Laptop Dell Inspiron 3520 Muy Lenta

Buenas a [email protected], a pesar de la situación que estamos viviendo a nivel global, espero todos se encuentren muy bien.

Mi caso es el siguiente, tengo una Laptop Dell Inspiron 3520 (procesador Intel core i3), 4GB de RAM, sistema operativo Windows 10 de 64 bit y desde hace unos meses ha estado bajando su rendimiento, hasta el punto que tarda demasiado en iniciar, así como que los programas, carpetas y navegadores no responden en ocasiones. He realizado la limpieza de los archivos temporales desde Ejecutar e introduciendo el comando %temp%, además de hacer limpieza con Ccleaner (limpieza fácil y limpieza de registro) y he comprobado el nivel de fragmentación del disco duro el cual es de 0%, por lo que les agradecería mucho si me pueden ayudar a poder normalizar en lo posible el rendimiento de mi equipo.

Saludos y gracias de antemano por su apoyo,

Buenas @Cthulhu Bienvenido al Foro.!!!

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

Buenas tardes Javier, muchas gracias por tu soporte técnico y disculpa la demora en la respuesta, acá anexo los reportes solicitados:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 22/4/20
Hora del análisis: 11:47
Archivo de registro: a0e9946a-84b0-11ea-89fa-e0db5591a25d.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.875
Versión del paquete de actualización: 1.0.22770
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
Sistema de archivos: NTFS
Usuario: PERSONAL-PC\Hector

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 403655
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 3 min, 28 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.Amazon1Button, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}, En cuarentena, 3197, 493347, 1.0.22770, , ame, 

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-22-2020
# Duration: 00:00:13
# OS:       Windows 10 Home
# Cleaned:  31
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKLM\Software\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted       HKLM\Software\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.CyberLinkLabelPrint   Folder   C:\Program Files (x86)\CYBERLINK\LABELPRINT
Deleted       Preinstalled.CyberLinkLabelPrint   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted       Preinstalled.CyberLinkLabelPrint   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Deleted       Preinstalled.CyberLinkShellExtension   Registry   HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted       Preinstalled.DellDigitalDelivery   Folder   C:\Program Files (x86)\DELL DIGITAL DELIVERY
Deleted       Preinstalled.DellQuickset   Folder   C:\Program Files\DELL\QUICKSET
Deleted       Preinstalled.DellQuickset   Folder   C:\ProgramData\DELL\QUICKSET
Deleted       Preinstalled.DellQuickset   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Deleted       Preinstalled.DellQuickset   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Deleted       Preinstalled.DellQuickset   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Deleted       Preinstalled.DellSupportCenter   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL SUPPORT CENTER
Deleted       Preinstalled.HPCleanFLC   File   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted       Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|RemoteControl10
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|RemoteControl10
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted       Preinstalled.LenovoPowerDVD   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9379B8AE-104B-44E1-8CC8-7674339CE5A6}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0DA1E64-464D-4752-88A9-3B415B37157C}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9379B8AE-104B-44E1-8CC8-7674339CE5A6}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0DA1E64-464D-4752-88A9-3B415B37157C}
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncher
Deleted       Preinstalled.LenovoThinkVantageToolbox   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1835 octets] - [10/06/2018 14:34:44]
AdwCleaner[C00].txt - [1891 octets] - [10/06/2018 14:35:36]
AdwCleaner[S01].txt - [1374 octets] - [10/06/2018 14:58:49]
AdwCleaner[C01].txt - [1540 octets] - [10/06/2018 15:00:30]
AdwCleaner[S02].txt - [1236 octets] - [17/06/2018 18:56:01]
AdwCleaner[S03].txt - [1543 octets] - [10/08/2018 19:22:34]
AdwCleaner[C03].txt - [1729 octets] - [10/08/2018 19:24:00]
AdwCleaner[S04].txt - [2193 octets] - [09/02/2019 15:13:55]
AdwCleaner[C04].txt - [1892 octets] - [09/02/2019 15:16:46]
AdwCleaner[S05].txt - [6144 octets] - [18/04/2020 20:05:50]
AdwCleaner[S06].txt - [6063 octets] - [22/04/2020 13:06:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C06].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.4 (07.09.2017)

Operating System: Windows 10 Home x64

Ran by Cthulhu (Administrator) on 25/04/2020 at 14:17:32,58

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 25/04/2020 at 14:23:06,78

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.1.4 (07.09.2017)

Operating System: Windows 10 Home x64

Ran by Cthulhu (Administrator) on 25/04/2020 at 14:17:32,58

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 25/04/2020 at 14:23:06,78

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2020

Ran by Cthulhu (25-04-2020 14:27:41)

Running from C:\Users\Cthulhu\Desktop

Windows 10 Home Version 1909 18363.778 (X64) (2019-12-19 03:17:28)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4110660986-1783647836-3085671652-500 - Administrator - Disabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-4110660986-1783647836-3085671652-503 - Limited - Disabled)

