Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

keep seeing pop-ups and links are redirected


  • This topic is locked This topic is locked
6 replies to this topic

#1 NataliaPiecha

NataliaPiecha

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 14 August 2017 - 05:50 AM

My browser keeps loding random pages when I select any link. I have plenty adds on all websites I can badly see anything. Like this one on the right  (see image attched) I'm desperate, please make it stop.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2017
Ran by acer (administrator) on DESKTOP-S45PA2V (14-08-2017 12:40:58)
Running from C:\Users\acer\Downloads
Loaded Profiles: acer (Available Profiles: acer)
Platform: Windows 10 Home Version 1607 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(BitTorrent Inc.) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe
(BitTorrent Inc.) C:\Users\acer\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\acer\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1439_none_7efe016621f50bd0\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\fodhelper.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-14] (AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\Run: [uTorrent] => C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-06] (BitTorrent Inc.)
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [1278456 2017-05-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\RunOnce: [Uninstall 17.3.6917.0607\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\acer\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64"
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\RunOnce: [Uninstall 17.3.6917.0607] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\acer\AppData\Local\Microsoft\OneDrive\17.3.6917.0607"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-07-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe (McAfee, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f33b6a01-e10d-4055-905a-b4f00b1f9110}: [DhcpNameServer] 194.168.4.100 194.168.8.100
 
Internet Explorer:
==================
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
 
FireFox:
========
FF DefaultProfile: wyetmzwv.default
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\wyetmzwv.default [2017-08-14]
FF Extension: (AdBlocker Ultimate) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\wyetmzwv.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-04-10]
FF Extension: (Avast Online Security) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\wyetmzwv.default\Extensions\wrc@avast.com.xpi [2017-08-14]
FF Extension: (Adblock Plus) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\wyetmzwv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-14] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-13] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
 
