Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 10 Black Screen with cursor


  • This topic is locked This topic is locked
3 replies to this topic

#1 Nancy95

Nancy95

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:42 PM

Posted 22 September 2017 - 08:37 PM

Sorry if my English is a little broken.

 

I can't boot my PC, I get very different results with every try, sometimes I get a black screen where I can move the cursor, sometimes it's a gray screen where I can also move the cursor and sometimes I get the startup screen where I am supposed to introduce my password but that's as far as I can get, after I put my password it does nothing.

In the last few days I had a malware problem that I thought I had resolved, I’m not sure if this could be the problem.

I also have Windows 7 on this PC in another partition and it works flawlessly, Windows 10 is the only problem, I already ran the Startup repair and I also tried every Startup Setting but it did not helped.

I ran Farbar from the command prompt and this is what I got:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2017

Ran by SYSTEM on MININT-QTR4LCC (22-09-2017 18:13:34)
Running from h:\
Platform: Windows 10 Home Version 1703 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NI Device Monitor] => C:\Program Files (x86)\National Instruments\NI Device Monitor\DeviceMonitor.exe [151552 2015-06-12] (National Instruments Corporation)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
GroupPolicy: Restriction <==== ATTENTION
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
"NIPAL" => service could not be unlocked. <==== ATTENTION
 