Guest (S-1-5-21-4110660986-1783647836-3085671652-501 - Limited - Disabled)

Cthulhu (S-1-5-21-4110660986-1783647836-3085671652-1001 - Administrator - Enabled) => C:\Users\Cthulhu

HomeGroupUser$ (S-1-5-21-4110660986-1783647836-3085671652-1005 - Limited - Enabled)

WDAGUtilityAccount (S-1-5-21-4110660986-1783647836-3085671652-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe)

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 5.5.3 - philandro Software GmbH)

Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 81.1.7.98 - Brave Software Inc)

CCleaner (HKLM\...\CCleaner) (Version: - )

Cirrus Logic Audio Panel (HKLM\...\{327AD405-F05D-4AB9-81DB-CA6964C5D7C8}) (Version: 1.2.10.0 - Cirrus Logic) Hidden

CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)

Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)

Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)

Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)

Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)

DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.2.6032.39 - PC-Doctor, Inc.) Hidden

Eines de correcció del Microsoft Office 2016: català (HKLM-x32\...\{90160000-001F-0403-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM-x32\...\{90160000-001F-0456-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.122 - Google LLC)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden

Herramientas de corrección de Microsoft Office 2016: español (HKLM-x32\...\{90160000-001F-0C0A-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)

LeapdroidVM (HKLM-x32\...\LeapdroidVM) (Version: - LeapdroidVM)

Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)

Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden

Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)

Nox APP Player (HKLM-x32\...\Nox) (Version: 6.6.0.2 - Duodian Technology Co. Ltd.)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)

Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM-x32\...\{90160000-001F-0416-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

SoulseekQt versión 2018.11.16 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2018.11.16 - Soulseek LLC)

TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)

Update for Skype for Business 2016 (KB3141501) 32-Bit Edition (HKLM-x32\...\{90160000-0011-0000-0000-0000000FF1CE}_Office16.PROPLUS_{BB900FF1-9060-429A-835F-63F7F3B99541}) (Version: - Microsoft)

Update for Skype for Business 2016 (KB3141501) 32-Bit Edition (HKLM-x32\...\{90160000-002A-0000-1000-0000000FF1CE}_Office16.PROPLUS_{BB900FF1-9060-429A-835F-63F7F3B99541}) (Version: - Microsoft)

Update for Skype for Business 2016 (KB3141501) 32-Bit Edition (HKLM-x32\...\{90160000-012B-0C0A-0000-0000000FF1CE}_Office16.PROPLUS_{BB900FF1-9060-429A-835F-63F7F3B99541}) (Version: - Microsoft)

VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)

Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)

Wondershare PDFelement 6 Pro(Build 6.8.8) (HKLM-x32\...\{B026557A-EF19-4812-8A79-B30F94AA0A78}_is1) (Version: 6.8.8.4159 - Wondershare Software Co.,Ltd.)

Packages:

=========

Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-21] (Amazon.com)

Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32 [2020-04-09] (king.com)

Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.35.2.0_x86__kgqvnymyfvs32 [2020-04-18] (king.com)

Complemento de motor multimedia para Fotos -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-21] (Microsoft Corporation)

Dell | Getting Started with Windows 8 -> C:\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2 [2019-01-02] (Dell Inc)

Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2019-12-19] (Dell Inc)

eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2019-12-18] (eBay, Inc)

Gardenscapes -> C:\Program Files\WindowsApps\PLRWorldwideSales.Gardenscapes-NewAcres_3.9.1.0_x64__1feq88045d2v2 [2020-02-09] (Playrix)

Homescapes -> C:\Program Files\WindowsApps\PLRWorldwideSales.Homescapes_3.5.3.0_x64__1feq88045d2v2 [2020-04-03] (Playrix)

Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2019-12-18] (AMZN Mobile LLC)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-31] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-31] (Microsoft Corporation) [MS Ad]

Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Studios) [MS Ad]

Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.15.3873.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation)

MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]

MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]

MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]

MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

MSN Salud -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-10] (Netflix, Inc.)

WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_0.4.2089.0_x64__cv1g1gvanyjgm [2020-04-24] (WhatsApp Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File

ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File

ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2012-07-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-19] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-19] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Cthulhu\Desktop\Eli (Elimar) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

ShortcutWithArgument: C:\Users\Cthulhu\Desktop\Héctor - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"

ShortcutWithArgument: C:\Users\Cthulhu\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Eli - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2020-03-26 11:59 - 2020-03-26 11:59 - 000016384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\b258f3a912b2ab65d190d9af72612507\PSIClient.ni.dll

2020-03-26 11:59 - 2020-03-26 11:59 - 000019968 _____ (Intel Corp.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\37b5aaeb10fd9228268ebdaf9e50f048\IAStorCommon.ni.dll

2012-12-22 07:04 - 2012-07-09 15:46 - 000497664 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll

2012-12-22 07:04 - 2012-07-09 15:46 - 000269312 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\PsiData.dll

