1.0.28_10.05.2020_00.41.15_log.txt
2020-05-09 23:14 - 2020-05-10 12:20 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-05-09 23:02 - 2020-05-09 23:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Roaming\SUPERAntiSpyware.com
2020-05-09 23:02 - 2020-05-09 23:02 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-05-09 22:44 - 2020-05-09 22:44 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\mbamtray
2020-05-09 22:44 - 2020-05-09 22:44 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\mbam
2020-05-09 22:43 - 2020-05-09 22:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-09 22:42 - 2020-05-09 22:42 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-07 15:46 - 2020-05-07 15:46 - 000034253 _____ C:\Users\Juan Munzenmayer\Downloads\dte-39-F567132226.pdf
2020-05-07 15:45 - 2020-05-07 15:45 - 000002828 _____ C:\Users\Juan Munzenmayer\Downloads\dte-ticket-F567132226.pdf
2020-05-05 16:04 - 2020-05-05 16:04 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup (3).exe
2020-05-05 16:00 - 2020-05-05 16:00 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup (2).exe
2020-05-05 15:57 - 2020-05-05 15:57 - 000001023 _____ C:\Users\Juan Munzenmayer\Desktop\Adobe Connect.lnk
2020-05-05 15:57 - 2020-05-05 15:57 - 000001009 _____ C:\Users\Juan Munzenmayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk
2020-05-05 15:53 - 2020-05-05 15:53 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup.exe
2020-05-05 15:53 - 2020-05-05 15:53 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup (1).exe
2020-05-03 18:53 - 2020-05-03 18:53 - 000001305 _____ C:\Users\Juan Munzenmayer\Desktop\Oral and Maxillofacial Surgery - Lars Andersson & Karl-Erik Kahnberg & M Anthony Pogrel - sep, 2010.pdf - Acceso directo.lnk
2020-05-03 18:53 - 2014-08-10 23:29 - 054460331 _____ C:\Users\Juan Munzenmayer\Desktop\Oral and Maxillofacial Surgery - Lars Andersson & Karl-Erik Kahnberg & M Anthony Pogrel - sep, 2010.pdf
2020-05-03 18:53 - 2004-05-11 17:10 - 021872230 _____ C:\Users\Juan Munzenmayer\Desktop\25 Correction of dentofacial deformities.pdf
2020-05-03 16:23 - 2020-05-10 12:20 - 000000000 ____D C:\ProgramData\KMSAuto
2020-05-03 16:19 - 2020-05-03 16:25 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\MSfree Inc
2020-05-03 16:11 - 2020-05-04 16:45 - 000000000 ____D C:\Users\Juan Munzenmayer\Desktop\KMSAUTO.2018.V1.5.3
2020-05-03 14:07 - 2020-05-03 14:07 - 000353346 _____ C:\Users\Juan Munzenmayer\Downloads\Oral and Maxillofacial Surgery - E-Book_ 3-Volume Set - Raymond J. Fonseca - Google Libros.html
2020-05-03 14:07 - 2020-05-03 14:07 - 000000000 ____D C:\Users\Juan Munzenmayer\Downloads\Oral and Maxillofacial Surgery - E-Book_ 3-Volume Set - Raymond J. Fonseca - Google Libros_files
2020-05-03 12:55 - 2020-05-03 12:55 - 000767256 _____ C:\Users\Juan Munzenmayer\Downloads\AO_CMF_COVID_Survey.pdf
2020-05-03 09:36 - 2020-05-04 19:59 - 000017873 ____H C:\Users\Juan Munzenmayer\Desktop\~WRL0003.tmp
2020-05-03 00:22 - 2020-05-03 02:17 - 654334514 _____ C:\Users\Juan Munzenmayer\Desktop\EDEMA CLASE 1.mp4
2020-05-01 21:18 - 2020-05-01 21:18 - 000321820 _____ C:\Users\Juan Munzenmayer\Downloads\anomalia dentofacial.pdf
2020-04-30 09:27 - 2020-04-30 09:27 - 000421884 _____ C:\Users\Juan Munzenmayer\Downloads\10.1016@S1134-20721470768-6-1.pdf
2020-04-29 18:54 - 2020-04-29 18:54 - 000364472 _____ (LogMeIn, Inc.) C:\Users\Juan Munzenmayer\Downloads\GoToWebinar Opener (1).exe
2020-04-27 03:03 - 2020-04-27 03:03 - 011359528 _____ (Zoom Video Communications, Inc.) C:\Users\Juan Munzenmayer\Downloads\ZoomInstaller (1).exe
2020-04-24 17:57 - 2020-04-24 17:57 - 000030292 _____ C:\Users\Juan Munzenmayer\Downloads\Mauricio Carrasco Teletrabajo HGGB.xlsx
2020-04-24 17:55 - 2020-04-24 17:55 - 000017627 _____ C:\Users\Juan Munzenmayer\Downloads\actividades de Munzenmayer, Rivas, Garrido.xlsx
2020-04-23 10:15 - 2020-04-23 10:15 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Roaming\Microsoft Teams
2020-04-23 10:13 - 2020-04-23 10:17 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\SquirrelTemp
2020-04-23 10:06 - 2020-04-23 10:07 - 097229056 _____ (Microsoft Corporation) C:\Users\Juan Munzenmayer\Downloads\Teams_windows_x64.exe
2020-04-16 08:50 - 2020-04-23 10:00 - 000000710 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job
2020-04-16 08:50 - 2020-04-23 10:00 - 000000614 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job
2020-04-16 08:50 - 2020-04-19 15:19 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting
2020-04-16 08:50 - 2020-04-19 15:18 - 000003880 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001
2020-04-16 08:50 - 2020-04-19 15:18 - 000003784 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001
2020-04-16 08:49 - 2020-04-16 08:49 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\GoTo Opener
2020-04-15 16:12 - 2020-04-15 16:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-15 16:12 - 2020-04-15 16:12 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 16:11 - 2020-04-15 16:11 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-15 16:11 - 2020-04-15 16:11 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-15 16:11 - 2020-04-15 16:11 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 16:11 - 2020-04-15 16:11 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-15 16:11 - 2020-04-15 16:11 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 16:10 - 2020-04-15 16:10 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-15 16:09 - 2020-04-15 16:09 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-15 16:09 - 2020-04-15 16:09 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-15 13:14 - 2020-03-16 23:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-15 13:14 - 2020-03-16 23:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-14 18:21 - 2020-04-14 18:22 - 003821217 _____ C:\Users\Juan Munzenmayer\Downloads\materials-13-00592-v2.pdf
2020-04-14 17:39 - 2020-04-14 17:40 - 004523065 _____ C:\Users\Juan Munzenmayer\Downloads\SERAM2012_S-0445.pdf
2020-04-11 23:21 - 2020-04-11 23:21 - 000136827 _____ C:\Users\Juan Munzenmayer\Downloads\BLOQUEO.html
2020-04-11 23:21 - 2020-04-11 23:21 - 000000000 ____D C:\Users\Juan Munzenmayer\Downloads\BLOQUEO_files==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-05-11 19:00 - 2019-09-29 00:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-11 19:00 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-11 12:34 - 2019-09-29 00:45 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{57CBA722-1D61-4F84-A209-7040C0319F68}
2020-05-11 12:31 - 2015-01-01 18:50 - 000000000 __SHD C:\Users\Juan Munzenmayer\IntelGraphicsProfiles
2020-05-10 22:56 - 2013-04-22 09:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-10 22:56 - 2013-04-22 09:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-10 22:01 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-10 22:01 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-10 17:55 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-10 17:35 - 2019-10-12 13:03 - 000002438 _____ C:\Users\Juan Munzenmayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-10 17:35 - 2019-09-29 00:45 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2145402764-1715483592-2898523831-1001
2020-05-10 17:35 - 2015-08-30 21:54 - 000000000 ___RD C:\Users\Juan Munzenmayer\OneDrive
2020-05-10 17:32 - 2019-09-29 00:29 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-10 17:32 - 2019-03-19 07:59 - 000789814 _____ C:\WINDOWS\system32\perfh00A.dat
2020-05-10 17:32 - 2019-03-19 07:59 - 000156068 _____ C:\WINDOWS\system32\perfc00A.dat
2020-05-10 17:24 - 2019-09-29 00:16 - 000000000 ____D C:\Users\Juan Munzenmayer
2020-05-10 17:23 - 2019-09-29 00:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-10 12:21 - 2020-04-09 14:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\LocalLow\WebEx
2020-05-10 12:21 - 2020-04-09 14:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\WebEx
2020-05-10 12:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-05-10 12:20 - 2018-12-08 14:50 - 000000000 ____D C:\ProgramData\pctonics.com
2020-05-10 12:20 - 2018-09-07 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-10 12:20 - 2018-09-07 20:00 - 000000000 ____D C:\Program Files\CCleaner
2020-05-10 12:20 - 2013-01-08 14:41 - 000000000 ____D C:\ProgramData\Norton
2020-05-10 12:02 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\registration
2020-05-10 12:00 - 2013-05-17 17:34 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-10 08:34 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-09 23:08 - 2019-09-28 19:34 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-09 23:08 - 2013-05-08 23:24 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\CrashDumps
2020-05-09 22:07 - 2018-04-01 10:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\Packages
2020-05-05 15:56 - 2013-04-22 02:03 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Roaming\Adobe
2020-04-30 21:59 - 2018-06-09 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-24 19:08 - 2013-05-01 21:04 - 000000000 ____D C:\Users\Juan Munzenmayer\Documents\clases - charlas