Chrome: 
=======
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default [2017-08-14]
CHR Extension: (Presentaciones de Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-13]
CHR Extension: (Google Docs) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-13]
CHR Extension: (Google Drive) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-13]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-13]
CHR Extension: (Adblock Plus) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-08-14]
CHR Extension: (Ladbible.com Change Club) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlplljgdgjmjhplpjkdhgaeblphihek [2017-07-09]
CHR Extension: (Take Smarp) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\falalcojiamdgnejmfijffbffjiklojp [2017-07-09]
CHR Extension: (Hojas de cálculo de Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-14]
CHR Extension: (Avast Online Security) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-14]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-13]
CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-14]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] ()
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-14] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-14] (AVAST Software)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.587\McCHSvc.exe [404376 2017-06-30] (McAfee, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269400 2017-01-17] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-08-14] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-14] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-08-14] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-08-14] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-08-14] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-08-14] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-14] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-08-14] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-08-14] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-08-14] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-08-14] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-14] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [74336 2017-01-17] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-07 13:18 - 2017-09-07 13:19 - 000000000 ____D C:\Users\acer\mfeeddata.IsabelPiecha
2017-09-07 13:18 - 2017-09-07 13:19 - 000000000 ____D C:\Users\acer\mfeeddata
2017-09-07 13:18 - 2017-09-07 13:18 - 000000000 ____D C:\ProgramData\Oracle
2017-09-07 13:18 - 2017-06-19 18:50 - 000000021 _____ C:\Users\acer\msi
2017-08-14 12:38 - 2017-08-14 12:38 - 000001047 _____ C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Funciones opcionales.lnk
2017-08-14 12:27 - 2017-08-14 12:40 - 000507040 _____ C:\TDSSKiller.3.1.0.15_14.08.2017_12.27.22_log.txt
2017-08-14 12:25 - 2017-08-14 12:25 - 004922400 _____ (AO Kaspersky Lab) C:\Users\acer\Desktop\123.com.exe
2017-08-14 12:25 - 2017-08-14 12:25 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-14 12:03 - 2017-08-14 12:12 - 000044243 _____ C:\Users\acer\Downloads\Addition.txt
2017-08-14 12:02 - 2017-08-14 12:40 - 000015463 _____ C:\Users\acer\Downloads\FRST.txt
2017-08-14 12:02 - 2017-08-14 12:40 - 000000000 ____D C:\FRST
2017-08-14 12:01 - 2017-08-14 12:01 - 002395648 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe
2017-08-14 12:01 - 2017-08-14 12:01 - 002395648 _____ (Farbar) C:\Users\acer\Downloads\FRST64 (1).exe
2017-08-14 11:55 - 2017-08-14 11:55 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-493700396-2643331240-3997325884-1001
2017-08-14 11:52 - 2017-08-14 11:52 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-14 11:50 - 2017-08-14 11:50 - 000000000 ____D C:\Users\acer\AppData\LocalLow\uTorrent
2017-08-14 11:35 - 2017-08-14 11:36 - 001204208 _____ (Adobe Systems Incorporated) C:\Users\acer\Downloads\flashplayer26_id_install.exe
2017-08-14 11:25 - 2017-08-14 12:04 - 000004030 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1502702744
2017-08-14 11:25 - 2017-08-14 12:04 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-14 11:25 - 2017-08-14 11:25 - 000001088 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-08-14 11:24 - 2017-08-14 11:23 - 000041800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-08-14 11:22 - 2017-08-14 11:22 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-14 11:22 - 2017-08-14 11:22 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-14 11:22 - 2017-08-14 11:22 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-08-14 11:22 - 2017-08-14 11:22 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-08-14 11:22 - 2017-08-14 11:22 - 000001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-08-14 11:22 - 2017-08-14 11:22 - 000001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-08-14 11:22 - 2017-08-14 11:22 - 000000000 ____D C:\Users\acer\AppData\Roaming\AVAST Software
2017-08-14 11:22 - 2017-08-14 11:21 - 000585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-08-14 11:22 - 2017-08-14 11:21 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-08-14 11:22 - 2017-08-14 11:21 - 000198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-08-14 11:22 - 2017-08-14 11:21 - 000110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-08-14 11:22 - 2017-08-14 11:21 - 000084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-08-14 11:22 - 2017-08-14 11:21 - 000046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-08-14 11:22 - 2017-08-14 11:20 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-08-14 11:22 - 2017-08-14 11:20 - 000320008 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-08-14 11:22 - 2017-08-14 11:20 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-08-14 11:22 - 2017-08-14 11:20 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-08-14 11:21 - 2017-08-14 11:21 - 000400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-08-14 11:18 - 2017-08-14 11:23 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-14 11:17 - 2017-08-14 11:18 - 006948656 _____ (AVAST Software) C:\Users\acer\Downloads\avast_free_antivirus_setup_online (1).exe
2017-08-14 11:17 - 2017-08-14 11:17 - 006948656 _____ (AVAST Software) C:\Users\acer\Downloads\avast_free_antivirus_setup_online.exe
2017-08-14 10:53 - 2017-06-30 16:46 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-08-14 10:53 - 2017-06-30 16:46 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-24 14:31 - 2017-07-24 14:31 - 000725649 _____ C:\Users\acer\Documents\itinerario.pdf
2017-07-18 00:53 - 2017-07-07 09:49 - 000340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-18 00:53 - 2017-07-07 09:46 - 000781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-18 00:53 - 2017-07-07 09:45 - 002263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-18 00:53 - 2017-07-07 09:40 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-18 00:53 - 2017-07-07 09:29 - 005686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-18 00:53 - 2017-07-07 09:20 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2017-07-18 00:53 - 2017-07-07 09:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-18 00:53 - 2017-07-07 09:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-18 00:53 - 2017-07-07 09:18 - 000450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-18 00:53 - 2017-07-07 09:18 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll
2017-07-18 00:53 - 2017-07-07 09:17 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-18 00:53 - 2017-07-07 09:14 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-18 00:53 - 2017-07-07 09:14 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-18 00:53 - 2017-07-07 09:13 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-07-18 00:53 - 2017-07-07 09:13 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-18 00:53 - 2017-07-07 09:11 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-18 00:53 - 2017-07-07 09:10 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-18 00:53 - 2017-07-07 09:09 - 000637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-18 00:53 - 2017-07-07 09:09 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-18 00:53 - 2017-07-07 09:06 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-18 00:53 - 2017-07-07 09:06 - 007626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-18 00:53 - 2017-07-07 09:05 - 019414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-18 00:53 - 2017-07-07 09:03 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-18 00:53 - 2017-07-07 09:02 - 001313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-18 00:53 - 2017-07-07 09:00 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-18 00:53 - 2017-07-07 09:00 - 000476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-18 00:53 - 2017-07-07 08:57 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-18 00:53 - 2017-07-07 08:56 - 006035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-18 00:53 - 2017-07-07 08:55 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-18 00:53 - 2017-07-07 08:55 - 001571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-18 00:53 - 2017-07-07 08:54 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-18 00:53 - 2017-07-07 08:54 - 002027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-18 00:53 - 2017-07-07 08:53 - 002483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-18 00:53 - 2017-07-07 08:52 - 004561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-18 00:53 - 2017-07-07 08:52 - 001599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-18 00:53 - 2017-07-07 08:52 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-18 00:53 - 2017-06-22 08:17 - 000987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-18 00:53 - 2017-06-22 08:17 - 000485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-18 00:53 - 2017-06-21 09:42 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-18 00:53 - 2017-06-21 09:42 - 000601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-18 00:53 - 2017-06-21 09:41 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-18 00:53 - 2017-06-21 09:38 - 000790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-18 00:53 - 2017-06-21 09:29 - 005722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-18 00:53 - 2017-06-21 09:28 - 001504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-18 00:53 - 2017-06-21 09:27 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-18 00:53 - 2017-06-21 09:27 - 000975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-18 00:53 - 2017-06-21 09:27 - 000861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-18 00:53 - 2017-06-21 09:27 - 000549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-07-18 00:53 - 2017-06-21 09:25 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-07-18 00:53 - 2017-06-21 09:24 - 000154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll
2017-07-18 00:53 - 2017-06-21 09:22 - 000361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 006665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 001557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-18 00:53 - 2017-06-21 09:21 - 000374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-07-18 00:53 - 2017-06-21 09:20 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-07-18 00:53 - 2017-06-21 09:20 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-07-18 00:53 - 2017-06-21 09:20 - 000312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2017-07-18 00:53 - 2017-06-21 09:04 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-18 00:53 - 2017-06-21 09:00 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-07-18 00:53 - 2017-06-21 09:00 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-07-18 00:53 - 2017-06-21 08:59 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-07-18 00:53 - 2017-06-21 08:59 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-07-18 00:53 - 2017-06-21 08:59 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-18 00:53 - 2017-06-21 08:59 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-07-18 00:53 - 2017-06-21 08:59 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-07-18 00:53 - 2017-06-21 08:58 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-07-18 00:53 - 2017-06-21 08:58 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-07-18 00:53 - 2017-06-21 08:58 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-18 00:53 - 2017-06-21 08:58 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-07-18 00:53 - 2017-06-21 08:57 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-18 00:53 - 2017-06-21 08:57 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-07-18 00:53 - 2017-06-21 08:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-07-18 00:53 - 2017-06-21 08:56 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-07-18 00:53 - 2017-06-21 08:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-07-18 00:53 - 2017-06-21 08:56 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-07-18 00:53 - 2017-06-21 08:56 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-18 00:53 - 2017-06-21 08:55 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-18 00:53 - 2017-06-21 08:55 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-07-18 00:53 - 2017-06-21 08:55 - 000265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-07-18 00:53 - 2017-06-21 08:55 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-07-18 00:53 - 2017-06-21 08:55 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-07-18 00:53 - 2017-06-21 08:55 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2017-07-18 00:53 - 2017-06-21 08:54 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-07-18 00:53 - 2017-06-21 08:54 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-18 00:53 - 2017-06-21 08:54 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2017-07-18 00:53 - 2017-06-21 08:53 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-07-18 00:53 - 2017-06-21 08:53 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-18 00:53 - 2017-06-21 08:53 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-18 00:53 - 2017-06-21 08:53 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-07-18 00:53 - 2017-06-21 08:53 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-18 00:53 - 2017-06-21 08:53 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-07-18 00:53 - 2017-06-21 08:52 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2017-07-18 00:53 - 2017-06-21 08:51 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-07-18 00:53 - 2017-06-21 08:51 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-07-18 00:53 - 2017-06-21 08:51 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-18 00:53 - 2017-06-21 08:51 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-18 00:53 - 2017-06-21 08:50 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-18 00:53 - 2017-06-21 08:50 - 000857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-07-18 00:53 - 2017-06-21 08:50 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-18 00:53 - 2017-06-21 08:50 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-07-18 00:53 - 2017-06-21 08:50 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-18 00:53 - 2017-06-21 08:50 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-18 00:53 - 2017-06-21 08:49 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-07-18 00:53 - 2017-06-21 08:49 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-07-18 00:53 - 2017-06-21 08:48 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-07-18 00:53 - 2017-06-21 08:48 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-07-18 00:53 - 2017-06-21 08:46 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-18 00:53 - 2017-06-21 08:46 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-07-18 00:53 - 2017-06-21 08:46 - 001137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-07-18 00:53 - 2017-06-21 08:46 - 001077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-07-18 00:53 - 2017-06-21 08:46 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-07-18 00:53 - 2017-06-21 08:45 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-07-18 00:53 - 2017-06-21 08:44 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-07-18 00:53 - 2017-06-21 08:44 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-18 00:53 - 2017-06-21 08:44 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-07-18 00:53 - 2017-06-21 08:43 - 001534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-07-18 00:53 - 2017-06-21 08:43 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-18 00:53 - 2017-06-21 08:43 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-07-18 00:53 - 2017-06-21 08:43 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-18 00:53 - 2017-06-21 08:42 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-18 00:53 - 2017-06-21 08:42 - 002749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-07-18 00:53 - 2017-06-21 08:42 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-07-18 00:53 - 2017-06-21 08:42 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-07-18 00:53 - 2017-06-21 08:42 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-07-18 00:53 - 2017-06-21 08:41 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-18 00:53 - 2017-06-21 08:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-07-18 00:53 - 2017-06-21 08:40 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-18 00:53 - 2017-06-21 08:40 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-07-18 00:53 - 2017-06-21 08:40 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-07-18 00:53 - 2017-06-21 08:40 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-07-18 00:53 - 2017-06-21 08:40 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-07-18 00:53 - 2017-06-21 08:40 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-18 00:53 - 2017-06-21 08:38 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-07-18 00:53 - 2017-06-21 08:38 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-07-18 00:53 - 2017-06-21 08:38 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-18 00:53 - 2017-06-21 08:38 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-18 00:53 - 2017-06-21 08:38 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-07-18 00:53 - 2017-06-21 08:37 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-18 00:53 - 2017-06-21 08:37 - 006109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-18 00:53 - 2017-06-21 08:37 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-18 00:53 - 2017-06-21 08:37 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-07-18 00:53 - 2017-06-21 08:36 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-18 00:53 - 2017-06-21 08:36 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 002740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 001656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-07-18 00:53 - 2017-06-21 08:35 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-07-18 00:53 - 2017-06-21 08:34 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-07-18 00:53 - 2017-06-21 08:34 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-18 00:53 - 2017-06-21 08:34 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-07-18 00:53 - 2017-06-21 08:34 - 000654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-07-18 00:53 - 2017-06-21 08:34 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-18 00:53 - 2017-06-21 08:34 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-07-18 00:53 - 2017-06-21 08:33 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-07-18 00:53 - 2017-06-21 08:33 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-07-18 00:53 - 2017-06-21 08:33 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-07-18 00:53 - 2017-06-21 08:33 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-18 00:53 - 2017-06-21 08:32 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-18 00:53 - 2017-06-21 08:32 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-07-18 00:53 - 2017-06-21 08:31 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-07-18 00:53 - 2017-06-21 08:30 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2017-07-18 00:53 - 2017-03-04 08:56 - 000263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-07-18 00:53 - 2017-03-04 08:21 - 001243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-07-18 00:53 - 2017-03-04 08:20 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-07-18 00:53 - 2017-03-04 08:20 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-07-18 00:53 - 2017-03-04 08:19 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-07-18 00:53 - 2017-03-04 08:18 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-07-18 00:53 - 2017-03-04 08:16 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-07-18 00:53 - 2017-03-04 08:02 - 002138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-18 00:53 - 2016-09-15 18:58 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-18 00:52 - 2017-07-07 08:55 - 004423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-18 00:52 - 2017-06-21 09:39 - 002048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-18 00:52 - 2017-06-21 09:30 - 000869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-07-18 00:52 - 2017-06-21 09:30 - 000196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-18 00:52 - 2017-06-21 09:28 - 002277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-07-18 00:52 - 2017-06-21 09:28 - 000524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-07-18 00:52 - 2017-06-21 09:28 - 000170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-18 00:52 - 2017-06-21 09:27 - 001122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-18 00:52 - 2017-06-21 09:27 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-18 00:52 - 2017-06-21 09:25 - 002168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-18 00:52 - 2017-06-21 09:24 - 000846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-07-18 00:52 - 2017-06-21 09:20 - 000962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-18 00:52 - 2017-06-21 09:19 - 004312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-18 00:52 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-18 00:52 - 2017-06-21 09:01 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-07-18 00:52 - 2017-06-21 09:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-18 00:52 - 2017-06-21 09:00 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-07-18 00:52 - 2017-06-21 08:58 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-07-18 00:52 - 2017-06-21 08:57 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-07-18 00:52 - 2017-06-21 08:56 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-07-18 00:52 - 2017-06-21 08:56 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-07-18 00:52 - 2017-06-21 08:56 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-18 00:52 - 2017-06-21 08:56 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-07-18 00:52 - 2017-06-21 08:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-07-18 00:52 - 2017-06-21 08:55 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-07-18 00:52 - 2017-06-21 08:54 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-07-18 00:52 - 2017-06-21 08:54 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-07-18 00:52 - 2017-06-21 08:53 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-07-18 00:52 - 2017-06-21 08:52 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-07-18 00:52 - 2017-06-21 08:51 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-07-18 00:52 - 2017-06-21 08:49 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-07-18 00:52 - 2017-06-21 08:48 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-07-18 00:52 - 2017-06-21 08:47 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-18 00:52 - 2017-06-21 08:45 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-18 00:52 - 2017-06-21 08:45 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-18 00:52 - 2017-06-21 08:45 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-18 00:52 - 2017-06-21 08:44 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-18 00:52 - 2017-06-21 08:44 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-18 00:52 - 2017-06-21 08:43 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-07-18 00:52 - 2017-06-21 08:42 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll
2017-07-18 00:52 - 2017-06-21 08:40 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-18 00:52 - 2017-06-21 08:39 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-18 00:52 - 2017-06-21 08:39 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-07-18 00:52 - 2017-06-21 08:38 - 003733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-18 00:52 - 2017-06-21 08:38 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-07-18 00:52 - 2017-06-21 08:37 - 000357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-07-18 00:52 - 2017-06-21 08:36 - 001247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-07-18 00:52 - 2017-06-21 08:35 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-18 00:52 - 2017-06-21 08:34 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-18 00:52 - 2017-06-21 08:10 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-18 00:52 - 2017-03-04 08:21 - 000670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-07-18 00:52 - 2017-03-04 08:20 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-07-18 00:52 - 2016-10-05 11:15 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-07-18 00:52 - 2016-09-15 18:47 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-07-18 00:46 - 2017-07-07 09:37 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-18 00:46 - 2017-07-07 09:29 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-18 00:46 - 2017-07-07 09:18 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-18 00:46 - 2017-07-07 08:44 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-18 00:46 - 2017-07-07 08:34 - 009131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-18 00:46 - 2017-07-07 08:24 - 005388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-07-18 00:46 - 2017-07-07 08:24 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-18 00:46 - 2017-07-07 08:24 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-18 00:46 - 2017-07-06 06:29 - 000690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-18 00:46 - 2017-06-21 09:52 - 000088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-07-18 00:46 - 2017-06-21 09:52 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-18 00:46 - 2017-06-21 09:40 - 000328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-07-18 00:46 - 2017-06-21 09:38 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-18 00:46 - 2017-06-21 09:38 - 001738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-18 00:46 - 2017-06-21 09:37 - 001157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-18 00:46 - 2017-06-21 09:33 - 000408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-07-18 00:46 - 2017-06-21 09:32 - 008169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-18 00:46 - 2017-06-21 09:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-18 00:46 - 2017-06-21 09:02 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-18 00:46 - 2017-06-21 09:02 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-07-18 00:46 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-07-18 00:46 - 2017-06-21 09:02 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-18 00:46 - 2017-06-21 09:01 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2017-07-18 00:46 - 2017-06-21 09:00 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-07-18 00:46 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-07-18 00:46 - 2017-06-21 09:00 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-18 00:46 - 2017-06-21 09:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-07-18 00:46 - 2017-06-21 09:00 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-07-18 00:46 - 2017-06-21 08:59 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-07-18 00:46 - 2017-06-21 08:59 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-07-18 00:46 - 2017-06-21 08:59 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-07-18 00:46 - 2017-06-21 08:59 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2017-07-18 00:46 - 2017-06-21 08:59 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-07-18 00:46 - 2017-06-21 08:59 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-07-18 00:46 - 2017-06-21 08:58 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-07-18 00:46 - 2017-06-21 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2017-07-18 00:46 - 2017-06-21 08:58 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-18 00:46 - 2017-06-21 08:57 - 000418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-07-18 00:46 - 2017-06-21 08:57 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-07-18 00:46 - 2017-06-21 08:57 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-07-18 00:46 - 2017-06-21 08:56 - 001507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-07-18 00:46 - 2017-06-21 08:56 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-18 00:46 - 2017-06-21 08:56 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-18 00:46 - 2017-06-21 08:56 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-07-18 00:46 - 2017-06-21 08:55 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-07-18 00:46 - 2017-06-21 08:55 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-18 00:46 - 2017-06-21 08:55 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-18 00:46 - 2017-06-21 08:55 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-07-18 00:46 - 2017-06-21 08:54 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-07-18 00:46 - 2017-06-21 08:54 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-18 00:46 - 2017-06-21 08:54 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-07-18 00:46 - 2017-06-21 08:53 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-07-18 00:46 - 2017-06-21 08:53 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-07-18 00:46 - 2017-06-21 08:52 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-07-18 00:46 - 2017-06-21 08:52 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-18 00:46 - 2017-06-21 08:51 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-07-18 00:46 - 2017-06-21 08:49 - 002104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-07-18 00:46 - 2017-06-21 08:49 - 001913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-07-18 00:46 - 2017-06-21 08:49 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-07-18 00:46 - 2017-06-21 08:46 - 003290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-07-18 00:46 - 2017-06-21 08:45 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-07-18 00:46 - 2017-06-21 08:44 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-07-18 00:46 - 2017-06-21 08:41 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-18 00:46 - 2017-06-21 08:41 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-18 00:46 - 2017-06-21 08:39 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-18 00:46 - 2017-06-21 08:38 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-18 00:46 - 2017-06-21 08:38 - 002424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-07-18 00:46 - 2017-06-21 08:38 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-18 00:46 - 2017-06-21 08:38 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-07-18 00:46 - 2017-06-21 08:37 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-07-18 00:46 - 2017-06-21 08:36 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-18 00:46 - 2017-06-21 08:36 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-18 00:46 - 2017-06-21 08:36 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-18 00:46 - 2017-06-21 08:35 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-18 00:46 - 2017-06-21 08:35 - 001369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-07-18 00:46 - 2017-06-21 08:35 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-07-18 00:46 - 2017-06-21 08:34 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-07-18 00:46 - 2017-06-21 08:33 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-07-18 00:46 - 2017-06-21 08:33 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2017-07-18 00:46 - 2017-06-20 04:42 - 000993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-18 00:46 - 2017-05-23 06:58 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-18 00:46 - 2017-03-04 08:23 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-07-18 00:46 - 2017-03-04 08:12 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-07-18 00:45 - 2017-07-07 09:44 - 000108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-18 00:45 - 2017-07-07 09:42 - 007781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-18 00:45 - 2017-07-07 09:37 - 000468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-18 00:45 - 2017-07-07 09:32 - 000404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-18 00:45 - 2017-07-07 09:29 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-18 00:45 - 2017-07-07 09:28 - 000223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-18 00:45 - 2017-07-07 09:24 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-18 00:45 - 2017-07-07 09:23 - 001600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-07-18 00:45 - 2017-07-07 09:18 - 001100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-18 00:45 - 2017-07-07 09:18 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-18 00:45 - 2017-07-07 08:51 - 022569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-18 00:45 - 2017-07-07 08:49 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-18 00:45 - 2017-07-07 08:48 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2017-07-18 00:45 - 2017-07-07 08:48 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-18 00:45 - 2017-07-07 08:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-18 00:45 - 2017-07-07 08:46 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-07-18 00:45 - 2017-07-07 08:46 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-07-18 00:45 - 2017-07-07 08:45 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-07-18 00:45 - 2017-07-07 08:45 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-07-18 00:45 - 2017-07-07 08:45 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-18 00:45 - 2017-07-07 08:45 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-18 00:45 - 2017-07-07 08:44 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-18 00:45 - 2017-07-07 08:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2017-07-18 00:45 - 2017-07-07 08:44 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-18 00:45 - 2017-07-07 08:44 - 000139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-18 00:45 - 2017-07-07 08:44 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-18 00:45 - 2017-07-07 08:43 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-18 00:45 - 2017-07-07 08:43 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-18 00:45 - 2017-07-07 08:43 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-18 00:45 - 2017-07-07 08:42 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-18 00:45 - 2017-07-07 08:42 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-18 00:45 - 2017-07-07 08:39 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-18 00:45 - 2017-07-07 08:36 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-18 00:45 - 2017-07-07 08:35 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-18 00:45 - 2017-07-07 08:33 - 000576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2017-07-18 00:45 - 2017-07-07 08:31 - 023676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-18 00:45 - 2017-07-07 08:30 - 013090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-18 00:45 - 2017-07-07 08:29 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-18 00:45 - 2017-07-07 08:29 - 000932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-18 00:45 - 2017-07-07 08:28 - 002096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-18 00:45 - 2017-07-07 08:28 - 000759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-18 00:45 - 2017-07-07 08:28 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-18 00:45 - 2017-07-07 08:27 - 008120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-18 00:45 - 2017-07-07 08:24 - 004744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-18 00:45 - 2017-07-07 08:24 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-18 00:45 - 2017-07-07 08:24 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-18 00:45 - 2017-07-07 08:22 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-18 00:45 - 2017-06-21 09:53 - 000794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-18 00:45 - 2017-06-21 09:52 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-18 00:45 - 2017-06-21 09:52 - 001886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-18 00:45 - 2017-06-21 09:52 - 000774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-18 00:45 - 2017-06-21 09:51 - 002255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-18 00:45 - 2017-06-21 09:51 - 000434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-07-18 00:45 - 2017-06-21 09:50 - 000126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2017-07-18 00:45 - 2017-06-21 09:40 - 000224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-18 00:45 - 2017-06-21 09:38 - 007220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-18 00:45 - 2017-06-21 09:37 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-07-18 00:45 - 2017-06-21 09:36 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-07-18 00:45 - 2017-06-21 09:33 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-18 00:45 - 2017-06-21 09:32 - 004260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-18 00:45 - 2017-06-21 09:32 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-18 00:45 - 2017-06-21 09:32 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-07-18 00:45 - 2017-06-21 09:32 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-07-18 00:45 - 2017-06-21 09:26 - 000387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-18 00:45 - 2017-06-21 09:06 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-18 00:45 - 2017-06-21 09:02 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-18 00:45 - 2017-06-21 09:01 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-07-18 00:45 - 2017-06-21 09:01 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-07-18 00:45 - 2017-06-21 09:01 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-18 00:45 - 2017-06-21 09:00 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-07-18 00:45 - 2017-06-21 09:00 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll
2017-07-18 00:45 - 2017-06-21 09:00 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2017-07-18 00:45 - 2017-06-21 09:00 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-18 00:45 - 2017-06-21 09:00 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-18 00:45 - 2017-06-21 08:59 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-18 00:45 - 2017-06-21 08:59 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2017-07-18 00:45 - 2017-06-21 08:58 - 000418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-07-18 00:45 - 2017-06-21 08:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-07-18 00:45 - 2017-06-21 08:56 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-18 00:45 - 2017-06-21 08:56 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-07-18 00:45 - 2017-06-21 08:56 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-07-18 00:45 - 2017-06-21 08:55 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-07-18 00:45 - 2017-06-21 08:55 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-18 00:45 - 2017-06-21 08:54 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-07-18 00:45 - 2017-06-21 08:54 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-18 00:45 - 2017-06-21 08:54 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2017-07-18 00:45 - 2017-06-21 08:53 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-18 00:45 - 2017-06-21 08:53 - 000284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-18 00:45 - 2017-06-21 08:52 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-18 00:45 - 2017-06-21 08:52 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-18 00:45 - 2017-06-21 08:52 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-07-18 00:45 - 2017-06-21 08:49 - 003778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-18 00:45 - 2017-06-21 08:49 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-07-18 00:45 - 2017-06-21 08:49 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-07-18 00:45 - 2017-06-21 08:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-07-18 00:45 - 2017-06-21 08:48 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-18 00:45 - 2017-06-21 08:47 - 007655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-18 00:45 - 2017-06-21 08:47 - 001105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-07-18 00:45 - 2017-06-21 08:47 - 000442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-18 00:45 - 2017-06-21 08:46 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-18 00:45 - 2017-06-21 08:46 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-07-18 00:45 - 2017-06-21 08:46 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll
2017-07-18 00:45 - 2017-06-21 08:43 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-07-18 00:45 - 2017-06-21 08:43 - 000961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-07-18 00:45 - 2017-06-21 08:43 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-07-18 00:45 - 2017-06-21 08:42 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-07-18 00:45 - 2017-06-21 08:42 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-07-18 00:45 - 2017-06-21 08:42 - 000467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-07-18 00:45 - 2017-06-21 08:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-07-18 00:45 - 2017-06-21 08:42 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-07-18 00:45 - 2017-06-21 08:41 - 001359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-18 00:45 - 2017-06-21 08:41 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-18 00:45 - 2017-06-21 08:41 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-18 00:45 - 2017-06-21 08:41 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-07-18 00:45 - 2017-06-21 08:40 - 001891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-07-18 00:45 - 2017-06-21 08:40 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-07-18 00:45 - 2017-06-21 08:40 - 000611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-07-18 00:45 - 2017-06-21 08:39 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-07-18 00:45 - 2017-06-21 08:39 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-07-18 00:45 - 2017-06-21 08:38 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-07-18 00:45 - 2017-06-21 08:38 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-07-18 00:45 - 2017-06-21 08:37 - 000875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-18 00:45 - 2017-06-21 08:37 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-18 00:45 - 2017-06-21 08:36 - 000881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2017-07-18 00:45 - 2017-06-21 08:36 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-07-18 00:45 - 2017-06-21 08:35 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-07-18 00:45 - 2017-06-21 08:35 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-07-18 00:45 - 2017-06-21 08:34 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-18 00:45 - 2017-06-21 08:34 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-07-18 00:45 - 2017-03-04 09:10 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-18 00:45 - 2017-03-04 08:27 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-18 00:45 - 2017-03-04 08:26 - 000307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-07-18 00:45 - 2017-03-04 08:23 - 000583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-07-18 00:45 - 2017-03-04 08:20 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-07-18 00:45 - 2017-03-04 08:17 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-18 00:45 - 2017-03-04 08:15 - 001078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-07-18 00:45 - 2017-03-04 08:14 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-18 00:45 - 2016-10-15 05:45 - 001790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-07-18 00:45 - 2016-10-05 11:32 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-07-18 00:45 - 2016-08-27 07:12 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-18 00:44 - 2017-07-07 09:40 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-18 00:44 - 2017-07-07 09:23 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-18 00:44 - 2017-07-07 08:58 - 007217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-18 00:44 - 2017-07-07 08:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-18 00:44 - 2017-07-07 08:43 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-18 00:44 - 2017-07-07 08:28 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-18 00:44 - 2017-07-07 08:25 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-18 00:44 - 2017-07-07 08:24 - 002217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-18 00:44 - 2017-06-21 09:54 - 000603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-07-18 00:44 - 2017-06-21 09:48 - 002681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-18 00:44 - 2017-06-21 09:47 - 000764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-18 00:44 - 2017-06-21 09:40 - 001069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-18 00:44 - 2017-06-21 09:37 - 001369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-18 00:44 - 2017-06-21 09:37 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-18 00:44 - 2017-06-21 09:36 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-07-18 00:44 - 2017-06-21 09:36 - 000129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2017-07-18 00:44 - 2017-06-21 09:35 - 002915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-18 00:44 - 2017-06-21 09:35 - 001267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-07-18 00:44 - 2017-06-21 09:31 - 004674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-18 00:44 - 2017-06-21 09:31 - 001277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-18 00:44 - 2017-06-21 09:31 - 000160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-18 00:44 - 2017-06-21 09:04 - 001631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-18 00:44 - 2017-06-21 09:03 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-18 00:44 - 2017-06-21 09:01 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-07-18 00:44 - 2017-06-21 09:00 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-07-18 00:44 - 2017-06-21 08:59 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-07-18 00:44 - 2017-06-21 08:58 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-18 00:44 - 2017-06-21 08:58 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-07-18 00:44 - 2017-06-21 08:58 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-07-18 00:44 - 2017-06-21 08:57 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-07-18 00:44 - 2017-06-21 08:57 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-07-18 00:44 - 2017-06-21 08:57 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-07-18 00:44 - 2017-06-21 08:57 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-07-18 00:44 - 2017-06-21 08:57 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-07-18 00:44 - 2017-06-21 08:57 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-07-18 00:44 - 2017-06-21 08:56 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-07-18 00:44 - 2017-06-21 08:56 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-07-18 00:44 - 2017-06-21 08:56 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-07-18 00:44 - 2017-06-21 08:56 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-07-18 00:44 - 2017-06-21 08:56 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-07-18 00:44 - 2017-06-21 08:55 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-18 00:44 - 2017-06-21 08:55 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-07-18 00:44 - 2017-06-21 08:54 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-07-18 00:44 - 2017-06-21 08:54 - 000337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-07-18 00:44 - 2017-06-21 08:54 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-07-18 00:44 - 2017-06-21 08:53 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-18 00:44 - 2017-06-21 08:53 - 000437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-07-18 00:44 - 2017-06-21 08:53 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-07-18 00:44 - 2017-06-21 08:52 - 017198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-18 00:44 - 2017-06-21 08:52 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-18 00:44 - 2017-06-21 08:52 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-07-18 00:44 - 2017-06-21 08:52 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-18 00:44 - 2017-06-21 08:52 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-07-18 00:44 - 2017-06-21 08:51 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-18 00:44 - 2017-06-21 08:50 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2017-07-18 00:44 - 2017-06-21 08:49 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-07-18 00:44 - 2017-06-21 08:48 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-18 00:44 - 2017-06-21 08:47 