2020-03-26 11:58 - 2020-03-26 11:58 - 000075264 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMgr\914493ef8917eaee716cdf7f8e454f5f\IAStorDataMgr.ni.dll

2020-03-26 11:58 - 2020-03-26 11:58 - 000379392 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\43f67ef555ece558e6dc0ed7f7924161\IAStorUtil.ni.dll

2020-03-26 12:00 - 2020-03-26 12:00 - 001114624 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorViewModel\64df0edb61f5f6c992c9214a0edf3d60\IAStorViewModel.ni.dll

2020-03-26 11:58 - 2020-03-26 11:58 - 003864576 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSI\51131607fa6bbbe7e204cf4b620291ca\PSI.ni.dll

2020-03-26 11:59 - 2020-03-26 11:59 - 000643584 _____ (Intel Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PsiData\f0e3eccac8fe0040668d1c4095530758\PsiData.ni.dll

2020-03-26 11:59 - 2020-03-26 11:59 - 000027136 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\ff3573061fe4d099c3ddb48a34b0d4d1\IAStorDataMgrSvcInterfaces.ni.dll

2012-07-31 21:10 - 2012-07-31 21:10 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll

2012-07-31 21:10 - 2012-07-31 21:10 - 000202368 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll

2012-07-31 21:10 - 2012-07-31 21:10 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll

2012-07-31 21:11 - 2012-07-31 21:11 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll

2012-07-31 21:11 - 2012-07-31 21:11 - 000098944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll

2019-06-09 21:16 - 2017-10-19 10:17 - 000271360 _____ (Wondershare Software) [File not signed] C:\WINDOWS\System32\WSPDFelementMonitor.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2019-03-27 09:19 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-10-03 22:23 - 2020-02-18 19:28 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\Control Panel\Desktop\\Wallpaper ->

DNS Servers: Media is not connected to internet.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{07AE1463-6D83-4A77-AD04-ED701C2327F0}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

FirewallRules: [{F12A5140-C793-4C10-A39E-D9D9B9A56CE9}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]

FirewallRules: [{114900D6-2592-4EE9-8721-99618CAC47EC}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]

FirewallRules: [{5C49EA35-C897-4E91-98E5-1869ECC84036}] => (Allow) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Win7Ui.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]

FirewallRules: [{79DC2C93-D5BD-4FF9-BAD2-43A18EB18477}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)

FirewallRules: [{9ED58A04-7C7F-49C2-8C2D-3F91C29B4C0F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)

FirewallRules: [{36A4A82C-627E-4002-90D6-74DC000A0154}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)

FirewallRules: [{44D5F45C-8A36-4F13-88EE-4C4AFB10746E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{77613905-72E3-4A76-9610-8BF74BCEE68A}] => (Allow) LPort=2869

FirewallRules: [{6FB2455B-F92A-4C7E-9858-7FEC5EB2522D}] => (Allow) LPort=1900

FirewallRules: [{E9D6465A-2F38-4B38-9BE4-CC622408E16D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{61C818B3-1A37-4469-A92D-2974A17FF51E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{4D120860-2590-49C2-B85A-BF47CF6EE890}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, Inc. -> McAfee, Inc.)

FirewallRules: [{7F6AB3A6-66A3-4752-9C92-E9689AA24D88}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{1D6C8230-88CC-4749-8FB0-C9ADA764DE9C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{8E4462BF-119C-46D9-876F-1593F160A194}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{FE6175E3-10B1-4F27-BA5D-2EBAA909F65B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{879A2B73-9CF3-4865-BF9A-390EAAB4A15A}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

FirewallRules: [UDP Query User{45D82F4E-293F-4F11-847A-0E0DC531DB06}C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

FirewallRules: [TCP Query User{7514B444-59C0-4353-9FFB-A55790378A13}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]

FirewallRules: [UDP Query User{D724AC75-3CB4-42E9-ACF2-1CCA01374FCD}C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\dell wireless\bluetooth suite\bttray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]

FirewallRules: [TCP Query User{07B34879-BEDA-467F-B1E4-6529854FD34D}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]

FirewallRules: [UDP Query User{EBBD5C0D-5725-43C7-A906-FECD90C246EE}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]

FirewallRules: [{C94BCBD5-1A8A-48FE-A244-A7F80D0AFA8C}] => (Allow) %systemroot%\system32\alg.exe No File

FirewallRules: [{B2F077E2-D8C8-4A6D-8CF1-4D33C2D89D20}] => (Allow) %systemroot%\system32\alg.exe No File

FirewallRules: [{ECF0B8E3-194A-42E6-A2F3-62F0E58F68B1}] => (Allow) %systemroot%\system32\alg.exe No File

FirewallRules: [{4CC741A9-22BA-4BAC-8ED9-39F406029325}] => (Allow) %systemroot%\system32\alg.exe No File