2020-04-23 16:27 - 2018-06-12 15:00 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\PlaceholderTileLogoFolder
2020-04-16 10:53 - 2013-05-04 23:23 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\ElevatedDiagnostics
2020-04-16 08:37 - 2019-09-29 00:05 - 000351592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 00:23 - 2019-03-19 00:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-14 16:50 - 2019-09-29 00:45 - 000004626 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-14 16:50 - 2019-09-29 00:45 - 000004430 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-04-14 16:50 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-14 16:50 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-11 09:44 - 2020-04-03 10:26 - 000000000 ____D C:\WINDOWS\KMSServerService==================== Files in the root of some directories ========
2013-09-07 10:24 - 2013-09-25 01:00 - 000000109 _____ () C:\Users\Juan Munzenmayer\AppData\Roaming\mbam.context.scan
2013-05-14 17:56 - 2020-03-31 15:36 - 000010752 _____ () C:\Users\Juan Munzenmayer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 10-05-2020 03
Ejecutado por Juan Munzenmayer (administrador) sobre JUAN (Acer Aspire E1-431) (10-05-2020 17:45:04)
Ejecutado desde C:\Users\Juan Munzenmayer\Desktop
Perfiles cargados: Juan Munzenmayer
Platform: Windows 10 Home Single Language Versión 1903 18362.778 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Edge
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Procesos (Lista blanca) =================
(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc. -> Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe==================== Registro (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATENCIÓN
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Juan Munzenmayer\AppData\Local\Microsoft\Teams\Update.exe [2347880 2020-04-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Juan Munzenmayer\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Juan Munzenmayer\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\RunOnce: [Uninstall 19.232.1124.0012\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Juan Munzenmayer\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64"
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\RunOnce: [Uninstall 19.232.1124.0012] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Juan Munzenmayer\AppData\Local\Microsoft\OneDrive\19.232.1124.0012"
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\...\MountPoints2: {ce661da2-7489-11ea-bf77-089e0175137f} - "F:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-28] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{07AA0886-CC8D-4e19-A410-1C75AF686E62}] -> C:\Windows\System32\l2nacp.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{33c86cd6-705f-4ba1-9adb-67070b837775}] -> C:\Windows\System32\l2nacp.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{edd749de-2ef1-4a80-98d1-81f20e6df58e}] -> C:\Windows\System32\l2nacp.dll [2019-03-19] (Microsoft Windows -> Microsoft Corporation)==================== Tareas programadas (Lista blanca) ============
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
Task: {02527CA5-9B7F-4AE2-A6A0-2B9D974E59CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Ningún archivo <==== ATENCIÓN
Task: {0780DB95-7C0A-4721-9094-EF7798944C5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0B5E46D0-ADB5-4D93-859E-095495E1898C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {0BE6053D-EF2B-434C-8A68-A5285BB88C15} - \WPD\SqmUpload_S-1-5-21-2145402764-1715483592-2898523831-1001 -> Ningún archivo <==== ATENCIÓN
Task: {0EA0DA5F-945F-4F4B-BD20-EE6675114AA0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-14] (Adobe Inc. -> Adobe)
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {152D835A-179F-4292-B32F-24C58F41E68D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {1CC5467D-ABC2-43C4-9249-D05B6F598391} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {20F06B7B-A240-4C17-9B09-E27A134789C5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {219FA528-D561-4D4F-ABCD-AB5DF5CEC5DA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {236874E7-6EE3-450D-9E05-BF76EC8C4681} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2AF7C6B9-F13A-48F0-9ABE-577338464499} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2E5F4B78-856B-4C0F-AAF7-7CCC0ABB95D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {41BB3E64-CA99-409F-8F5A-5C5DF8F598F3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)