S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [359856 2015-07-25] (Intel Corporation)
S2 LkCitadelServer; C:\WINDOWS\SysWOW64\lkcitdl.exe [695136 2014-08-07] (National Instruments, Inc.)
S2 lkClassAds; C:\WINDOWS\SysWOW64\lkads.exe [53544 2015-06-01] (National Instruments Corporation)
S2 lkTimeSync; C:\WINDOWS\SysWOW64\lktsrv.exe [63792 2015-06-01] (National Instruments Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S2 MSSQL$CITADEL; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.CITADEL\MSSQL\Binn\sqlservr.exe [43040096 2011-06-17] (Microsoft Corporation)
S2 MSSQL$WINCC; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.WINCC\MSSQL\Binn\sqlservr.exe [43129288 2012-06-29] (Microsoft Corporation)
S2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [84792 2015-06-12] (National Instruments Corporation)
S2 ni488enumsvc; C:\WINDOWS\SysWOW64\nipalsm.exe [19280 2014-06-05] (National Instruments Corporation)
S2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [57184 2015-06-03] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [80736 2015-06-03] (National Instruments Corporation)
S2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [571712 2015-06-02] (National Instruments Corporation)
S2 NICitadel5Service; C:\WINDOWS\SysWOW64\nicitdl5.exe [1316160 2015-06-11] (National Instruments Corporation)
S2 nidevldu; C:\WINDOWS\SysWOW64\nidevldu.exe [162672 2015-06-04] (National Instruments Corporation)
S2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [399152 2015-06-01] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 niLXIDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI-VISA\niLxiDiscovery.exe [375160 2015-06-12] (National Instruments Corporation)
S2 nimcdldu; C:\WINDOWS\SysWOW64\nipalsm.exe [19280 2014-06-05] (National Instruments Corporation)
S2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [320368 2014-06-06] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [177024 2015-06-12] (National Instruments Corporation)
S3 NIOPCServersKeySvcV2013; C:\Program Files (x86)\National Instruments\Shared\NI OPC Servers\V5\keysvc.exe [34816 2013-05-06] (Kepware Technologies)
S2 NIOPCServersLoggerV2013; C:\Program Files (x86)\National Instruments\Shared\NI OPC Servers\V5\server_eventlog.exe [143872 2013-05-06] (Kepware Technologies)
S2 NIOPCServersV2013; C:\Program Files (x86)\National Instruments\Shared\NI OPC Servers\V5\server_runtime.exe [257024 2013-05-06] (Kepware Technologies)
S2 nipxirmu; C:\WINDOWS\SysWOW64\nipxism.exe [21328 2015-05-26] (National Instruments Corporation)
S3 NiRioRpc; C:\WINDOWS\SysWOW64\NiRioRpc.exe [39232 2015-06-13] (National Instruments Corporation)
S2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [89928 2015-06-02] (National Instruments Corporation)
S2 NISystemWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [57168 2015-06-03] (National Instruments Corporation)
S2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [703304 2015-06-11] (National Instruments Corporation)
S2 nitsuu; C:\WINDOWS\SysWOW64\nipalsm.exe [19280 2014-06-05] (National Instruments Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S4 SQLAgent$CITADEL; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.CITADEL\MSSQL\Binn\SQLAGENT.EXE [370016 2011-06-17] (Microsoft Corporation)
S4 SQLAgent$WINCC; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.WINCC\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-29] (Microsoft Corporation)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [266848 2016-12-27] (Synaptics Incorporated)
S2 UA Local Discovery Server; C:\Program Files (x86)\OPC Foundation\UA\v1.1\GDS\Bin\Opc.Ua.DiscoveryServer.exe [122880 2011-08-25] (OPC Foundation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 dpmconv; C:\Windows\System32\drivers\dpmconv.sys [259584 2013-08-07] (Siemens AG)
S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-11-17] (DT Soft Ltd)
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2015-08-20] (Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2015-08-20] (Disc Soft Ltd)
S1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [60752 2016-09-01] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [205136 2016-09-01] (Paragon Software Group)
S2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15184 2016-09-01] (Paragon Software Group)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2017-09-11] ()
S3 lvalarmk; C:\Windows\System32\drivers\lvalarmk.sys [27528 2015-06-04] (National Instruments Corporation)
S2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-22] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-22] (Malwarebytes)
S0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-22] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-22] (Malwarebytes)
S3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
S0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [44880 2016-09-01] (Paragon Software Group)
S1 MpKsl4b4fcb1b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B2C8EA9-E0CD-4365-A20F-D566B9FE3CA5}\MpKsl4b4fcb1b.sys [44928 2017-09-21] ()
S3 ni1045k; C:\Windows\System32\drivers\ni1045kl.sys [12984 2015-03-31] (National Instruments Corporation)
S3 ni1065k; C:\Windows\System32\drivers\ni1065k.sys [30032 2015-06-12] (National Instruments Corporation)
S3 nicdcck; C:\Windows\System32\drivers\nicdcckl.sys [15192 2014-08-07] (National Instruments Corporation)
S3 nicdrk; C:\Windows\System32\drivers\nicdrkl.sys [15192 2014-08-07] (National Instruments Corporation)
S3 nicmrk; C:\Windows\System32\drivers\nicmrkl.sys [15208 2015-05-24] (National Instruments Corporation)
S3 nicondrk; C:\Windows\System32\drivers\nicondrkl.sys [15176 2015-05-24] (National Instruments Corporation)
S3 nicsrk; C:\Windows\System32\drivers\nicsrkl.sys [15176 2015-05-24] (National Instruments Corporation)
S3 nidimk; C:\Windows\System32\drivers\nidimkl.sys [15200 2014-09-18] (National Instruments Corporation)
S3 nidmxfk; C:\Windows\System32\drivers\nidmxfkl.sys [15176 2015-06-17] (National Instruments Corporation)
S3 nidsark; C:\Windows\System32\drivers\nidsarkl.sys [15184 2015-02-25] (National Instruments Corporation)
S3 nidwgk; C:\WINDOWS\system32\drivers\nidwgkl.sys [14176 2015-06-24] (National Instruments Corporation)
S3 niemrk; C:\Windows\System32\drivers\niemrkl.sys [15176 2015-05-24] (National Instruments Corporation)
S3 niesrk; C:\Windows\System32\drivers\niesrkl.sys [15176 2015-06-19] (National Instruments Corporation)
S3 NIEthernetDeviceEnumerator; C:\Windows\System32\drivers\niede.sys [38064 2012-01-12] (National Instruments Corporation)
S3 nifslk; C:\Windows\System32\drivers\nifslkl.sys [15192 2015-02-18] (National Instruments Corporation)
S3 nihorbrk; C:\Windows\System32\drivers\nihorbrkl.sys [15176 2015-05-24] (National Instruments Corporation)
S3 nihsdrk; C:\WINDOWS\system32\drivers\nihsdrkl.sys [15192 2015-06-14] (National Instruments Corporation)
S3 niimaqdxk; C:\Windows\System32\drivers\niimaqdxkl.sys [15160 2015-06-12] (National Instruments Corporation)
S3 nimcdfxk; C:\WINDOWS\system32\drivers\nimcdfxkl.sys [11976 2012-06-05] (National Instruments Corporation)
S2 nimdbgk; C:\Windows\System32\drivers\nimdbgkl.sys [15200 2015-02-05] (National Instruments Corporation)
S3 nimru2k; C:\Windows\System32\drivers\nimru2kl.sys [15200 2015-06-26] (National Instruments Corporation)
S3 nimsdrk; C:\Windows\System32\drivers\nimsdrkl.sys [15232 2015-06-17] (National Instruments Corporation)
S3 nimstsk; C:\Windows\System32\drivers\nimstskl.sys [15200 2015-06-04] (National Instruments Corporation)
S3 nimxdfk; C:\Windows\System32\drivers\nimxdfkl.sys [15184 2015-02-05] (National Instruments Corporation)
S3 nimxpk; C:\Windows\System32\drivers\nimxpkl.sys [15208 2015-06-04] (National Instruments Corporation)
S3 ninshsdk; C:\Windows\System32\drivers\ninshsdkl.sys [15200 2015-01-27] (National Instruments Corporation)
S3 niorbk; C:\WINDOWS\system32\drivers\niorbkl.sys [15184 2014-07-31] (National Instruments Corporation)
S3 nipalfwedl; C:\Windows\System32\drivers\nipalfwedl.sys [15232 2015-05-20] (National Instruments Corporation)
S0 NIPALK; C:\Windows\System32\drivers\nipalk.sys [777560 2015-05-20] (National Instruments Corporation)
S3 nipalusbedl; C:\Windows\System32\drivers\nipalusbedl.sys [15224 2015-05-20] (National Instruments Corporation)
S0 nipbcfk; C:\Windows\System32\drivers\nipbcfk.sys [19288 2014-02-28] (National Instruments Corporation)
S0 nipcibrd; C:\Windows\System32\drivers\nipcibrd.sys [107888 2015-06-11] (National Instruments Corporation)
S3 nipsdk; C:\WINDOWS\system32\drivers\nipsdkl.sys [15232 2015-06-11] (National Instruments Corporation)
S0 nipxibrc; C:\Windows\System32\drivers\nipxibrc.sys [72600 2015-06-12] (National Instruments Corporation)
S3 nipxifpk; C:\Windows\System32\drivers\nipxifpk.sys [37272 2015-05-26] (National Instruments Corporation)
S3 nipxigpk; C:\Windows\System32\drivers\nipxigpk.sys [23896 2015-05-26] (National Instruments Corporation)