FirewallRules: [{8C801EA1-77D9-4954-8D76-DB617F2CD655}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)

FirewallRules: [{23ACF497-4027-4C3E-A4C1-0D93AC73EBDF}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)

FirewallRules: [{3E14A971-6414-4D5B-A5F7-9598813AE05E}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)

FirewallRules: [{A8A341D3-3511-4B9D-A25C-714DABEEAD8C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{7BB41AA3-E785-4D5F-BF83-F24B2A7E971C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{CE9459C3-3EA2-42B5-89B4-78194AE43E37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{116801A9-09AB-4A73-9357-EB1E62579E72}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [TCP Query User{197037D8-4846-4351-A933-409C5429AE17}C:\program files\leapdroid\vm\leapdroidvm.exe] => (Allow) C:\program files\leapdroid\vm\leapdroidvm.exe (Leapdroid Inc -> Leapdroid Inc.)

FirewallRules: [UDP Query User{E72C1AD2-5A64-4C86-8DFD-5F0B5F5D2468}C:\program files\leapdroid\vm\leapdroidvm.exe] => (Allow) C:\program files\leapdroid\vm\leapdroidvm.exe (Leapdroid Inc -> Leapdroid Inc.)

FirewallRules: [{AF3E1250-1204-4E37-A970-A41D14A8DBF2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{33F7E240-4CBE-41B6-BFDD-C0B889EFAE05}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{79DDE7AC-457A-43DF-9930-514241E31DFF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{CCBF32DB-1928-48F3-A280-1C0B55F81C47}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{3E91A79B-27AA-4A64-8B55-ED2EB51CDEB6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{A28FFF5C-325D-44C4-B132-DA89E5B108B2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{B3C68DF9-0CC9-4302-84CB-96FD13F2569B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Restore Points =========================

17-04-2020 17:29:06 Windows Update

22-04-2020 13:10:05 AdwCleaner_BeforeCleaning_22/04/2020_13:10:01

22-04-2020 14:04:44 JRT Pre-Junkware Removal

22-04-2020 14:11:46 JRT Pre-Junkware Removal

25-04-2020 14:17:34 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (04/25/2020 02:23:53 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (2288,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/25/2020 02:14:23 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (3252,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/25/2020 02:09:29 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.18362.1, time stamp: 0xceb8cbe1

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000409

Fault offset: 0x0000000000000204

Faulting process id: 0x1dd4

Faulting application start time: 0x01d61b2ca696d6bc

Faulting application path: C:\Windows\System32\MicrosoftEdgeCP.exe

Faulting module path: unknown

Report Id: 870d1337-5ca9-453c-a14f-22c5a01d2f04

Faulting package full name: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe

Faulting package-relative application ID: MicrosoftEdge

Error: (04/25/2020 02:06:09 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (4360,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/25/2020 01:38:08 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: bubblewitch3.exe, version: 0.0.0.0, time stamp: 0x5e8c948f

Faulting module name: LIBEAY32.dll, version: 0.0.0.0, time stamp: 0x5ad496d3

Exception code: 0xc0000005

Fault offset: 0x0001a24c

Faulting process id: 0x2234

Faulting application start time: 0x01d61b2817fa1cbe

Faulting application path: C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32\bubblewitch3.exe

Faulting module path: C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32\LIBEAY32.dll

Report Id: 69c5708e-1f3a-4418-983c-8cae7d520978

Faulting package full name: king.com.BubbleWitch3Saga_6.8.5.0_x86__kgqvnymyfvs32

Faulting package-relative application ID: App

Error: (04/25/2020 01:00:28 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (10516,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/25/2020 12:59:59 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.752, time stamp: 0x83754cea

Faulting module name: ChainAPO64.dll, version: 1.0.0.3, time stamp: 0x4f1a1b87

Exception code: 0xc0000005

Fault offset: 0x0000000000007dd5

Faulting process id: 0x390

Faulting application start time: 0x01d61b1a5a30c18f

Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE

Faulting module path: C:\WINDOWS\system32\ChainAPO64.dll

Report Id: 3a48cbc1-90f0-4e4c-bc4b-f98cf278bb8c

Faulting package full name:

Faulting package-relative application ID:

Error: (04/25/2020 12:53:31 PM) (Source: ESENT) (EventID: 455) (User: )

Description: svchost (10476,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:

=============

Error: (04/25/2020 11:55:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: The server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} did not register with DCOM within the required timeout.

Error: (04/25/2020 11:31:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (04/25/2020 11:29:21 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (04/25/2020 12:27:58 AM) (Source: DCOM) (EventID: 10010) (User: PERSONAL-PC)

Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (04/24/2020 06:07:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Security Center service hung on starting.

Error: (04/24/2020 06:05:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Update Orchestrator Service service hung on starting.

Error: (04/24/2020 06:01:38 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Intel(R) Rapid Storage Technology service hung on starting.