Task: {566FFE7C-EAF9-4414-AF66-FAF556F46FE9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {583DDD00-0E60-47FD-A611-0F60D3DEBC51} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5A49EF43-A2A1-42EE-9014-FA269F044625} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {5B640E50-0BE1-4E5E-B46B-62F775327356} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Ningún archivo <==== ATENCIÓN
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {875C273C-5E66-49F6-9162-C42196C6D001} - \Microsoft\Windows\UNP\RunCampaignManager -> Ningún archivo <==== ATENCIÓN
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {8ECE8EC1-6C31-4128-9B2E-27060F643A71} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Ningún archivo <==== ATENCIÓN
Task: {930CB162-5797-419F-A267-43A30A61F1DF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Ningún archivo <==== ATENCIÓN
Task: {AA432DFA-7A32-4794-AE48-5DA9B13786C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Ningún archivo <==== ATENCIÓN
Task: {AD9A9430-3DDC-4447-B88A-7847E9BA9F77} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {BB193B5C-610F-4FB1-A36F-5BE6EF0F738A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C06CE0BD-A66F-4939-8496-E55819C5FBC1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4227672 2017-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C1477C45-92AA-41A0-9B09-DC3FDD01EC6F} - System32\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001 => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupload.exe [32256 2020-04-19] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {C846A672-86E7-4D53-A119-A19C2EEE0AC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Ningún archivo <==== ATENCIÓN
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CFEA85FB-4711-4B45-A9C9-23AB5D966519} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Ningún archivo <==== ATENCIÓN
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {E484AFBD-CD6D-4788-AA84-95976C8DC2FB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Ningún archivo <==== ATENCIÓN
Task: {F1C215E8-8D1E-47AE-8608-3FAB797FC1A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Ningún archivo <==== ATENCIÓN
Task: {F282A8A6-AD1A-4A86-BA12-76BFA0BDD888} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Ningún archivo <==== ATENCIÓN
Task: {F4EAC96E-8AA4-4812-87BD-385EBE6B278F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Ningún archivo <==== ATENCIÓN
Task: {F9447E7D-67E3-401B-99D8-362F9472BD6E} - System32\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001 => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupdate.exe [32256 2020-04-19] (LogMeIn, Inc. -> LogMeIn, Inc.)(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job => C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting\17359\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe==================== Internet (Lista blanca) ====================
(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)
Tcpip\Parameters: [DhcpNameServer] 200.30.192.15 190.160.0.13 200.83.1.4
Tcpip\..\Interfaces\{1549aeaf-4602-4f9e-833c-b4e648ec31bf}: [DhcpNameServer] 200.30.192.15 190.160.0.13 200.83.1.4
Tcpip\..\Interfaces\{d0d926ef-cb08-4780-8b1f-dbd715d4717b}: [DhcpNameServer] 172.20.10.1Internet Explorer:
==================
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2145402764-1715483592-2898523831-1001 -> DefaultScope {054245C1-D986-4A92-8A2D-21B97A43ACE5} URL =
SearchScopes: HKU\S-1-5-21-2145402764-1715483592-2898523831-1001 -> {054245C1-D986-4A92-8A2D-21B97A43ACE5} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Sin Nombre - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Ningún archivo
Toolbar: HKLM - Sin Nombre - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Ningún archivo
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)FireFox:
========
FF DefaultProfile: q5y3ob57.default
FF ProfilePath: C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default [2020-05-10]
FF Extension: (IBM Security Rapport) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-03-23] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Facebook Container) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default\Extensions\@contain-facebook.xpi [2018-06-16]
FF Extension: (uBlock Origin) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default\Extensions\uBlock0@raymondhill.net.xpi [2018-06-16]
FF Extension: (NoScript) - C:\Users\Juan Munzenmayer\AppData\Roaming\Mozilla\Firefox\Profiles\q5y3ob57.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-06-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => no encontrado