S2 nipxirmk; C:\Windows\System32\drivers\nipxirmkl.sys [15184 2015-05-26] (National Instruments Corporation)
S3 niraptrk; C:\Windows\System32\drivers\niraptrkl.sys [15176 2015-05-24] (National Instruments Corporation)
S3 niscdk; C:\Windows\System32\drivers\niscdkl.sys [15216 2014-10-22] (National Instruments Corporation)
S0 nischifk; C:\Windows\System32\Drivers\nischifk.sys [66936 2015-03-02] (National Instruments Corporation)
S3 nisdigk; C:\Windows\System32\drivers\nisdigkl.sys [15192 2015-05-24] (National Instruments Corporation)
S3 nisftk; C:\Windows\System32\drivers\nisftkl.sys [15184 2015-01-27] (National Instruments Corporation)
S3 nisldk; C:\WINDOWS\system32\drivers\nisldkl.sys [11960 2015-06-26] (National Instruments Corporation)
S3 nispdk; C:\Windows\System32\drivers\nispdkl.sys [15216 2014-10-22] (National Instruments Corporation)
S3 nisrcdk; C:\WINDOWS\system32\drivers\nisrcdkl.sys [14168 2015-06-15] (National Instruments Corporation)
S3 nissrk; C:\Windows\System32\drivers\nissrkl.sys [15176 2015-06-19] (National Instruments Corporation)
S3 nistc2k; C:\Windows\System32\drivers\nistc2kl.sys [15152 2014-08-07] (National Instruments Corporation)
S3 nistc3rk; C:\Windows\System32\drivers\nistc3rkl.sys [15168 2015-02-25] (National Instruments Corporation)
S3 nistcrk; C:\Windows\System32\drivers\nistcrkl.sys [15200 2015-02-25] (National Instruments Corporation)
S2 nistreamk; C:\Windows\System32\drivers\nistreamkl.sys [24400 2015-05-27] (National Instruments Corporation)
S3 niswdk; C:\Windows\System32\drivers\niswdkl.sys [15176 2015-06-03] (National Instruments Corporation)
S3 niSynck; C:\Windows\System32\drivers\niSynckl.sys [15184 2015-06-18] (National Instruments Corporation)
S3 nitfurk; C:\Windows\System32\drivers\nitfurkl.sys [15216 2015-05-24] (National Instruments Corporation)
S3 nitiork; C:\Windows\System32\drivers\nitiorkl.sys [15200 2014-08-07] (National Instruments Corporation)
S3 nitsuk; C:\Windows\System32\drivers\nitsukl.sys [15192 2015-06-18] (National Instruments Corporation)
S3 niufurk; C:\Windows\System32\drivers\niufurkl.sys [15208 2015-05-24] (National Instruments Corporation)
S3 NiViPciK; C:\Windows\System32\drivers\NiViPciKl.sys [15200 2015-06-12] (National Instruments Corporation)
S2 NiViPxiK; C:\Windows\System32\drivers\NiViPxiKl.sys [15200 2015-06-12] (National Instruments Corporation)
S3 niwfrk; C:\Windows\System32\drivers\niwfrkl.sys [15176 2015-06-19] (National Instruments Corporation)
S3 nixfmrrk; C:\Windows\System32\drivers\nixfmrrkl.sys [15184 2015-05-24] (National Instruments Corporation)
S3 nixsrk; C:\Windows\System32\drivers\nixsrkl.sys [15176 2015-05-24] (National Instruments Corporation)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [6804480 2017-05-03] (Realtek Semiconductor Corporation )
S3 s7odpx2x64; C:\Windows\System32\drivers\s7odpx2x64.sys [71168 2012-12-19] (SIEMENS AG)
S3 s7oppinx64; C:\Windows\System32\drivers\s7oppinx64.sys [107520 2012-07-24] (SIEMENS AG)
S3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121856 2012-07-24] (SIEMENS AG)
S3 s7osmcax64; C:\Windows\System32\drivers\s7osmcax64.sys [199680 2012-07-24] (SIEMENS AG)
S3 s7osobux64; C:\Windows\System32\drivers\s7osobux64.sys [153600 2012-07-24] (SIEMENS AG)
S3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2012-07-24] (SIEMENS AG)
S3 s7otranx64; C:\Windows\System32\drivers\s7otranx64.sys [260608 2013-12-02] (Siemens AG)
S3 s7otsadx64; C:\Windows\System32\drivers\s7otsadx64.sys [196096 2012-07-24] (SIEMENS AG)
S2 s7ousbu64x; C:\Windows\System32\drivers\s7ousbu64x.sys [137216 2013-12-17] (Siemens AG)
S3 SaiK0CCB; C:\Windows\System32\drivers\SaiK0CCB.sys [171016 2010-04-22] (Saitek)
S3 SaiU0CCB; C:\Windows\System32\drivers\SaiU0CCB.sys [41096 2010-04-22] (Saitek)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-12] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-12] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (QUALCOMM Incorporated)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135824 2016-08-16] (Oracle Corporation)
S3 vsnl2ada; C:\Windows\System32\drivers\vsnl2ada.sys [128000 2013-08-07] (SIEMENS AG)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-08-06] (Hewlett-Packard Development Company, L.P.)
S3 MBAMFarflt; \SystemRoot\system32\DRIVERS\farflt.sys [X]
S5 NIPAL;  <==== ATTENTION: Locked Service
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-22 18:13 - 2017-09-22 18:13 - 000000000 ____D C:\FRST
2017-09-22 11:09 - 2017-09-22 11:09 - 000003296 ____N C:\bootsqm.dat
2017-09-21 11:06 - 2017-09-21 11:06 - 000000165 ____H C:\Users\Nancy\Desktop\~$Lista de Partes.xlsx
2017-09-13 22:32 - 2017-09-13 22:32 - 000917624 _____ C:\Users\Nancy\Desktop\Naturaleza de la ética profesional.pdf
2017-09-12 14:54 - 2017-09-04 20:25 - 001448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-12 14:54 - 2017-09-04 20:16 - 000563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-12 14:54 - 2017-09-04 20:15 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-12 14:54 - 2017-09-04 20:13 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-12 14:54 - 2017-09-04 20:06 - 000221696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-09-12 14:53 - 2017-09-04 21:12 - 001292880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-09-12 14:53 - 2017-09-04 21:12 - 000081176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2017-09-12 14:53 - 2017-09-04 20:50 - 004330920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2017-09-12 14:53 - 2017-09-04 20:45 - 002166808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-12 14:53 - 2017-09-04 20:45 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-12 14:53 - 2017-09-04 20:44 - 000569264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-09-12 14:53 - 2017-09-04 20:43 - 000042456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-12 14:53 - 2017-09-04 20:42 - 000703056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-09-12 14:53 - 2017-09-04 20:42 - 000291904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2017-09-12 14:53 - 2017-09-04 20:42 - 000182688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-09-12 14:53 - 2017-09-04 20:41 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-12 14:53 - 2017-09-04 20:41 - 006761560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-12 14:53 - 2017-09-04 20:41 - 001013912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2017-09-12 14:53 - 2017-09-04 20:26 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-09-12 14:53 - 2017-09-04 20:26 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-12 14:53 - 2017-09-04 20:25 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-12 14:53 - 2017-09-04 20:25 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2017-09-12 14:53 - 2017-09-04 20:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-12 14:53 - 2017-09-04 20:22 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-12 14:53 - 2017-09-04 20:21 - 006728704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-09-12 14:53 - 2017-09-04 20:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-12 14:53 - 2017-09-04 20:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-12 14:53 - 2017-09-04 20:19 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-09-12 14:53 - 2017-09-04 20:19 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-12 14:53 - 2017-09-04 20:19 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-12 14:53 - 2017-09-04 20:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-09-12 14:53 - 2017-09-04 20:18 - 000524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-09-12 14:53 - 2017-09-04 20:18 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-12 14:53 - 2017-09-04 20:18 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2017-09-12 14:53 - 2017-09-04 20:18 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-12 14:53 - 2017-09-04 20:18 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-09-12 14:53 - 2017-09-04 20:18 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2017-09-12 14:53 - 2017-09-04 20:17 - 000918528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2017-09-12 14:53 - 2017-09-04 20:17 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2017-09-12 14:53 - 2017-09-04 20:17 - 000586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-12 14:53 - 2017-09-04 20:17 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-12 14:53 - 2017-09-04 20:16 - 000844288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2017-09-12 14:53 - 2017-09-04 20:16 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-12 14:53 - 2017-09-04 20:16 - 000257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-09-12 14:53 - 2017-09-04 20:15 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-12 14:53 - 2017-09-04 20:15 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-12 14:53 - 2017-09-04 20:15 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-12 14:53 - 2017-09-04 20:14 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-12 14:53 - 2017-09-04 20:14 