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-18 00:44 - 2017-06-21 08:47 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-18 00:44 - 2017-06-21 08:47 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-07-18 00:44 - 2017-06-21 08:46 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-07-18 00:44 - 2017-06-21 08:46 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-07-18 00:44 - 2017-06-21 08:46 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-18 00:44 - 2017-06-21 08:44 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-07-18 00:44 - 2017-06-21 08:43 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-18 00:44 - 2017-06-21 08:43 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-18 00:44 - 2017-06-21 08:41 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-18 00:44 - 2017-06-21 08:41 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-18 00:44 - 2017-06-21 08:41 - 001021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-07-18 00:44 - 2017-06-21 08:41 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-18 00:44 - 2017-06-21 08:40 - 004474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-18 00:44 - 2017-06-21 08:40 - 001421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-18 00:44 - 2017-06-21 08:40 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-07-18 00:44 - 2017-06-21 08:40 - 000376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-07-18 00:44 - 2017-06-21 08:38 - 005611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-18 00:44 - 2017-06-21 08:38 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-18 00:44 - 2017-06-21 08:37 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-18 00:44 - 2017-06-21 08:36 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-07-18 00:44 - 2017-03-04 08:28 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-07-18 00:44 - 2017-03-04 08:19 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-14 12:41 - 2016-12-04 17:30 - 000000000 ____D C:\Users\acer\AppData\Roaming\uTorrent
2017-08-14 12:41 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-14 12:30 - 2016-11-27 14:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-14 12:27 - 2016-11-27 14:24 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-14 12:26 - 2016-12-04 12:07 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-14 12:26 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-14 12:26 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-14 12:17 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-14 12:17 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-14 12:09 - 2016-12-04 17:33 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-14 11:56 - 2016-11-24 00:22 - 002084678 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-14 11:56 - 2016-07-17 00:40 - 000859848 _____ C:\WINDOWS\system32\perfh00A.dat
2017-08-14 11:56 - 2016-07-17 00:40 - 000189732 _____ C:\WINDOWS\system32\perfc00A.dat
2017-08-14 11:55 - 2016-11-24 00:23 - 000002392 _____ C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-14 11:55 - 2016-11-24 00:23 - 000000000 ___RD C:\Users\acer\OneDrive
2017-08-14 11:49 - 2016-12-04 12:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-14 11:48 - 2016-11-24 10:38 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-08-14 11:48 - 2016-07-16 08:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-14 11:31 - 2016-11-25 22:24 - 000000000 ____D C:\Users\acer\AppData\LocalLow\Mozilla
2017-08-14 11:18 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-14 11:10 - 2017-06-13 21:43 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-14 11:10 - 2017-06-13 21:43 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-14 10:57 - 2016-11-24 00:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-14 10:52 - 2017-04-29 13:00 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-08-14 10:52 - 2016-12-04 12:08 - 000339352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-14 10:51 - 2017-04-29 12:51 - 000000000 ____D C:\Program Files\TrueKey
2017-08-14 10:51 - 2016-11-25 22:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-14 10:51 - 2016-11-25 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-14 10:47 - 2016-12-04 12:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-14 10:45 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-14 10:45 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-14 10:45 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-08-14 10:45 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-14 10:45 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-14 10:45 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-24 14:32 - 2017-04-30 14:54 - 000007966 _____ C:\WINDOWS\BRRBCOM.INI
2017-07-24 14:30 - 2016-11-24 00:20 - 000000000 ____D C:\Users\acer\AppData\Local\Packages
2017-07-17 18:56 - 2016-07-16 13:43 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-07-11 21:32
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2017
Ran by acer (14-08-2017 12:42:12)
Running from C:\Users\acer\Downloads
Windows 10 Home Version 1607 (X64) (2016-12-04 10:36:48)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
acer (S-1-5-21-493700396-2643331240-3997325884-1001 - Administrator - Enabled) => C:\Users\acer
Administrador (S-1-5-21-493700396-2643331240-3997325884-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-493700396-2643331240-3997325884-503 - Limited - Disabled)
Invitado (S-1-5-21-493700396-2643331240-3997325884-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2D70516-6748-58A3-85B0-A3CBF2EAB244}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Eines de correcció del Microsoft Office 2013: català (HKLM-x32\...\{90150000-001F-0403-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM-x32\...\{90150000-001F-0456-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.587.1 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 54.0.1 (x64 es-ES)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
OEM Application Profile (HKLM-x32\...\{60499BF0-C3D1-40CC-8600-8A7246534466}) (Version: 1.00.0000 - Nombre de su organización)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM-x32\...\{90150000-001F-0416-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-14] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-14] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-14] (AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-14] (AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\acer\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-11-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-14] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0195C32F-B730-497D-B806-0A180F90121C} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {13DBDC05-EC55-4286-92D2-C64E00073967} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-13] (Google Inc.)
Task: {27C28D1E-A96C-49B7-8F65-40D06A944791} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\acer\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4CA58C9C-9CCA-4D9E-BA11-9339F9EB9789} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-15] (Adobe Systems Incorporated)
Task: {4FC65E20-CF7F-4886-A85A-6A14E223557B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-14] (Adobe Systems Incorporated)
Task: {72170993-9838-4768-8308-7791DD3AB69C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-13] (Google Inc.)
Task: {7E5A197E-B13E-4238-8AFA-DE25326D8DF4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-14] (AVAST Software)
Task: {852A1244-3766-44AC-AB0B-480E27006D53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9695CB4E-6A93-4077-BC55-D578E3C2B2B2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {9FB22042-B9AC-4AD4-89B6-ACDDF354DD87} - System32\Tasks\SafeZone scheduled Autoupdate 1502702744 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {B4E13894-4FC9-4C70-8944-5A2E655C81D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BE3624CC-066B-41BC-836F-FC91AA166D45} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-18 00:44 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-04 12:01 - 2016-12-04 12:01 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-18 13:54 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-07-17 18:28 - 2017-07-17 18:28 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-17 18:28 - 2017-07-17 18:28 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-17 18:28 - 2017-07-17 18:28 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-17 18:28 - 2017-07-17 18:28 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2016-11-21 17:19 - 2016-11-21 17:19 - 000155016 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2017-08-14 11:10 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-14 11:10 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2017-03-18 13:54 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-18 13:54 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 13:54 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-07-18 00:44 - 2017-06-21 08:36 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-07-18 00:44 - 2017-06-21 08:35 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-07-18 00:44 - 2017-06-21 08:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-14 11:20 - 2017-08-14 11:20 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-14 11:21 - 2017-08-14 11:21 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-14 11:21 - 2017-08-14 11:21 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-14 11:20 - 2017-08-14 11:20 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-14 11:20 - 2017-08-14 11:20 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-14 11:20 - 2017-08-14 11:20 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-14 11:20 - 2017-08-14 11:20 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 13:04 - 2017-07-11 17:44 - 000000865 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\12705581_1750575468508886_3688057009959231036_n.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "StartCN"
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{F765938E-2C85-4AB9-B952-DECFFAF0F72E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3CDE87B3-7BB6-4CB7-87DB-BEFBF6E61B0E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DBFF3718-992A-417E-830A-779B6313A8D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{11C1BC0C-CA26-4AE9-9842-00F244FD22E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{98B8A05A-8763-4B7A-92FE-B32613421E77}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{7FF83578-927C-4B40-BE6F-0164984D351F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9410A396-1DB2-4911-B830-1FAB731F99A5}] => (Allow) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{98F23012-B93C-4522-8F35-1C9DF792D315}] => (Allow) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3CC59CDF-46CE-46FE-9D97-7DB4E4224099}] => (Allow) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8FA82D4F-AB45-451E-BF6B-8D4E9E919DD6}] => (Allow) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C7B7586D-6EE4-4AC9-90D1-637C6194D387}] => (Allow) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E4017C4-5EFC-424B-8EAC-92BE39EB330F}] => (Allow) C:\Users\acer\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{25B0858E-8BD1-45BC-8978-7A7B48562821}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{940B01FB-01C7-4C82-A0DE-A61722D2640C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3D474224-4E97-48D7-8BAA-6D70D98081DF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{24DC7C46-A17A-410C-BA2F-09EE536787C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{7CAC4F81-D6A6-4B8C-9C1D-27820A9B8711}C:\program files (x86)\equityfeed\equityfeed\equityfeed.exe] => (Allow) C:\program files (x86)\equityfeed\equityfeed\equityfeed.exe
FirewallRules: [UDP Query User{7F86E6DF-365E-4628-BCBF-37244BF36D44}C:\program files (x86)\equityfeed\equityfeed\equityfeed.exe] => (Allow) C:\program files (x86)\equityfeed\equityfeed\equityfeed.exe
FirewallRules: [TCP Query User{CE17B6D1-E6D2-4D42-BCE3-6B348325655D}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F86F0F58-2946-48DD-93C0-121D7FA4D541}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{53FBBA32-260E-4071-98E6-1F64A4E3FF0C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FB376483-F265-4B46-A3D8-856DDD3BA5C9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{7D1E6158-5324-4A0A-9DF2-29ECB160294D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
 