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2145402764-1715483592-2898523831-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Juan Munzenmayer\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-09] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Juan Munzenmayer\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-09]Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default [2020-05-10]
CHR Notifications: Default -> hxxps://teams.microsoft.com; hxxps://www.latam.com; hxxps://www.skyairline.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.google.cl/"
CHR Extension: (Documentos) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Google Drive) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (IBM Security Rapport) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2019-12-01]
CHR Extension: (YouTube) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (uBlock Origin) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-04-21]
CHR Extension: (Búsqueda de Google) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Sin Nombre) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-05-10]
CHR Extension: (Sin Nombre) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-05-10]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]
CHR Extension: (Cisco Webex Extension) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-04-09]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-10]
CHR Profile: C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-02-07]
CHR Profile: C:\Users\Juan Munzenmayer\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-21]
CHR HKU\S-1-5-21-2145402764-1715483592-2898523831-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]==================== Servicios (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc. -> Apple Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-12] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [317416 2018-09-19] (Intel Corporation -> Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation -> Intel Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3001632 2019-10-06] (IBM -> IBM Corp.)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-01-08] (Dritek System Inc. -> Dritek System INC.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)===================== Controladores (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [162344 2012-09-13] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2018-05-09] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-01-08] (Dritek System Inc. -> Dritek System Inc.)
S3 QRDCIO; C:\WINDOWS\System32\drivers\QRDCIO.sys [9728 2009-10-20] (Microsoft Windows Hardware Compatibility Publisher -> QUANTA)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [429112 2019-10-06] (IBM -> IBM Corp.)
R1 RapportCerberus_1950099; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1950099.sys [1466824 2019-12-11] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [542112 2019-10-06] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [395384 2019-10-06] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [445240 2019-10-06] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [560568 2019-10-06] (IBM -> IBM Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-08-30] (Synaptics Incorporated -> Synaptics Incorporated)
R3 VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-04-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-04-30] (Microsoft Windows -> Microsoft Corporation)==================== NetSvcs (Lista blanca) ===================
(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)
==================== Un mes (creado) ===================(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-10 17:45 - 2020-05-10 17:48 - 000028510 _____ C:\Users\Juan Munzenmayer\Desktop\FRST.txt
2020-05-10 17:44 - 2020-05-10 17:47 - 000000000 ____D C:\FRST
2020-05-10 17:42 - 2020-05-10 17:42 - 002284544 _____ (Farbar) C:\Users\Juan Munzenmayer\Desktop\FRST64.exe
2020-05-10 08:03 - 2020-05-10 08:34 - 000000000 ____D C:\Scratch
2020-05-10 01:12 - 2020-05-10 01:12 - 000000000 _____ C:\Users\Juan Munzenmayer\Desktop\Nuevo documento de texto.txt
2020-05-10 01:09 - 2020-05-10 01:09 - 000000000 ____D C:\Program Files\Avast Software
2020-05-10 00:46 - 2020-05-10 12:20 - 000000000 ____D C:\ProgramData\HitmanPro
2020-05-10 00:41 - 2020-05-10 00:44 - 000303630 _____ C:\TDSSKiller.3.1.0.28_10.05.2020_00.41.15_log.txt