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-09-12 14:53 - 2017-09-04 20:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-12 14:53 - 2017-09-04 20:13 - 002009600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-12 14:53 - 2017-09-04 20:13 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-09-12 14:53 - 2017-09-04 20:12 - 006265856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-12 14:53 - 2017-09-04 20:12 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-12 14:53 - 2017-09-04 20:12 - 000899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-09-12 14:53 - 2017-09-04 20:11 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-12 14:53 - 2017-09-04 20:11 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-12 14:53 - 2017-09-04 20:11 - 001355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-12 14:53 - 2017-09-04 20:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-12 14:53 - 2017-09-04 20:11 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-09-12 14:53 - 2017-09-04 20:11 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-12 14:53 - 2017-09-04 20:10 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-12 14:53 - 2017-09-04 20:10 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-12 14:53 - 2017-09-04 20:06 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-12 14:53 - 2017-09-04 20:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-09-12 14:53 - 2017-09-04 20:04 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-09-12 14:52 - 2017-09-04 21:12 - 001409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-09-12 14:52 - 2017-09-04 21:12 - 000627080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-12 14:52 - 2017-09-04 20:53 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-12 14:52 - 2017-09-04 20:53 - 001620880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-12 14:52 - 2017-09-04 20:52 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-12 14:52 - 2017-09-04 20:46 - 004471888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-09-12 14:52 - 2017-09-04 20:45 - 005821496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-12 14:52 - 2017-09-04 20:45 - 002476712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-09-12 14:52 - 2017-09-04 20:45 - 000085784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialUIBroker.exe
2017-09-12 14:52 - 2017-09-04 20:43 - 000611096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-12 14:52 - 2017-09-04 20:43 - 000359560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-12 14:52 - 2017-09-04 20:43 - 000280480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-12 14:52 - 2017-09-04 20:43 - 000169376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-12 14:52 - 2017-09-04 20:42 - 002330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-09-12 14:52 - 2017-09-04 20:42 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-09-12 14:52 - 2017-09-04 20:41 - 004671832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-09-12 14:52 - 2017-09-04 20:41 - 001106904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-09-12 14:52 - 2017-09-04 20:40 - 000052768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-12 14:52 - 2017-09-04 20:37 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-12 14:52 - 2017-09-04 20:25 - 013844480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-09-12 14:52 - 2017-09-04 20:24 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-12 14:52 - 2017-09-04 20:23 - 020509184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-12 14:52 - 2017-09-04 20:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-12 14:52 - 2017-09-04 20:21 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2017-09-12 14:52 - 2017-09-04 20:20 - 000370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-09-12 14:52 - 2017-09-04 20:19 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-12 14:52 - 2017-09-04 20:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-12 14:52 - 2017-09-04 20:19 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-12 14:52 - 2017-09-04 20:18 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-12 14:52 - 2017-09-04 20:16 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-12 14:52 - 2017-09-04 20:16 - 000357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-09-12 14:52 - 2017-09-04 20:15 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-12 14:52 - 2017-09-04 20:15 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-12 14:52 - 2017-09-04 20:15 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-12 14:52 - 2017-09-04 20:14 - 011887104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-12 14:52 - 2017-09-04 20:12 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-12 14:52 - 2017-09-04 20:11 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-12 14:52 - 2017-09-04 20:10 - 000761344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-09-12 14:43 - 2017-09-04 20:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbser.sys
2017-09-12 14:43 - 2017-09-04 20:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2017-09-12 14:43 - 2017-09-04 20:21 - 001178624 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Vpn.dll
2017-09-12 14:43 - 2017-09-04 20:12 - 002153984 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2017-09-12 14:42 - 2017-09-04 21:31 - 000115792 _____ (Microsoft Corporation) C:\Windows\System32\win32u.dll
2017-09-12 14:42 - 2017-09-04 21:18 - 000820128 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2017-09-12 14:42 - 2017-09-04 21:15 - 000871448 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2017-09-12 14:42 - 2017-09-04 21:14 - 007907344 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2017-09-12 14:42 - 2017-09-04 21:11 - 000610720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2017-09-12 14:42 - 2017-09-04 20:31 - 003668992 _____ (Microsoft Corporation) C:\Windows\System32\win32kfull.sys
2017-09-12 14:42 - 2017-09-04 20:30 - 001639936 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2017-09-12 14:42 - 2017-09-04 20:30 - 000447488 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2017-09-12 14:42 - 2017-09-04 20:30 - 000089088 _____ (Microsoft Corporation) C:\Windows\System32\winsrvext.dll
2017-09-12 14:42 - 2017-09-04 20:27 - 000133632 _____ (Microsoft Corporation) C:\Windows\System32\CfgSPCellular.dll
2017-09-12 14:42 - 2017-09-04 20:27 - 000131584 _____ (Microsoft Corporation) C:\Windows\System32\EnterpriseAPNCsp.dll
2017-09-12 14:42 - 2017-09-04 20:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2017-09-12 14:42 - 2017-09-04 20:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2017-09-12 14:42 - 2017-09-04 20:26 - 000156160 _____ (Microsoft Corporation) C:\Windows\System32\csplte.dll
2017-09-12 14:42 - 2017-09-04 20:26 - 000113152 _____ (Microsoft Corporation) C:\Windows\System32\wuuhosdeployment.dll
2017-09-12 14:42 - 2017-09-04 20:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2017-09-12 14:42 - 2017-09-04 20:22 - 000742912 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2017-09-12 14:42 - 2017-09-04 20:22 - 000327168 _____ (Microsoft Corporation) C:\Windows\System32\WinBioDataModel.dll
2017-09-12 14:42 - 2017-09-04 20:20 - 000229888 _____ (Microsoft Corporation) C:\Windows\System32\SIHClient.exe
2017-09-12 14:42 - 2017-09-04 20:19 - 001260544 _____ (Microsoft Corporation) C:\Windows\System32\GamePanel.exe
2017-09-12 14:42 - 2017-09-04 20:18 - 000803328 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2017-09-12 14:42 - 2017-09-04 20:17 - 001397760 _____ (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2017-09-12 14:42 - 2017-09-04 20:15 - 002055680 _____ (Microsoft Corporation) C:\Windows\System32\win32kbase.sys
2017-09-12 14:42 - 2017-09-04 20:15 - 000706560 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2017-09-12 14:42 - 2017-09-04 20:14 - 005557760 _____ (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2017-09-12 14:42 - 2017-09-04 20:14 - 002445824 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2017-09-12 14:42 - 2017-09-04 20:14 - 000986624 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2017-09-12 14:42 - 2017-09-04 20:13 - 000407040 _____ (Microsoft Corporation) C:\Windows\System32\wuuhext.dll
2017-09-12 14:41 - 2017-09-04 21:31 - 001346112 _____ (Microsoft Corporation) C:\Windows\System32\user32.dll
2017-09-12 14:41 - 2017-09-04 21:23 - 004462120 _____ (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2017-09-12 14:41 - 2017-09-04 21:18 - 000685512 _____ (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2017-09-12 14:41 - 2017-09-04 21:16 - 000715168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2017-09-12 14:41 - 2017-09-04 21:16 - 000546208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2017-09-12 14:41 - 2017-09-04 21:16 - 000228256 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2017-09-12 14:41 - 2017-09-04 21:16 - 000049720 _____ (Microsoft Corporation) C:\Windows\System32\tbs.dll