==================== Restore Points =========================
 
06-07-2017 18:38:00 Windows Update
18-07-2017 01:02:21 Windows Update
14-08-2017 11:28:06 Removed Equityfeed
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/14/2017 12:29:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.
 
Error: (08/14/2017 11:51:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-S45PA2V)
Description: Se detuvo el paquete Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy+CortanaUI porque se tardó demasiado en suspender.
 
Error: (08/14/2017 11:28:36 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.
 
System Error:
Acceso denegado.
.
 
Error: (08/14/2017 11:22:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll".
No se encontró el ensamblado dependiente Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1".
Use sxstrace.exe para obtener un diagnóstico detallado.
 
Error: (07/24/2017 10:50:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: esu.exe, versión: 1.0.0.0, marca de tiempo: 0x58dac8d5
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.14393.1358, marca de tiempo: 0x59327ae2
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x000da9f2
Identificador del proceso con errores: 0x27a0
Hora de inicio de la aplicación con errores: 0x01d30459d5f17e5e
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: c5556131-0cdf-4eb1-959c-9097874d7353
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:
 
Error: (07/24/2017 10:50:20 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: esu.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
   en System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
   en Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
   en Garmin.Omt.Service.Shared.Overrides..cctor()
 
Información de la excepción: System.TypeInitializationException
   en Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
   en Garmin.Omt.Express.SelfUpdater.Program.RealMain()
   en Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])
 
Error: (07/22/2017 02:01:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: esu.exe, versión: 1.0.0.0, marca de tiempo: 0x58dac8d5
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.14393.1358, marca de tiempo: 0x59327ae2
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x000da9f2
Identificador del proceso con errores: 0x27f8
Hora de inicio de la aplicación con errores: 0x01d302e2307e254e
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 212d94e9-ad99-4955-805e-058b31540790
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:
 
Error: (07/22/2017 02:01:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: esu.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
   en System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
   en Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
   en Garmin.Omt.Service.Shared.Overrides..cctor()
 
Información de la excepción: System.TypeInitializationException
   en Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
   en Garmin.Omt.Express.SelfUpdater.Program.RealMain()
   en Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])
 
Error: (07/21/2017 09:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: esu.exe, versión: 1.0.0.0, marca de tiempo: 0x58dac8d5
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.14393.1358, marca de tiempo: 0x59327ae2
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x000da9f2
Identificador del proceso con errores: 0x1330
Hora de inicio de la aplicación con errores: 0x01d3025964b7599f
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: 2fc786cf-8ec9-4a31-beb4-9473d796c394
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:
 
Error: (07/21/2017 09:42:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: esu.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileNotFoundException
   en Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
   en System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
   en Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
   en Garmin.Omt.Service.Shared.Overrides..cctor()
 
Información de la excepción: System.TypeInitializationException
   en Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
   en Garmin.Omt.Express.SelfUpdater.Program.RealMain()
   en Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])
 
 
System errors:
=============
Error: (08/14/2017 12:27:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x8024200d: Actualización de características a Windows 10, versión 1703.
 
Error: (08/14/2017 11:49:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 y APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (08/14/2017 11:49:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Garmin Device Interaction Service no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.
 
Error: (08/14/2017 11:49:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Garmin Device Interaction Service.
 
Error: (08/14/2017 11:49:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (08/14/2017 11:49:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
Error: (08/14/2017 11:49:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio InstallerService no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.
 
Error: (08/14/2017 11:49:11 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: La DLL de notificación de contraseña "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" no se pudo cargar y dio el error 126. Compruebe que la ruta de acceso de la DLL de notificación definida en el registro, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, haga referencia a una ruta de acceso correcta y absoluta (<unidad>:\<ruta de acceso>\<nombre de archivo>.<ext>) y no a una ruta de acceso relativa o no válida. Si la ruta de acceso de la DLL es correcta, valide que los archivos auxiliares se encuentren en el mismo directorio, y que la cuenta del sistema tenga acceso de lectura tanto en la ruta de acceso de la DLL, como en los archivos auxiliares. Póngase en contacto con el proveedor de la DLL de notificación para obtener soporte adicional. Si desea obtener más detalles visite http://go.microsoft.com/fwlink/?LinkId=245898.
 
Error: (08/14/2017 11:46:34 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S45PA2V)
Description: El servidor {9BA05972-F6A8-11CF-A442-00A0C90A8F39} no se registró con DCOM dentro del tiempo de espera requerido.
 
Error: (08/14/2017 11:46:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.
 
 
CodeIntegrity:
===================================
  Date: 2017-07-06 19:45:22.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-06-28 21:45:06.879
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-06-21 22:32:00.116
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-06-11 17:34:28.262
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-06-06 19:34:14.355
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-06-04 22:11:00.096
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-05-07 12:00:37.891
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-04-29 12:07:23.002
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-04-22 12:47:59.254
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-04-13 22:14:52.135
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD A10-5757M APU with Radeon™ HD Graphics 
Percentage of memory in use: 45%
Total physical RAM: 7629.36 MB
Available physical RAM: 4183.84 MB
Total Virtual: 8845.36 MB
Available Virtual: 5044.08 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.02 GB) (Free:864.53 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 51980C82)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Attached Files


Edited by NataliaPiecha, 14 August 2017 - 05:52 AM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,720 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:29 PM

Posted 14 August 2017 - 08:51 PM

Greetings NataliaPiecha and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Which browser(s) is affected?

Please consider and do this.

===================================================

Peer to Peer (P2P) Warning

--------------------

Going over your logs I noticed that you have Peer 2 Peer (torrent) program(s) installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Peer 2 Peer programs, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about CryptoLocker Ransomware, a type of Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities.

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Right click on the FRST icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time
Start::
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR Extension: (Ladbible.com Change Club) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlplljgdgjmjhplpjkdhgaeblphihek [2017-07-09]
CHR Extension: (Take Smarp) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\falalcojiamdgnejmfijffbffjiklojp [2017-07-09]
Task: {0195C32F-B730-497D-B806-0A180F90121C} - \AutoPico Daily Restart -> No File <==== ATTENTION
cmd: dir /s C:\Users\acer\mfeeddata
cmd: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
End::
  • Click Fix
  • Copy and paste the contents of the Fixlog.txt file in your reply.
===================================================

Malwarebytes AdwCleaner

-------------------
  • Please download AdwCleaner and save it on your desktop.
  • Close all open programs and browsers
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed if there are threats found you will see Found 3 threats or something similar above the progress bar
  • Click each tab under Results and uncheck any items you want to keep
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Click OK twice to finish the removal process by automatically rebooting your computer
  • Once completed an AdwCleaner document will open on your desktop
  • Copy and paste the contents in your reply
=================

Malwarebytes Junkware Removal Tool

-------------------
  • Please download Junkware Removal Tool and save it to your Desktop
  • Right click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Press any key to start the scan
  • Once completed a JRT.txt document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Which browser(s)
  • Fixlog
  • AdwCleaner log
  • JRT log
  • Update on browser behavior

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 NataliaPiecha

NataliaPiecha
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 15 August 2017 - 08:20 AM

Hi Gary!

 

And Thank you, thank you thank you!

Everything seems to be working just fine, no weird pages loading by itself, no banners everywhere, I click on a link and it actually takes me to that link 0_0 hehehe. Thank you

 Sorry one of them is in Spanish, not sure how to changed as the computer is Spanish. Any tips about how to avoid this situation again? This is my 13 years old sister laptop and, well, she is not really careful. Between Mcafee and Avast, which one would you recommend? 
 

Well thank you again!

 

 

- Worst of them was Chrome. Mozilla was funny also.

- Fixlog:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-08-2017
Ran by acer (15-08-2017 14:37:59) Run:1
Running from C:\Users\acer\Downloads
Loaded Profiles: acer (Available Profiles: acer)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
 
CreateRestorePoint:
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
CHR Extension: (Ladbible.com Change Club) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlplljgdgjmjhplpjkdhgaeblphihek [2017-07-09]
CHR Extension: (Take Smarp) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\falalcojiamdgnejmfijffbffjiklojp [2017-07-09]
Task: {0195C32F-B730-497D-B806-0A180F90121C} - \AutoPico Daily Restart -> No File <==== ATTENTION
cmd: dir /s C:\Users\acer\mfeeddata
cmd: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
cmd: netsh winsock reset catalog
cmd: netsh int ip reset C:\resettcpip.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: Bitsadmin /Reset /Allusers
cmd: ipconfig /flushdns
Removeproxy:
 
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
CHR Extension: (Ladbible.com Change Club) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehlplljgdgjmjhplpjkdhgaeblphihek [2017-07-09] => Error: No automatic fix found for this entry.
CHR Extension: (Take Smarp) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\falalcojiamdgnejmfijffbffjiklojp [2017-07-09] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0195C32F-B730-497D-B806-0A180F90121C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0195C32F-B730-497D-B806-0A180F90121C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key removed successfully
 
========= dir /s C:\Users\acer\mfeeddata =========
 
 El volumen de la unidad C no tiene etiqueta.
 El n£mero de serie del volumen es: F4C1-0B58
 