2020-05-09 23:14 - 2020-05-10 12:20 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-05-09 23:02 - 2020-05-09 23:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Roaming\SUPERAntiSpyware.com
2020-05-09 23:02 - 2020-05-09 23:02 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2020-05-09 22:44 - 2020-05-09 22:44 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\mbamtray
2020-05-09 22:44 - 2020-05-09 22:44 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\mbam
2020-05-09 22:43 - 2020-05-09 22:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-05-09 22:42 - 2020-05-09 22:42 - 000000000 ____D C:\Program Files\Malwarebytes
2020-05-07 15:46 - 2020-05-07 15:46 - 000034253 _____ C:\Users\Juan Munzenmayer\Downloads\dte-39-F567132226.pdf
2020-05-07 15:45 - 2020-05-07 15:45 - 000002828 _____ C:\Users\Juan Munzenmayer\Downloads\dte-ticket-F567132226.pdf
2020-05-05 16:04 - 2020-05-05 16:04 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup (3).exe
2020-05-05 16:00 - 2020-05-05 16:00 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup (2).exe
2020-05-05 15:57 - 2020-05-05 15:57 - 000001023 _____ C:\Users\Juan Munzenmayer\Desktop\Adobe Connect.lnk
2020-05-05 15:57 - 2020-05-05 15:57 - 000001009 _____ C:\Users\Juan Munzenmayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk
2020-05-05 15:53 - 2020-05-05 15:53 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup.exe
2020-05-05 15:53 - 2020-05-05 15:53 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\Juan Munzenmayer\Downloads\ConnectSetup (1).exe
2020-05-03 18:53 - 2020-05-03 18:53 - 000001305 _____ C:\Users\Juan Munzenmayer\Desktop\Oral and Maxillofacial Surgery - Lars Andersson & Karl-Erik Kahnberg & M Anthony Pogrel - sep, 2010.pdf - Acceso directo.lnk
2020-05-03 18:53 - 2014-08-10 23:29 - 054460331 _____ C:\Users\Juan Munzenmayer\Desktop\Oral and Maxillofacial Surgery - Lars Andersson & Karl-Erik Kahnberg & M Anthony Pogrel - sep, 2010.pdf
2020-05-03 18:53 - 2004-05-11 17:10 - 021872230 _____ C:\Users\Juan Munzenmayer\Desktop\25 Correction of dentofacial deformities.pdf
2020-05-03 16:23 - 2020-05-10 12:20 - 000000000 ____D C:\ProgramData\KMSAuto
2020-05-03 16:19 - 2020-05-03 16:25 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\MSfree Inc
2020-05-03 16:11 - 2020-05-04 16:45 - 000000000 ____D C:\Users\Juan Munzenmayer\Desktop\KMSAUTO.2018.V1.5.3
2020-05-03 14:07 - 2020-05-03 14:07 - 000353346 _____ C:\Users\Juan Munzenmayer\Downloads\Oral and Maxillofacial Surgery - E-Book_ 3-Volume Set - Raymond J. Fonseca - Google Libros.html
2020-05-03 14:07 - 2020-05-03 14:07 - 000000000 ____D C:\Users\Juan Munzenmayer\Downloads\Oral and Maxillofacial Surgery - E-Book_ 3-Volume Set - Raymond J. Fonseca - Google Libros_files
2020-05-03 12:55 - 2020-05-03 12:55 - 000767256 _____ C:\Users\Juan Munzenmayer\Downloads\AO_CMF_COVID_Survey.pdf
2020-05-03 09:36 - 2020-05-04 19:59 - 000017873 ____H C:\Users\Juan Munzenmayer\Desktop\~WRL0003.tmp
2020-05-03 00:22 - 2020-05-03 02:17 - 654334514 _____ C:\Users\Juan Munzenmayer\Desktop\EDEMA CLASE 1.mp4
2020-05-01 21:18 - 2020-05-01 21:18 - 000321820 _____ C:\Users\Juan Munzenmayer\Downloads\anomalia dentofacial.pdf
2020-04-30 09:27 - 2020-04-30 09:27 - 000421884 _____ C:\Users\Juan Munzenmayer\Downloads\10.1016@S1134-20721470768-6-1.pdf
2020-04-29 18:54 - 2020-04-29 18:54 - 000364472 _____ (LogMeIn, Inc.) C:\Users\Juan Munzenmayer\Downloads\GoToWebinar Opener (1).exe
2020-04-27 03:03 - 2020-04-27 03:03 - 011359528 _____ (Zoom Video Communications, Inc.) C:\Users\Juan Munzenmayer\Downloads\ZoomInstaller (1).exe
2020-04-24 17:57 - 2020-04-24 17:57 - 000030292 _____ C:\Users\Juan Munzenmayer\Downloads\Mauricio Carrasco Teletrabajo HGGB.xlsx
2020-04-24 17:55 - 2020-04-24 17:55 - 000017627 _____ C:\Users\Juan Munzenmayer\Downloads\actividades de Munzenmayer, Rivas, Garrido.xlsx
2020-04-23 10:15 - 2020-04-23 10:15 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Roaming\Microsoft Teams
2020-04-23 10:13 - 2020-04-23 10:17 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\SquirrelTemp
2020-04-23 10:06 - 2020-04-23 10:07 - 097229056 _____ (Microsoft Corporation) C:\Users\Juan Munzenmayer\Downloads\Teams_windows_x64.exe
2020-04-16 08:50 - 2020-04-23 10:00 - 000000710 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job
2020-04-16 08:50 - 2020-04-23 10:00 - 000000614 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001.job
2020-04-16 08:50 - 2020-04-19 15:19 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\GoToMeeting