2017-09-12 14:41 - 2017-09-04 21:14 - 021352656 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2017-09-12 14:41 - 2017-09-04 21:14 - 000958664 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2017-09-12 14:41 - 2017-09-04 21:13 - 001619816 _____ (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2017-09-12 14:41 - 2017-09-04 21:11 - 002675104 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2017-09-12 14:41 - 2017-09-04 20:30 - 000584192 _____ (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll
2017-09-12 14:41 - 2017-09-04 20:30 - 000077824 _____ (Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
2017-09-12 14:41 - 2017-09-04 20:27 - 007931392 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2017-09-12 14:41 - 2017-09-04 20:27 - 000104960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\UcmCx.sys
2017-09-12 14:41 - 2017-09-04 20:26 - 000499712 _____ (Microsoft Corporation) C:\Windows\System32\nltest.exe
2017-09-12 14:41 - 2017-09-04 20:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\TpmTasks.dll
2017-09-12 14:41 - 2017-09-04 20:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nsiproxy.sys
2017-09-12 14:41 - 2017-09-04 20:24 - 000385536 _____ (Microsoft Corporation) C:\Windows\System32\tpmvsc.dll
2017-09-12 14:41 - 2017-09-04 20:24 - 000182272 _____ (Microsoft Corporation) C:\Windows\System32\ngcrecovery.dll
2017-09-12 14:41 - 2017-09-04 20:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\System32\PhoneProviders.dll
2017-09-12 14:41 - 2017-09-04 20:23 - 000107008 _____ (Microsoft Corporation) C:\Windows\System32\ngcpopkeysrv.dll
2017-09-12 14:41 - 2017-09-04 20:22 - 000640512 _____ (Microsoft Corporation) C:\Windows\System32\ngccredprov.dll
2017-09-12 14:41 - 2017-09-04 20:22 - 000556032 _____ (Microsoft Corporation) C:\Windows\System32\TpmCoreProvisioning.dll
2017-09-12 14:41 - 2017-09-04 20:22 - 000527360 _____ (Microsoft Corporation) C:\Windows\System32\aadcloudap.dll
2017-09-12 14:41 - 2017-09-04 20:22 - 000458752 _____ (Microsoft Corporation) C:\Windows\System32\NgcCtnr.dll
2017-09-12 14:41 - 2017-09-04 20:21 - 000773120 _____ (Microsoft Corporation) C:\Windows\System32\PhoneService.dll
2017-09-12 14:41 - 2017-09-04 20:21 - 000691712 _____ (Microsoft Corporation) C:\Windows\System32\tdh.dll
2017-09-12 14:41 - 2017-09-04 20:21 - 000408576 _____ (Microsoft Corporation) C:\Windows\System32\cryptngc.dll
2017-09-12 14:41 - 2017-09-04 20:21 - 000312320 _____ (Microsoft Corporation) C:\Windows\System32\Phoneutil.dll
2017-09-12 14:41 - 2017-09-04 20:20 - 001878016 _____ (Microsoft Corporation) C:\Windows\System32\AzureSettingSyncProvider.dll
2017-09-12 14:41 - 2017-09-04 20:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\System32\netlogon.dll
2017-09-12 14:41 - 2017-09-04 20:19 - 000243712 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2017-09-12 14:41 - 2017-09-04 20:18 - 004175872 _____ (Microsoft Corporation) C:\Windows\System32\StartTileData.dll
2017-09-12 14:41 - 2017-09-04 20:18 - 000922112 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2017-09-12 14:41 - 2017-09-04 20:18 - 000564736 _____ (Microsoft Corporation) C:\Windows\System32\dsreg.dll
2017-09-12 14:41 - 2017-09-04 20:18 - 000491520 _____ (Microsoft Corporation) C:\Windows\System32\NgcCtnrSvc.dll
2017-09-12 14:41 - 2017-09-04 20:17 - 008213504 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2017-09-12 14:41 - 2017-09-04 20:17 - 008207872 _____ (Microsoft Corporation) C:\Windows\System32\Chakra.dll
2017-09-12 14:41 - 2017-09-04 20:15 - 004730368 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2017-09-12 14:41 - 2017-09-04 20:15 - 003059200 _____ (Microsoft Corporation) C:\Windows\System32\NetworkMobileSettings.dll
2017-09-12 14:41 - 2017-09-04 20:15 - 002503680 _____ (Microsoft Corporation) C:\Windows\System32\twinui.pcshell.dll
2017-09-12 14:41 - 2017-09-04 20:15 - 001293824 _____ (Microsoft Corporation) C:\Windows\System32\aadtb.dll
2017-09-12 14:41 - 2017-09-04 20:15 - 001077248 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2017-09-12 14:41 - 2017-09-04 20:14 - 002516480 _____ (Microsoft Corporation) C:\Windows\System32\diagtrack.dll
2017-09-12 14:41 - 2017-09-04 20:14 - 001046016 _____ (Microsoft Corporation) C:\Windows\System32\ngcsvc.dll
2017-09-12 14:41 - 2017-09-04 20:11 - 000254976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2017-09-12 14:41 - 2017-09-04 20:09 - 000268288 _____ (Microsoft Corporation) C:\Windows\System32\wisp.dll
2017-09-12 14:41 - 2017-09-04 20:07 - 000061952 _____ (Microsoft Corporation) C:\Windows\System32\vss_ps.dll
2017-09-12 14:41 - 2017-08-31 21:55 - 000031932 _____ C:\Windows\System32\edgehtmlpluginpolicy.bin
2017-09-12 14:40 - 2017-09-04 21:26 - 008319904 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2017-09-12 14:40 - 2017-09-04 21:26 - 001930840 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2017-09-12 14:40 - 2017-09-04 21:25 - 000159648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2017-09-12 14:40 - 2017-09-04 21:24 - 000519584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2017-09-12 14:40 - 2017-09-04 21:23 - 001242528 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2017-09-12 14:40 - 2017-09-04 21:18 - 005477096 _____ (Microsoft Corporation) C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
2017-09-12 14:40 - 2017-09-04 21:18 - 001668344 _____ (Microsoft Corporation) C:\Windows\System32\propsys.dll
2017-09-12 14:40 - 2017-09-04 21:16 - 001320344 _____ (Microsoft Corporation) C:\Windows\System32\wpx.dll
2017-09-12 14:40 - 2017-09-04 21:14 - 000094624 _____ (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2017-09-12 14:40 - 2017-09-04 20:29 - 000037376 _____ (Microsoft Corporation) C:\Windows\System32\SEMgrPS.dll
2017-09-12 14:40 - 2017-09-04 20:26 - 000064000 _____ (Microsoft Corporation) C:\Windows\System32\ntprint.exe
2017-09-12 14:40 - 2017-09-04 20:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\System32\wpnpinst.exe
2017-09-12 14:40 - 2017-09-04 20:24 - 000353280 _____ (Microsoft Corporation) C:\Windows\System32\ntprint.dll
2017-09-12 14:40 - 2017-09-04 20:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\System32\authz.dll
2017-09-12 14:40 - 2017-09-04 20:23 - 000305152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netbt.sys
2017-09-12 14:40 - 2017-09-04 20:23 - 000128512 _____ (Microsoft Corporation) C:\Windows\System32\rasman.dll
2017-09-12 14:40 - 2017-09-04 20:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\System32\rasplap.dll
2017-09-12 14:40 - 2017-09-04 20:22 - 000413184 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2017-09-12 14:40 - 2017-09-04 20:22 - 000329728 _____ (Microsoft Corporation) C:\Windows\System32\RasMediaManager.dll
2017-09-12 14:40 - 2017-09-04 20:22 - 000173568 _____ (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2017-09-12 14:40 - 2017-09-04 20:22 - 000165888 _____ (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2017-09-12 14:40 - 2017-09-04 20:21 - 001051136 _____ (Microsoft Corporation) C:\Windows\System32\nettrace.dll
2017-09-12 14:40 - 2017-09-04 20:21 - 000946688 _____ (Microsoft Corporation) C:\Windows\System32\rasgcw.dll
2017-09-12 14:40 - 2017-09-04 20:20 - 000925696 _____ (Microsoft Corporation) C:\Windows\System32\WpcWebFilter.dll
2017-09-12 14:40 - 2017-09-04 20:20 - 000546816 _____ (Microsoft Corporation) C:\Windows\System32\winspool.drv
2017-09-12 14:40 - 2017-09-04 20:19 - 001028608 _____ (Microsoft Corporation) C:\Windows\System32\modernexecserver.dll
2017-09-12 14:40 - 2017-09-04 20:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2017-09-12 14:40 - 2017-09-04 20:18 - 000921600 _____ (Microsoft Corporation) C:\Windows\System32\rasdlg.dll
2017-09-12 14:40 - 2017-09-04 20:18 - 000874496 _____ (Microsoft Corporation) C:\Windows\System32\rasmans.dll
2017-09-12 14:40 - 2017-09-04 20:18 - 000832000 _____ (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
2017-09-12 14:40 - 2017-09-04 20:17 - 002765824 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-12 14:40 - 2017-09-04 20:17 - 000757760 _____ (Microsoft Corporation) C:\Windows\System32\spoolsv.exe
2017-09-12 14:40 - 2017-09-04 20:16 - 000397312 _____ (Microsoft Corporation) C:\Windows\System32\rascustom.dll
2017-09-12 14:40 - 2017-09-04 20:15 - 001143296 _____ (Microsoft Corporation) C:\Windows\System32\localspl.dll
2017-09-12 14:40 - 2017-09-04 20:14 - 001657344 _____ (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2017-09-12 14:40 - 2017-09-04 20:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2017-09-12 14:40 - 2017-09-04 20:07 - 000201728 _____ (Microsoft Corporation) C:\Windows\System32\RstrtMgr.dll
2017-09-12 14:40 - 2017-09-04 20:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\System32\offreg.dll
2017-09-12 14:39 - 2017-09-04 21:27 - 002399728 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2017-09-12 14:39 - 2017-09-04 21:27 - 000136096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2017-09-12 14:39 - 2017-09-04 21:19 - 002443168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2017-09-12 14:39 - 2017-09-04 21:18 - 007326128 _____ (Microsoft Corporation) C:\Windows\System32\windows.storage.dll