Error: (04/24/2020 05:59:52 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Windows Defender:

===================================

Date: 2020-04-19 00:00:15.723

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: {692B0CDD-76C1-43D1-AE1D-B4F33BE8BF08}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2020-04-18 23:41:15.549

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: {A0AE88DA-63C3-4634-807B-F81A6F9BF36D}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2020-04-17 17:26:10.949

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: {5F08A506-03C6-4E70-8492-5717E820C22B}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2020-04-17 16:58:47.347

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: {B2633A50-9318-465F-A59A-68B04951E71F}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2020-04-13 23:22:38.827

Description:

Windows Defender Antivirus scan has been stopped before completion.

Scan ID: {CA34F139-0452-48B1-BECF-D9102C4185E3}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2020-04-24 18:18:26.185

Description:

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.313.2270.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.16900.4

Error code: 0x80070102

Error description: The wait operation timed out.

Date: 2020-04-16 14:46:46.332

Description:

Windows Defender Antivirus engine has been terminated due to an unexpected error.

Failure Type: Crash

Exception code: 0xc0000005

Resource: file:C:\Users\Cthulhu\Desktop\GRUPO AQUAVIP, C.A\01-2020\4ta semana\LIBRO DE VENTAS 27 ENE AL 02 FEB..pdf

Date: 2020-04-07 15:52:00.602

Description:

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.313.967.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.16900.4

Error code: 0x80240438

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-04-03 16:19:59.991

Description:

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.313.635.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.16900.4

Error code: 0x80240438

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2020-03-29 09:36:48.155

Description:

Windows Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.313.309.0

Update Source: Microsoft Update Server

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.16900.4

Error code: 0x80240438

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:

===================================

Date: 2020-04-25 11:57:52.386

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-04-24 18:07:32.565

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-04-24 18:06:16.044

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-24 17:59:19.127

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-04-24 17:59:18.488

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2020-04-24 17:57:53.600

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-24 17:57:14.278

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-24 17:57:13.628

Description:

Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. A04 09/28/2012

Motherboard: Dell Inc. 0G8TPV

Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz

Percentage of memory in use: 80%

Total physical RAM: 3959.09 MB

Available physical RAM: 786.54 MB

Total Virtual: 9438.75 MB

Available Virtual: 5352.01 MB

==================== Drives ================================

Drive c: (Disco Local) (Fixed) (Total:456.06 GB) (Free:288.94 GB) NTFS

\\?\Volume{3cd67439-0fc4-41ba-9165-4c8ca4abdc3f}\ (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS

\\?\Volume{1d80447a-31cc-40f8-9689-e60a97767f29}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS

\\?\Volume{81a48735-b437-43cd-b134-f6887d0df754}\ (PBR Image) (Fixed) (Total:8 GB) (Free:0.29 GB) NTFS

\\?\Volume{60944d99-be6e-4faf-805f-aee3931ece55}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 6DD8E8C1)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-04-2020

Ran by Cthulhu (administrator) on PERSONAL-PC (Dell Inc. Inspiron 3520) (25-04-2020 14:24:03)

Running from C:\Users\Cthulhu\Desktop

Loaded Profiles: Cthulhu (Available Profiles: Cthulhu & Administrator)

Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: English (United States)

Default browser: Edge

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Atheros) [File not signed] C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

(Cirrus Logic -> Andrea Electronics Corporation) C:\Windows\System32\AECLSr64.exe

(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\PEF\CORE\PEFService.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe

(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2013-07-08] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)

HKLM\...\Run: [Dell Audio] => c:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20591616 2012-08-06] () [File not signed]

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe [763520 2012-07-31] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]

HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [127616 2012-07-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation) [File not signed]

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory="Profile 1" --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switc (the data entry has 61 more characters).

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory="Profile 1" --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-swit (the data entry has 61 more characters).

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-23] (Google LLC -> Google LLC)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\81.1.7.98\Installer\chrmstp.exe [2020-04-21] (Brave Software, Inc.) [File not signed]

HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-07-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2012-07-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-04-13]

ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}

Task: {104D723D-973B-4221-8420-3D899316C62E} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION

Task: {11206DCC-630B-4981-A301-A6F07F42DCE8} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [6762544 2012-07-09] (Dell Inc. -> Dell, Inc.)