2020-04-16 08:50 - 2020-04-19 15:18 - 000003880 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2145402764-1715483592-2898523831-1001
2020-04-16 08:50 - 2020-04-19 15:18 - 000003784 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2145402764-1715483592-2898523831-1001
2020-04-16 08:49 - 2020-04-16 08:49 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\GoTo Opener
2020-04-15 16:12 - 2020-04-15 16:12 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-15 16:12 - 2020-04-15 16:12 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-15 16:12 - 2020-04-15 16:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 16:11 - 2020-04-15 16:11 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-15 16:11 - 2020-04-15 16:11 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-15 16:11 - 2020-04-15 16:11 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 16:11 - 2020-04-15 16:11 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 16:11 - 2020-04-15 16:11 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-15 16:11 - 2020-04-15 16:11 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 16:11 - 2020-04-15 16:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 16:10 - 2020-04-15 16:10 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-15 16:10 - 2020-04-15 16:10 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 16:10 - 2020-04-15 16:10 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-15 16:09 - 2020-04-15 16:09 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-15 16:09 - 2020-04-15 16:09 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-15 16:09 - 2020-04-15 16:09 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 16:09 - 2020-04-15 16:09 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 16:09 - 2020-04-15 16:09 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-15 16:08 - 2020-04-15 16:08 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-15 16:08 - 2020-04-15 16:08 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-15 16:08 - 2020-04-15 16:08 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-15 13:14 - 2020-03-16 23:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-15 13:14 - 2020-03-16 23:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-14 18:21 - 2020-04-14 18:22 - 003821217 _____ C:\Users\Juan Munzenmayer\Downloads\materials-13-00592-v2.pdf
2020-04-14 17:39 - 2020-04-14 17:40 - 004523065 _____ C:\Users\Juan Munzenmayer\Downloads\SERAM2012_S-0445.pdf
2020-04-11 23:21 - 2020-04-11 23:21 - 000136827 _____ C:\Users\Juan Munzenmayer\Downloads\BLOQUEO.html
2020-04-11 23:21 - 2020-04-11 23:21 - 000000000 ____D C:\Users\Juan Munzenmayer\Downloads\BLOQUEO_files==================== Un mes (modificado) ==================
(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)
2020-05-10 17:47 - 2019-09-29 00:45 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{57CBA722-1D61-4F84-A209-7040C0319F68}
2020-05-10 17:37 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-10 17:37 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-10 17:35 - 2019-10-12 13:03 - 000002438 _____ C:\Users\Juan Munzenmayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-10 17:35 - 2019-09-29 00:45 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2145402764-1715483592-2898523831-1001
2020-05-10 17:35 - 2015-08-30 21:54 - 000000000 ___RD C:\Users\Juan Munzenmayer\OneDrive
2020-05-10 17:32 - 2019-09-29 00:29 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-10 17:32 - 2019-03-19 07:59 - 000789814 _____ C:\WINDOWS\system32\perfh00A.dat
2020-05-10 17:32 - 2019-03-19 07:59 - 000156068 _____ C:\WINDOWS\system32\perfc00A.dat
2020-05-10 17:32 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-10 17:28 - 2015-01-01 18:50 - 000000000 __SHD C:\Users\Juan Munzenmayer\IntelGraphicsProfiles
2020-05-10 17:25 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-10 17:24 - 2019-09-29 00:16 - 000000000 ____D C:\Users\Juan Munzenmayer
2020-05-10 17:23 - 2019-09-29 00:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-10 12:21 - 2020-04-09 14:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\LocalLow\WebEx
2020-05-10 12:21 - 2020-04-09 14:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\WebEx
2020-05-10 12:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-05-10 12:20 - 2018-12-08 14:50 - 000000000 ____D C:\ProgramData\pctonics.com
2020-05-10 12:20 - 2018-09-07 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-05-10 12:20 - 2018-09-07 20:00 - 000000000 ____D C:\Program Files\CCleaner