2017-09-12 14:39 - 2017-09-04 21:18 - 002647224 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2017-09-12 14:39 - 2017-09-04 21:14 - 004708504 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2017-09-12 14:39 - 2017-09-04 21:14 - 001146176 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2017-09-12 14:39 - 2017-09-04 21:14 - 000254176 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2017-09-12 14:39 - 2017-09-04 21:11 - 000387936 _____ (Microsoft Corporation) C:\Windows\System32\wmpps.dll
2017-09-12 14:39 - 2017-09-04 20:45 - 023679488 _____ (Microsoft Corporation) C:\Windows\System32\edgehtml.dll
2017-09-12 14:39 - 2017-09-04 20:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\System32\odbcconf.dll
2017-09-12 14:39 - 2017-09-04 20:26 - 000124928 _____ (Microsoft Corporation) C:\Windows\System32\httpprxm.dll
2017-09-12 14:39 - 2017-09-04 20:26 - 000084992 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2017-09-12 14:39 - 2017-09-04 20:24 - 000457728 _____ (Microsoft Corporation) C:\Windows\System32\webplatstorageserver.dll
2017-09-12 14:39 - 2017-09-04 20:24 - 000096256 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2017-09-12 14:39 - 2017-09-04 20:23 - 000433664 _____ (Microsoft Corporation) C:\Windows\System32\msIso.dll
2017-09-12 14:39 - 2017-09-04 20:23 - 000140288 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2017-09-12 14:39 - 2017-09-04 20:23 - 000138752 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2017-09-12 14:39 - 2017-09-04 20:22 - 023684608 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2017-09-12 14:39 - 2017-09-04 20:22 - 000388096 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2017-09-12 14:39 - 2017-09-04 20:22 - 000274944 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2017-09-12 14:39 - 2017-09-04 20:22 - 000225792 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2017-09-12 14:39 - 2017-09-04 20:20 - 000805888 _____ (Microsoft Corporation) C:\Windows\System32\ieproxy.dll
2017-09-12 14:39 - 2017-09-04 20:19 - 000996864 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2017-09-12 14:39 - 2017-09-04 20:18 - 012801536 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2017-09-12 14:39 - 2017-09-04 20:18 - 002078720 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2017-09-12 14:39 - 2017-09-04 20:18 - 000752640 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2017-09-12 14:39 - 2017-09-04 20:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2017-09-12 14:39 - 2017-09-04 20:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2017-09-12 14:39 - 2017-09-04 20:15 - 003307008 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2017-09-12 14:39 - 2017-09-04 20:15 - 001460224 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2017-09-12 14:39 - 2017-09-04 20:14 - 001583616 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2017-09-12 14:39 - 2017-09-04 20:14 - 000810496 _____ (Microsoft Corporation) C:\Windows\System32\rasapi32.dll
2017-09-12 14:39 - 2017-09-04 20:13 - 001802752 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2017-09-12 14:38 - 2017-09-04 21:31 - 001596592 _____ (Microsoft Corporation) C:\Windows\System32\gdi32full.dll
2017-09-12 14:38 - 2017-09-04 21:31 - 001147296 _____ (Microsoft Corporation) C:\Windows\System32\hvix64.exe
2017-09-12 14:38 - 2017-09-04 21:31 - 001024928 _____ (Microsoft Corporation) C:\Windows\System32\hvax64.exe
2017-09-12 14:38 - 2017-09-04 21:31 - 000821664 _____ (Microsoft Corporation) C:\Windows\System32\hvloader.exe
2017-09-12 14:38 - 2017-09-04 21:31 - 000750560 _____ (Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
2017-09-12 14:38 - 2017-09-04 21:25 - 002969880 _____ (Microsoft Corporation) C:\Windows\System32\CoreUIComponents.dll
2017-09-12 14:38 - 2017-09-04 21:24 - 000923040 _____ (Microsoft Corporation) C:\Windows\System32\CoreMessaging.dll
2017-09-12 14:38 - 2017-09-04 21:20 - 001057824 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2017-09-12 14:38 - 2017-09-04 21:19 - 004848960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-12 14:38 - 2017-09-04 21:18 - 002972552 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2017-09-12 14:38 - 2017-09-04 21:18 - 000212384 _____ (Microsoft Corporation) C:\Windows\System32\browserbroker.dll
2017-09-12 14:38 - 2017-09-04 21:17 - 000316320 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2017-09-12 14:38 - 2017-09-04 21:16 - 000872472 _____ (Microsoft Corporation) C:\Windows\System32\ClipSVC.dll
2017-09-12 14:38 - 2017-09-04 21:16 - 000724200 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2017-09-12 14:38 - 2017-09-04 21:16 - 000410168 _____ (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2017-09-12 14:38 - 2017-09-04 21:16 - 000182688 _____ (Microsoft Corporation) C:\Windows\System32\wermgr.exe
2017-09-12 14:38 - 2017-09-04 21:15 - 003116184 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2017-09-12 14:38 - 2017-09-04 21:15 - 000654976 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentClient.dll
2017-09-12 14:38 - 2017-09-04 21:15 - 000381824 _____ (Microsoft Corporation) C:\Windows\System32\wevtapi.dll
2017-09-12 14:38 - 2017-09-04 21:15 - 000257440 _____ (Microsoft Corporation) C:\Windows\System32\AppxAllUserStore.dll
2017-09-12 14:38 - 2017-09-04 21:13 - 000064680 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2017-09-12 14:38 - 2017-09-04 20:30 - 001275904 _____ (Microsoft Corporation) C:\Windows\System32\werconcpl.dll
2017-09-12 14:38 - 2017-09-04 20:30 - 000463360 _____ (Microsoft Corporation) C:\Windows\System32\werui.dll
2017-09-12 14:38 - 2017-09-04 20:30 - 000184320 _____ (Microsoft Corporation) C:\Windows\System32\DWWIN.EXE
2017-09-12 14:38 - 2017-09-04 20:30 - 000093184 _____ (Microsoft Corporation) C:\Windows\System32\wercplsupport.dll
2017-09-12 14:38 - 2017-09-04 20:28 - 017371136 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2017-09-12 14:38 - 2017-09-04 20:28 - 002199552 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.Resources.dll
2017-09-12 14:38 - 2017-09-04 20:27 - 000090112 _____ (Microsoft Corporation) C:\Windows\System32\datamarketsvc.dll
2017-09-12 14:38 - 2017-09-04 20:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\System32\srpapi.dll
2017-09-12 14:38 - 2017-09-04 20:25 - 000527872 _____ (Microsoft Corporation) C:\Windows\System32\daxexec.dll
2017-09-12 14:38 - 2017-09-04 20:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\System32\wc_storage.dll
2017-09-12 14:38 - 2017-09-04 20:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\System32\dinput.dll
2017-09-12 14:38 - 2017-09-04 20:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\System32\dab.dll
2017-09-12 14:38 - 2017-09-04 20:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\System32\bcdedit.exe
2017-09-12 14:38 - 2017-09-04 20:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\System32\dinput8.dll
2017-09-12 14:38 - 2017-09-04 20:21 - 000422400 _____ (Microsoft Corporation) C:\Windows\System32\WpAXHolder.dll
2017-09-12 14:38 - 2017-09-04 20:20 - 007337472 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2017-09-12 14:38 - 2017-09-04 20:20 - 000412160 _____ (Microsoft Corporation) C:\Windows\System32\ActivationManager.dll
2017-09-12 14:38 - 2017-09-04 20:20 - 000282112 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2017-09-12 14:38 - 2017-09-04 20:19 - 001085440 _____ (Microsoft Corporation) C:\Windows\System32\rpcss.dll
2017-09-12 14:38 - 2017-09-04 20:18 - 000864256 _____ (Microsoft Corporation) C:\Windows\System32\NotificationController.dll
2017-09-12 14:38 - 2017-09-04 20:18 - 000176640 _____ (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2017-09-12 14:38 - 2017-09-04 20:18 - 000056832 _____ (Microsoft Corporation) C:\Windows\System32\cldapi.dll
2017-09-12 14:38 - 2017-09-04 20:17 - 001886208 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.onecore.dll
2017-09-12 14:38 - 2017-09-04 20:16 - 002805248 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2017-09-12 14:38 - 2017-09-04 20:16 - 002680320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.CloudStore.dll
2017-09-12 14:38 - 2017-09-04 20:15 - 004396032 _____ (Microsoft Corporation) C:\Windows\System32\D3DCompiler_47.dll
2017-09-12 14:38 - 2017-09-04 20:15 - 001736704 _____ (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll
2017-09-12 14:38 - 2017-09-04 20:14 - 002177024 _____ (Microsoft Corporation) C:\Windows\System32\OpcServices.dll
2017-09-12 14:38 - 2017-09-04 20:14 - 002006528 _____ (Microsoft Corporation) C:\Windows\System32\LocationFramework.dll
2017-09-12 14:37 - 2017-09-04 21:30 - 000287648 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2017-09-12 14:37 - 2017-09-04 21:21 - 000189344 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2017-09-12 14:37 - 2017-09-04 20:28 - 000039424 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\buttonconverter.sys