Task: {2A1E5C37-6244-4F42-959C-580FB6C1A068} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {2D700D68-C298-4936-9C5B-241D7C188313} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {30412761-4086-4296-9391-CA4AC11458D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {35094E30-DD69-4F6E-9B20-AFCA068CC9A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-18] (Google LLC -> Google LLC)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe

Task: {3900C49D-2656-40A8-8A5D-A00FB185CE04} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)

Task: {3C1A0831-C798-416F-999C-F6DFB63420BD} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION

Task: {4F9EF021-AFF8-47CE-ABAB-74A0801257BB} - \SystemToolsDailyTest -> No File <==== ATTENTION

Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

Task: {64FA975F-FF41-4988-9FF2-C46D9AD60D63} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\ProgramData\McAfee\MCLOGS\DynamicAppDownloader\1.4.111\DADUpdater.exe

Task: {68D3CC3A-65AA-40D5-B4B8-7F41AB5458C1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-14] (Adobe Inc. -> Adobe)

Task: {6B75AF94-F4A6-46EF-8BAE-29A463C714B3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Task: {74D7F80E-D925-4363-8DF5-8221D8E7548A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe

Task: {83F56707-5EDD-4915-A275-5BA4BE8A6C94} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-14] (Adobe Inc. -> Adobe)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}

Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}

Task: {AB2EC74E-7723-4994-989D-864196911A58} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Task: {AD8F221C-3CF9-4298-98BC-E95C32E006CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-18] (Google LLC -> Google LLC)

Task: {B1F3D86C-6094-4668-BC71-398219B270EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

Task: {B4CF2D1E-BC0A-4033-8BC1-34BE8F761730} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-18] (Mozilla Corporation -> Mozilla Foundation)

Task: {B71150BA-1F4C-4500-B50C-E7DA806C76E1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {C74E6A9B-44C0-4195-88B4-DFA109845084} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}

Task: {CD98B564-68D9-48D7-B5DA-A4141640BB43} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-14] (Adobe Inc. -> Adobe)

Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}

Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}

Task: {DFF2716A-9978-4791-98AE-2BF5C363692A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

Task: {E883575A-0749-41E9-AF13-527ABC84CC85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1

Tcpip\..\Interfaces\{9ca13351-bd49-43c5-9156-9f6bef69958b}: [DhcpNameServer] 200.44.32.12 200.109.78.12

Tcpip\..\Interfaces\{A82BF9CB-A088-43C0-96F9-C43301EB7A89}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Tcpip\..\Interfaces\{b907b466-2bab-4eb7-a859-d49e290de47d}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/

HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com

SearchScopes: HKU\S-1-5-21-4110660986-1783647836-3085671652-1001 -> DefaultScope {F771BF55-EE1E-4C9D-8B08-354E4F60067F} URL =

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-07-31] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2017-02-01] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-02-01] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-02-01] (Microsoft Corporation -> Microsoft Corporation)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

FireFox:

========

FF DefaultProfile: k6u3g4yu.default

FF ProfilePath: C:\Users\Cthulhu\AppData\Roaming\Mozilla\Firefox\Profiles\k6u3g4yu.default [2020-04-22]

FF Notifications: Mozilla\Firefox\Profiles\k6u3g4yu.default -> hxxps://www.facebook.com

FF Extension: (Hoxx VPN Proxy) - C:\Users\Cthulhu\AppData\Roaming\Mozilla\Firefox\Profiles\k6u3g4yu.default\Extensions\@hoxx-vpn.xpi [2020-03-03]

FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-14] (Adobe Inc. -> )

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-02-01] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)

FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)

FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:

=======

CHR DefaultProfile: Profile 1

CHR Profile: C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default [2020-04-22]

CHR Notifications: Default -> hxxps://forospyware.com; hxxps://www.youtube.com

CHR HomePage: Default -> hxxps://www.google.com.ve/

CHR StartupUrls: Default -> "hxxp://www.google.co.ve/"

CHR Extension: (Presentaciones) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-18]

CHR Extension: (Documentos) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-18]

CHR Extension: (Google Drive) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-18]

CHR Extension: (YouTube) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-18]

CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-18]

CHR Extension: (Adblock para Youtube™) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-04-18]

CHR Extension: (Adobe Acrobat) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-18]

CHR Extension: (hxxp://www.amazon.com/) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\eicbgcfajfmpllmbdfmnnpomnnedfbop [2020-04-22]

CHR Extension: (Hojas de cálculo) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-18]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-22]

CHR Extension: (Bloqueador de anuncios para Youtube ™) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2020-04-18]

CHR Extension: (Adblocker for YouTube™) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldkihpcibakajmpnggbjnehoifnnpebn [2020-04-18]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-18]

CHR Extension: (Gmail) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-18]

CHR Extension: (Chrome Media Router) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-18]

CHR Profile: C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-04-22]

CHR Profile: C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-04-25]

CHR Notifications: Profile 1 -> hxxps://www.instagram.com

CHR Extension: (Presentaciones) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-19]

CHR Extension: (Documentos) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-19]

CHR Extension: (Google Drive) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-19]

CHR Extension: (YouTube) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-19]

CHR Extension: (Adobe Acrobat) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-19]

CHR Extension: (Hojas de cálculo) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-19]

CHR Extension: (Documentos de Google sin conexión) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-20]

CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-22]

CHR Extension: (Bloqueador de anuncios para Youtube ™) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2020-04-19]

CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-19]

CHR Extension: (Gmail) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-19]

CHR Extension: (Chrome Media Router) - C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-19]