 Directorio de C:\Users\acer\mfeeddata
 
07/09/2017  13:19    <DIR>          .
07/09/2017  13:19    <DIR>          ..
07/05/2013  18:35           348.288 alert1.wav
07/05/2013  18:37           326.948 alert2.wav
07/05/2013  18:34           328.346 alert3.wav
07/05/2013  18:31           299.490 alert4.wav
07/05/2013  18:41           303.354 alert5.wav
30/07/2015  19:36            23.206 beep1.wav
30/07/2015  19:36            45.256 beep2.wav
21/09/2015  16:59            15.360 EF_LightSpeed.dll
26/07/2011  21:27            97.792 ef_realTick.dll
19/07/2012  23:05            13.312 EF_Sterling.dll
26/07/2011  22:00             6.144 MathLibrary.dll
19/06/2017  18:50               478 RTReg.bat
19/06/2017  18:50    <DIR>          temp
              12 archivos      1.807.974 bytes
 
 Directorio de C:\Users\acer\mfeeddata\temp
 
19/06/2017  18:50    <DIR>          .
19/06/2017  18:50    <DIR>          ..
19/06/2017  18:53    <DIR>          20170619
               0 archivos              0 bytes
 
 Directorio de C:\Users\acer\mfeeddata\temp\20170619
 
19/06/2017  18:53    <DIR>          .
19/06/2017  18:53    <DIR>          ..
19/06/2017  18:51            50.030 chartsCYTR.3
19/06/2017  18:53            52.111 chartsDCTH.3
               2 archivos        102.141 bytes
 
     Total de archivos en la lista:
              14 archivos      1.910.115 bytes
               8 dirs  924.271.263.744 bytes libres
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Error al borrar el registro DebugChannel. No se puede realizar la operación solicitada en un canal directo habilitado. Deshabilite primero el canal para poder realizar la operación.
Error al borrar el registro Microsoft-RMS-MSIPC/Debug. No se puede realizar la operación solicitada en un canal directo habilitado. Deshabilite primero el canal para poder realizar la operación.
Error al borrar el registro Microsoft-Windows-LiveId/Analytic. Acceso denegado.
Error al borrar el registro Microsoft-Windows-LiveId/Operational. Acceso denegado.
Error al borrar el registro Microsoft-Windows-USBVideo/Analytic. Un proveedor de datos WMI no reconoce como válido el nombre de instancia pasado.
 
========= End of CMD: =========
 
 
========= netsh winsock reset catalog =========
 
 
El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.
 
 
========= End of CMD: =========
 
 
========= netsh int ip reset C:\resettcpip.txt =========
 
Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.
 
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall reset =========
 
Aceptar
 
 
========= End of CMD: =========
 
 
========= netsh advfirewall set allprofiles state ON =========
 
Aceptar
 
 
========= End of CMD: =========
 
 
========= Bitsadmin /Reset /Allusers =========
 
 
BITSADMIN version 3.0
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
0 out of 0 jobs canceled.
 
========= End of CMD: =========
 
 
========= ipconfig /flushdns =========
 
 
Configuraci¢n IP de Windows
 
Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.
 
========= End of CMD: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-493700396-2643331240-3997325884-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 14:40:13 ====
 
- ADW cleaner log_
 
# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 15 12:54:35 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKU\S-1-5-21-493700396-2643331240-3997325884-1001\Software\ICSW1.23
Deleted: [Key] - HKCU\Software\ICSW1.23
Deleted: [Key] - HKU\S-1-5-21-493700396-2643331240-3997325884-1001\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-493700396-2643331240-3997325884-1001\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [1396 B] - [2017/8/15 12:53:50]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
 
 
JRT log:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by acer (Administrator) on 15/08/2017 at 15:00:29,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 0 
 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/08/2017 at 15:04:49,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,720 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:29 PM

Posted 15 August 2017 - 09:40 AM

Greetings.

Glad to hear the good report. No need to translate but thank you.

Please do this now.

===================================================

ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.
  • Download esetsmartinstaller_enu.exe and save it to your Desktop
  • Double click the icon
  • Check YES, I accept the Terms of Use
  • Click the Start button
  • Accept any security warnings from your browser
  • Click Advanced settings
  • Check the following items

Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology

  • Click Start
  • ESET will then download updates and begin scanning your computer
  • If no threats are found simply click Uninstall application on close and hit Finish
  • If threats are found click List of found threats
  • Click Export to text file
  • Save the file on your Desktop as ESET.txt
  • Click Back
  • Review the list of entries and if there are any you want to keep stop and copy/paste the ESET.txt report in your reply for my review
  • If you do not wish to keep any of the entries check Uninstall application on close and Delete quarantined files
  • Click Finish
  • Close the ESET Online Scanner window
  • Copy and paste the contents of ESET.txt in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • ESET log
  • Security Check log
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 NataliaPiecha

NataliaPiecha
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 15 August 2017 - 01:00 PM

Hi again!

 

Computer is running just fine, thanks.

 

C:\Users\acer\AppData\Local\Temp\HYDC0E9.tmp.1502800515\HTA\install.1502800515.zip a variant of Win32/FusionCore.K potentially unwanted application deleted
C:\Users\acer\AppData\Local\Temp\HYDC0E9.tmp.1502800515\HTA\3rdparty\FS.dll a variant of Win32/FusionCore.K potentially unwanted application cleaned by deleting
C:\Users\acer\Downloads\Team Viewer v8.0.17292 Corporate Edition Multi Language Including Patch {Uploaded} @IGI\Team Viewer v8.0.17292 Corporate Edition Multi Language Including Patch {Uploaded} @IGI.rar a variant of Generik.EPOGXWJ potentially unwanted application deleted
C:\Users\acer\Downloads\Team Viewer v8.0.17292 Corporate Edition Multi Language Including Patch {Uploaded} @IGI\Team Viewer v8.0.17292 Corporate Edition Multi Language Including Patch {Uploaded} @IGI\Patch.rar a variant of Generik.EPOGXWJ potentially unwanted application deleted
C:\Users\acer\Downloads\Team Viewer v8.0.17292 Corporate Edition Multi Language Including Patch {Uploaded} @IGI\Team Viewer v8.0.17292 Corporate Edition Multi Language Including Patch {Uploaded} @IGI\Patch\Patch.exe a variant of Generik.EPOGXWJ potentially unwanted application cleaned by deleting
C:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application cleaned by deleting
C:\Windows\SECOH-QAD.exe Win64/HackKMS.C potentially unsafe application cleaned by deleting
C:\Windows.old\Users\acer\AppData\Local\Temp\HYD110C.tmp.1480865433\HTA\install.1480865433.zip a variant of Win32/FusionCore.K potentially unwanted application deleted
C:\Windows.old\Users\acer\AppData\Local\Temp\HYD110C.tmp.1480865433\HTA\3rdparty\FS.dll a variant of Win32/FusionCore.K potentially unwanted application cleaned by deleting
 
 
 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avast Antivirus    
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 144  
 Java version 32-bit out of Date! 
 Adobe Flash Player 26.0.0.151  
 Google Chrome (60.0.3112.101) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Oracle Java javapath AvastSvc.exe -?- 
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,720 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:29 PM

Posted 15 August 2017 - 02:08 PM

That looks great. I think we are all set.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and we will now remove the tools used and logs created during our steps. Please do this.

===================================================

Delfix by Xplode

--------------------
  • Download Delfix and save it to your Desktop
  • Double click the icon
  • Place checkmarks in:

Remove disinfection tools
Create registry backup
Purge system restore

  • Click Run
===================================================

You may delete any additional programs or logs on your computer which were not automatically removed by Delfix. Simply delete the log files or desktop icons. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. ohmy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,720 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:04:29 PM

Posted 18 August 2017 - 12:37 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users