2017-09-12 14:37 - 2017-09-04 20:26 - 000107008 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2017-09-12 14:37 - 2017-09-04 20:10 - 000431616 _____ (Microsoft Corporation) C:\Windows\System32\BthHFSrv.dll
2017-09-12 14:34 - 2014-05-24 16:36 - 000015360 _____ C:\Windows\System32\SppExtComObjHook.dll
2017-09-12 14:34 - 2014-05-24 16:36 - 000004608 _____ C:\Windows\System32\SppExtComObjPatcher.exe
2017-09-12 14:27 - 2017-09-12 14:49 - 000000000 ____D C:\Users\Nancy\Desktop\KMSAuto Net 2015 v1.3.8 Portable
2017-09-11 10:13 - 2017-09-12 14:21 - 000000000 ____D C:\Users\Nancy\Downloads\KMSpico 10.2.0 FINAL + Portable (Office and Windows 10 Activator) [TechTools]
2017-09-11 10:02 - 2017-09-11 10:02 - 000055232 _____ C:\Windows\System32\Drivers\hitmanpro37.sys
2017-09-11 10:01 - 2017-09-11 10:02 - 000000000 ____D C:\ProgramData\HitmanPro
2017-09-11 09:47 - 2017-09-11 09:49 - 011584088 _____ (SurfRight B.V.) C:\Users\Nancy\Downloads\hitmanpro_x64.exe
2017-09-11 09:39 - 2017-09-22 16:56 - 000094144 _____ (Malwarebytes) C:\Windows\System32\Drivers\mwac.sys
2017-09-11 09:39 - 2017-09-22 16:53 - 000253888 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2017-09-11 09:39 - 2017-09-22 16:53 - 000192960 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMChameleon.sys
2017-09-11 09:39 - 2017-09-22 16:53 - 000045472 _____ (Malwarebytes) C:\Windows\System32\Drivers\mbam.sys
2017-09-11 09:38 - 2017-09-11 09:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-11 09:38 - 2017-09-11 09:38 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-11 09:38 - 2017-08-24 10:27 - 000077440 _____ C:\Windows\System32\Drivers\mbae64.sys
2017-09-11 09:36 - 2017-09-11 09:38 - 066347240 _____ (Malwarebytes ) C:\Users\Nancy\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-11 09:27 - 2017-09-11 09:27 - 008182736 _____ (Malwarebytes) C:\Users\Nancy\Downloads\adwcleaner_7.0.2.1.exe
2017-09-11 09:25 - 2017-09-11 09:31 - 000000000 ____D C:\Users\Nancy\AppData\Roaming\{30565A08-4DF4-CEF8-834D-D866E23C06A4}
2017-09-11 08:17 - 2017-09-20 13:49 - 000000000 ____D C:\Users\Nancy\Desktop\Planos
2017-09-09 10:50 - 2017-09-20 14:04 - 000019552 _____ C:\Users\Nancy\Desktop\Lista de Partes.xlsx
2017-09-09 10:06 - 2017-09-09 10:06 - 000025607 _____ C:\Users\Nancy\Desktop\Numeros de parte 2 (Autoguardado).xlsx
2017-09-09 10:05 - 2017-09-09 10:49 - 000018937 _____ C:\Users\Nancy\Desktop\Partes (Autoguardado).xlsx
2017-09-09 09:20 - 2017-09-09 09:29 - 000015819 _____ C:\Users\Nancy\Desktop\Partes.xlsx
2017-09-09 09:20 - 2017-09-09 09:20 - 000000165 ____H C:\Users\Nancy\Desktop\~$Partes.xlsx
2017-09-09 08:30 - 2017-09-09 08:30 - 000026051 _____ C:\Users\Nancy\Desktop\Numeros de parte.xlsx
2017-09-09 08:30 - 2017-09-09 08:30 - 000026051 _____ C:\Users\Nancy\Desktop\Numeros de parte 2.xlsx
2017-09-09 08:30 - 2017-09-09 08:30 - 000000165 ____H C:\Users\Nancy\Desktop\~$Numeros de parte 2.xlsx
2017-09-09 08:18 - 2017-09-09 08:18 - 000026149 _____ C:\Users\Nancy\Desktop\Numeros de parte(Recuperado automáticamente).xlsx
2017-09-08 21:48 - 2017-09-08 21:48 - 000354018 _____ C:\Users\Nancy\Desktop\primer-avance-proyecto.pdf
2017-09-08 21:31 - 2017-09-08 21:31 - 000723837 _____ C:\Users\Nancy\Downloads\1er-Avance-Proyecto-Final-I.Ambiental.pdf
2017-09-07 19:30 - 2017-09-19 07:49 - 000000000 ____D C:\Users\Nancy\Desktop\Simulaciones
2017-09-05 22:53 - 2017-09-06 00:20 - 000449800 _____ C:\Users\Nancy\Desktop\Simulacion 2.vi
2017-09-05 17:15 - 2017-09-05 17:15 - 000000000 ____D C:\Users\Nancy\Downloads\IngnrAmbntl.JRM_FL
2017-09-05 08:12 - 2017-09-05 08:12 - 000000165 ____H C:\Users\Nancy\Desktop\~$Numeros-de-parteRecuperado-automáticamente.xlsx
2017-09-04 23:23 - 2017-09-04 23:29 - 198039769 _____ C:\Users\Nancy\Downloads\1.7 El Consumo Humano-National Geographic Documental (1).mp4
2017-09-04 15:58 - 2017-09-04 16:02 - 012371941 _____ C:\Users\Nancy\Downloads\IngnrAmbntl.JRM_FL.zip
2017-09-04 12:51 - 2017-09-04 12:51 - 000019651 _____ C:\Users\Nancy\Desktop\Numeros-de-parteRecuperado-automáticamente.xlsx
2017-09-04 10:34 - 2017-09-04 10:34 - 000199960 _____ C:\Users\Nancy\Downloads\PLANTILLA2017AMERICANGRINDER (1).slddrt
2017-09-01 12:50 - 2017-09-01 12:50 - 000207330 _____ C:\Users\Nancy\Desktop\1.4 Estabilidad de los ecosistemas.pdf
2017-09-01 09:42 - 2017-09-04 12:51 - 000000000 ____D C:\Users\Nancy\Desktop\USB Angel
2017-08-30 22:08 - 2017-08-30 22:08 - 000199960 _____ C:\Users\Nancy\Downloads\PLANTILLA2017AMERICANGRINDER.slddrt
2017-08-30 21:25 - 2017-08-30 21:25 - 000016628 _____ C:\Users\Nancy\Documents\Libro1.xlsx
2017-08-30 20:33 - 2017-09-07 22:20 - 000417006 _____ C:\Users\Nancy\Desktop\Simulacion.vi
2017-08-30 18:35 - 2017-08-30 18:36 - 000000739 _____ C:\Users\Nancy\Downloads\1D738C00B5219343E6FB8354FBEBF215.ics
2017-08-29 12:28 - 2017-09-20 13:45 - 000000000 _____ C:\Users\Nancy\AppData\Local\Temptable.xml
2017-08-29 12:23 - 2017-08-29 12:23 - 000197423 _____ C:\Users\Nancy\Desktop\PLANTILLA2017AMERICANGRINDER.slddrt
2017-08-29 12:10 - 2017-08-29 12:10 - 000000000 ____D C:\Users\Nancy\Desktop\ProModel 7.5 + Serial
2017-08-27 17:27 - 2017-08-27 17:27 - 000000000 ____D C:\Users\Nancy\AppData\Local\DBG
2017-08-25 15:16 - 2017-08-30 22:02 - 000410022 _____ C:\Users\Nancy\Desktop\Untitled 1.vi
2017-08-24 19:39 - 2017-08-24 19:39 - 000000000 ____D C:\Users\Nancy\Desktop\videos proyectos
2017-08-24 19:38 - 2017-08-24 19:52 - 000000000 ____D C:\Users\Nancy\Downloads\MICROSOFT Office PRO Plus 2016 v16.0.4266.1003 RTM + Activator [TechTools.NET]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-09-22 16:47 - 2017-08-15 20:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-22 10:15 - 2017-08-15 20:11 - 000000000 ____D C:\Windows\System32\SleepStudy
2017-09-21 10:54 - 2017-03-18 13:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-21 10:54 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\AppReadiness
2017-09-21 10:43 - 2017-02-15 20:15 - 000000000 ____D C:\Users\Nancy\AppData\Local\Spotify
2017-09-21 10:43 - 2017-02-15 20:14 - 000000000 ____D C:\Users\Nancy\AppData\Roaming\Spotify
2017-09-21 10:42 - 2017-08-15 20:16 - 000000180 _____ C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-21 10:42 - 2017-02-14 06:03 - 000000000 __SHD C:\Users\Nancy\IntelGraphicsProfiles
2017-09-20 09:08 - 2017-04-25 22:46 - 000000000 ____D C:\Users\Nancy\AppData\Local\Adobe
2017-09-19 11:53 - 2017-08-15 20:18 - 000000000 ____D C:\users\Nancy
2017-09-19 07:48 - 2017-08-15 20:52 - 001284122 _____ C:\Windows\System32\PerfStringBackup.INI
2017-09-16 07:43 - 2017-03-18 13:01 - 000000000 ____D C:\Windows\INF
2017-09-15 07:40 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\rescache
2017-09-13 11:31 - 2017-02-14 06:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 11:23 - 2017-08-15 20:10 - 001377448 _____ C:\Windows\System32\FNTCACHE.DAT
2017-09-12 16:07 - 2017-03-18 03:40 - 000786432 _____ C:\Windows\System32\config\BBI
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\System32\F12
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\System32\WinBioPlugIns
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\System32\setup
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\ShellExperiences
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-12 16:04 - 2017-03-18 13:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-12 15:40 - 2017-02-16 19:44 - 000000000 ____D C:\Windows\System32\MRT
2017-09-12 15:35 - 2017-02-16 19:44 - 138202976 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2017-09-12 15:34 - 2017-03-18 12:51 - 000000000 ____D C:\Windows\CbsTemp
2017-09-12 14:59 - 2017-02-14 12:31 - 000000000 ____D C:\Users\Nancy\AppData\Local\MSfree Inc
2017-09-12 14:17 - 2017-08-15 20:18 - 000000000 ____D C:\users\defaultuser0
2017-09-11 10:47 - 2017-03-25 15:29 - 000000000 ____D C:\Users\Nancy\AppData\Roaming\uTorrent
2017-09-11 10:11 - 2017-06-13 16:05 - 000000000 ____D C:\Users\Nancy\AppData\LocalLow\uTorrent
2017-09-11 09:30 - 2017-04-12 21:16 - 000000000 ____D C:\AdwCleaner
2017-09-09 07:45 - 2017-02-14 06:07 - 000000000 ___RD C:\Users\Nancy\OneDrive
2017-09-09 07:44 - 2017-08-15 20:56 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3442511569-955862795-198578230-1001
2017-09-08 21:34 - 2017-02-14 06:03 - 000000000 ____D C:\Users\Nancy\AppData\Local\Packages
2017-09-08 12:45 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\System32\NDF
2017-09-07 15:01 - 2017-08-15 14:17 - 000000000 ____D C:\Users\Nancy\Downloads\Ingenieria-Ambiental
2017-09-02 07:15 - 2017-03-18 13:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 07:15 - 2017-03-18 13:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-27 18:24 - 2017-08-15 20:57 - 000000000 ____D C:\Windows.old
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe
[2017-09-12 14:42] - [2017-09-04 20:15] - 000706560 _____ (Microsoft Corporation) 9CDA170849A4F66F4D68B3DBB3AC8394
 