CHR Profile: C:\Users\Cthulhu\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-22]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AECLFilters; C:\WINDOWS\system32\AECLSr64.exe [99696 2012-08-05] (Cirrus Logic -> Andrea Electronics Corporation)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3189712 2020-04-13] (philandro Software GmbH -> philandro Software GmbH)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)

S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)

S2 CirrusAudioService; c:\Program Files\Cirrus Logic Audio Panel\Cirrvus.exe [7168 2012-08-06] (Cirrus Logic) [File not signed]

R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-19] (Malwarebytes Inc -> Malwarebytes)

R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1333064 2018-10-26] (McAfee, Inc. -> McAfee, Inc.)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-07-22] (Atheros) [File not signed]

S2 DellDigitalDelivery; "c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)

R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-06] (Microsoft Corporation) [File not signed]

R3 CirrusLFD; C:\WINDOWS\system32\DRIVERS\CSLFDx64.sys [41328 2012-08-05] (Cirrus Logic -> Cirrus Logic)

R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)

S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-05] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-19] (Malwarebytes Corporation -> Malwarebytes)

R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2020-04-19] (Leapdroid Inc -> Leapdroid Inc.)

R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-19] (Malwarebytes Inc -> Malwarebytes)

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-04-24] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-04-24] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-22] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [124560 2020-04-24] (Malwarebytes Inc -> Malwarebytes)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)

R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2020-04-14] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-25 14:23 - 2020-04-25 14:23 - 000000548 _____ C:\Users\Cthulhu\Desktop\JRT.txt

2020-04-25 14:18 - 2020-04-25 14:22 - 000000000 ____D C:\Users\Cthulhu\AppData\LocalLow\IGDump

2020-04-24 20:52 - 2020-04-25 13:35 - 000000297 _____ C:\Users\Cthulhu\d4ac4633ebd6440fa397b84f1bc94a3c.7z

2020-04-24 17:57 - 2020-04-24 17:57 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2020-04-24 17:57 - 2020-04-24 17:57 - 000124560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2020-04-24 17:57 - 2020-04-24 17:57 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2020-04-23 19:22 - 2020-04-23 19:22 - 000025231 _____ C:\Users\Cthulhu\Downloads\Formato Data Venemergencia 2020.xlsx

2020-04-23 17:25 - 2020-04-24 11:51 - 000000000 ____D C:\Users\Cthulhu\Desktop\2019

2020-04-23 16:07 - 2020-04-24 12:01 - 000141824 _____ C:\Users\Cthulhu\Desktop\USUARIOS DEPORTE y LOCTI 2020.xls

2020-04-23 14:15 - 2020-04-23 14:15 - 000029827 _____ C:\Users\Cthulhu\Downloads\Certificado iva 03-2020.pdf

2020-04-22 14:10 - 2020-04-25 14:26 - 000028280 _____ C:\Users\Cthulhu\Desktop\FRST.txt

2020-04-22 14:09 - 2020-04-22 14:09 - 002281984 _____ (Farbar) C:\Users\Cthulhu\Desktop\FRST64.exe

2020-04-22 14:02 - 2020-04-25 14:25 - 000000000 ____D C:\FRST

2020-04-22 13:17 - 2020-04-22 13:17 - 000006559 _____ C:\Users\Cthulhu\Desktop\AdwCleaner Reporte 22.04.2020.txt

2020-04-22 13:13 - 2020-04-22 13:13 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2020-04-22 11:54 - 2020-04-22 13:02 - 000001688 _____ C:\Users\Cthulhu\Desktop\Malwarebytes Reporte 22.04.txt

2020-04-22 11:08 - 2020-04-22 11:08 - 000001670 _____ C:\Users\Cthulhu\Desktop\cc_20200422_110821.reg

2020-04-22 10:50 - 2020-04-22 10:50 - 001790024 _____ (Malwarebytes) C:\Users\Cthulhu\Desktop\JRT.exe

2020-04-20 17:20 - 2020-04-20 17:20 - 000277341 _____ C:\Users\Cthulhu\Downloads\Coordenada Abraniel.pdf

2020-04-19 18:01 - 2020-04-19 18:01 - 000014033 _____ C:\Users\Cthulhu\Downloads\equipo.xlsx

2020-04-19 13:18 - 2020-04-19 13:18 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2020-04-19 13:18 - 2020-04-19 13:18 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2020-04-19 13:18 - 2020-04-19 13:18 - 000002032 _____ C:\ProgramData\Desktop\Malwarebytes.lnk

2020-04-19 13:18 - 2020-04-19 13:18 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\mbamtray

2020-04-19 13:18 - 2020-04-19 13:18 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\mbam

2020-04-19 13:18 - 2020-04-19 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2020-04-19 13:18 - 2020-04-19 13:17 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

2020-04-19 13:18 - 2020-04-19 13:17 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys

2020-04-19 13:17 - 2020-04-19 13:17 - 000000000 ____D C:\ProgramData\Malwarebytes