2020-05-10 12:20 - 2013-01-08 14:41 - 000000000 ____D C:\ProgramData\Norton
2020-05-10 12:02 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\registration
2020-05-10 12:00 - 2013-05-17 17:34 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-10 08:34 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-10 00:32 - 2019-09-29 00:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-09 23:08 - 2019-09-28 19:34 - 000000000 ___DC C:\WINDOWS\Panther
2020-05-09 23:08 - 2013-05-08 23:24 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\CrashDumps
2020-05-09 22:07 - 2018-04-01 10:02 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\Packages
2020-05-05 15:56 - 2013-04-22 02:03 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Roaming\Adobe
2020-04-30 21:59 - 2018-06-09 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-28 09:31 - 2013-04-22 09:53 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-28 09:31 - 2013-04-22 09:53 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-24 19:08 - 2013-05-01 21:04 - 000000000 ____D C:\Users\Juan Munzenmayer\Documents\clases - charlas
2020-04-23 16:27 - 2018-06-12 15:00 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\PlaceholderTileLogoFolder
2020-04-16 10:53 - 2013-05-04 23:23 - 000000000 ____D C:\Users\Juan Munzenmayer\AppData\Local\ElevatedDiagnostics
2020-04-16 08:37 - 2019-09-29 00:05 - 000351592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 00:23 - 2019-03-19 00:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-16 00:21 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-14 16:50 - 2019-09-29 00:45 - 000004626 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-14 16:50 - 2019-09-29 00:45 - 000004430 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-04-14 16:50 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-14 16:50 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-11 09:44 - 2020-04-03 10:26 - 000000000 ____D C:\WINDOWS\KMSServerService==================== Archivos en la raíz de algunos directorios ========
2013-09-07 10:24 - 2013-09-25 01:00 - 000000109 _____ () C:\Users\Juan Munzenmayer\AppData\Roaming\mbam.context.scan
2013-05-14 17:56 - 2020-03-31 15:36 - 000010752 _____ () C:\Users\Juan Munzenmayer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini==================== SigCheck ============================
(No existe una corrección automática para los archivos que no pasan la verificación.)
==================== Final de FRST.txt ========================
-
For some reason, I cannot post anything at all.
-
Should I run it in normal or safe mode?
-
It had always redirected me to the Recovery Enviroment before, without having to hold down the shift key and reboot. I had tried Start Up repair before, but it did not do anything. Anyways, I did it again based on your suggestion, and it booted succesfully, albeit very slowly.
-
Beforehand, this is not my laptop, but my father's and he asked me to fix it because it was slow, but he also bought a new one. He keeps buying them, because they get full of malware, get slow, and then off to a new one. Trying to make him not waste money, I tried to fix it. It is a Windows 10 (x64), but I don't remember which version specifically.
Anyways, I boot it in safe mode with internet, and look for MBAM, since I installed it in his laptop months ago, but it was not there. Weird. So I download it, run it, and it found some stuff. I remember some of them called Hack.Tools but not much. I remove all of them as suggested and reboot again in safe mode. I ran Superantispyware, but it found nothing. Then I ran TDSSkiller, which found nothing, and then HitmanPro (trial version), which found other stuff, and remnants of the stuff MBAM removed. So I removed them. I also ran CCleaner with temp files and registry.
I tried rebooting into safe mode, after that, but it loaded the "Acer" splash screen, but could not go further than that and it started Windows start up repair and went to the start up repair screen. I ran chkdsk, sfc and dism on the appropriate drive letter, but none of them found anything, but still cannot boot into any mode. I cannot post logs because I cannot reach them in first place.
MBAM found malware, what now?
in Resolved Malware Removal Logs
Posted
Thing is, this is already a new fresh installation and I never had infections before nor do I tamper the registry.
Interestingly enough, it isn't appearing in the Temp folder.
I'd rather prefer this, TBH as I don't have a thumb drive large enough to back up things and cannot buy one either.