C:\Windows\System32\wininit.exe
[2017-08-15 20:53] - [2017-08-15 20:53] - 000318232 _____ (Microsoft Corporation) 0242626678C83AE788C655C1990A3CC3
 
C:\Windows\explorer.exe
[2017-09-12 14:38] - [2017-09-04 21:19] - 004848960 _____ (Microsoft Corporation) 3AF6D6F752EDE013ED15DFD2D44F8EF9
 
C:\Windows\SysWOW64\explorer.exe
[2017-09-12 14:52] - [2017-09-04 20:46] - 004471888 _____ (Microsoft Corporation) 176EF3831ADD9AC33662B6D0CACBA74A
 
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2017-08-15 20:53] - [2017-08-15 20:53] - 000527976 _____ (Microsoft Corporation) C81F9707DEA008EED4071B5A39B7C76E
 
C:\Windows\System32\User32.dll
[2017-09-12 14:41] - [2017-09-04 21:31] - 001346112 _____ (Microsoft Corporation) 3570C1E0CD0CE833242FAFCCA1E75312
 
C:\Windows\SysWOW64\User32.dll
[2017-09-12 14:53] - [2017-09-04 21:12] - 001292880 _____ (Microsoft Corporation) 23D5AD415D0A8F845574EC9812898866
 
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2017-09-12 14:38] - [2017-09-04 20:19] - 001085440 _____ (Microsoft Corporation) AA7F1C36F5BC779964CFA4F98D224D9F
 
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2017-03-18 12:57] - [2017-03-18 12:57] - 000397216 _____ (Microsoft Corporation) E3429DBBEA3965BB96E24B16EF4A2551
 
 
==================== Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 34%
Total physical RAM: 4027.84 MB
Available physical RAM: 2631.71 MB
Total Virtual: 4027.84 MB
Available Virtual: 2662.55 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:391.11 GB) (Free:233.16 GB) NTFS
Drive d: () (Fixed) (Total:50 GB) (Free:20.26 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:21.19 GB) (Free:2.12 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: () (Fixed) (Total:1.72 GB) (Free:1.02 GB) NTFS
Drive h: (NANCY) (Removable) (Total:3.73 GB) (Free:3.71 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9C15E053)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 4B87E7B3)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
 
LastRegBack: 2017-09-19 22:35
 
==================== End of FRST.txt ============================


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:42 PM

Posted 27 September 2017 - 02:45 PM

Greetings Nancy95 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

There is evidence of illegal software on your computer. You will need to be willing to remove those items if we are able to get your computer to boot properly. Let me know if you will be willing to do that.

Have you tried to boot into Safe Mode?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:42 PM

Posted 30 September 2017 - 04:10 PM

Greetings,

===================================================

Do You Still Need Help?

It has been 3 days since my last post.
  • Do you still need help with this?
  • If you have not replied within 48 hours I will assume you have abandoned the Topic and it will be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:11:42 PM

Posted 03 October 2017 - 03:38 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users