2020-04-19 12:56 - 2020-04-19 12:56 - 000000000 ____D C:\Program Files\Malwarebytes

2020-04-19 12:50 - 2020-04-19 12:50 - 001965536 _____ (Malwarebytes) C:\Users\Cthulhu\Desktop\MBSetup.exe

2020-04-19 12:49 - 2020-04-22 10:45 - 000000000 ____D C:\Users\Cthulhu\Downloads\Limpieza Laptop

2020-04-19 00:08 - 2020-04-19 00:20 - 000002491 _____ C:\Users\Cthulhu\Desktop\Eli (Elimar) - Chrome.lnk

2020-04-19 00:08 - 2020-04-19 00:08 - 000002447 _____ C:\Users\Cthulhu\Desktop\Héctor - Chrome.lnk

2020-04-19 00:06 - 2020-04-19 00:06 - 000001883 _____ C:\Users\Cthulhu\Desktop\Leapdroid VM2.lnk

2020-04-19 00:06 - 2020-04-19 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LeapdroidVM

2020-04-19 00:05 - 2020-04-19 00:05 - 000001883 _____ C:\Users\Cthulhu\Desktop\Leapdroid VM1.lnk

2020-04-19 00:04 - 2020-04-19 00:04 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\Leapdroid

2020-04-19 00:02 - 2020-04-24 22:47 - 000000000 ____D C:\Users\Cthulhu\Documents\Leapdroid

2020-04-19 00:02 - 2020-04-19 00:02 - 000000000 ____D C:\Users\Cthulhu\AppData\Roaming\yiwanzhushou

2020-04-19 00:01 - 2020-04-19 00:01 - 000000000 ____D C:\Program Files\Leapdroid

2020-04-19 00:00 - 2020-04-19 00:06 - 000000000 ____D C:\Users\Cthulhu\AppData\Roaming\Leapdroid

2020-04-18 23:32 - 2020-04-19 00:00 - 262535736 _____ (Leapdroid) C:\Users\Cthulhu\Downloads\leapdroid-11-0-0.exe

2020-04-18 19:59 - 2020-04-18 20:01 - 008196784 _____ (Malwarebytes) C:\Users\Cthulhu\Desktop\adwcleaner_8.0.4.exe

2020-04-18 19:50 - 2020-04-23 21:33 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2020-04-18 19:50 - 2020-04-23 21:33 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2020-04-18 19:50 - 2020-04-23 21:33 - 000002271 _____ C:\ProgramData\Desktop\Google Chrome.lnk

2020-04-18 19:20 - 2020-04-18 19:20 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA

2020-04-18 19:20 - 2020-04-18 19:20 - 000003434 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

2020-04-18 19:13 - 2020-04-18 19:13 - 000024344 _____ C:\Users\Cthulhu\Desktop\cc_20200418_191258.reg

2020-04-18 16:36 - 2020-04-18 16:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

2020-04-18 16:32 - 2020-04-19 12:32 - 000000000 ____D C:\Program Files\Mozilla Firefox

2020-04-18 15:09 - 2020-04-18 15:09 - 001295576 _____ (Google LLC) C:\Users\Cthulhu\Downloads\ChromeSetup(1).exe

2020-04-17 18:24 - 2020-04-17 18:24 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2020-04-17 18:24 - 2020-04-17 18:24 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll

2020-04-17 18:24 - 2020-04-17 18:24 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2020-04-17 18:24 - 2020-04-17 18:24 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2020-04-17 18:24 - 2020-04-17 18:24 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll

2020-04-17 18:24 - 2020-04-17 18:24 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe

2020-04-17 18:24 - 2020-04-17 18:24 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll

2020-04-17 18:24 - 2020-04-17 18:24 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe

2020-04-17 18:23 - 2020-04-17 18:23 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2020-04-17 18:23 - 2020-04-17 18:23 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2020-04-17 18:23 - 2020-04-17 18:23 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe

2020-04-17 18:23 - 2020-04-17 18:23 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl

2020-04-17 18:23 - 2020-04-17 18:23 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2020-04-17 18:23 - 2020-04-17 18:23 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe

2020-04-17 18:23 - 2020-04-17 18:23 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll

2020-04-17 18:23 - 2020-04-17 18:23 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll

2020-04-17 18:22 - 2020-04-17 18:23 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2020-04-17 18:22 - 2020-04-17 18:22 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2020-04-17 18:22 - 2020-04-17 18:22 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys

2020-04-17 18:22 - 2020-04-17 18:22 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys

2020-04-17 18:22 - 2020-04-17 18:22 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe

2020-04-17 18:22 - 2020-04-17 18:22 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin

2020-04-17 18:22 - 2020-04-17 18:22 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

2020-04-17 18:21 - 2020-04-17 18:22 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2020-04-17 18:21 - 2020-04-17 18:21 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys

2020-04-17 18:21 - 2020-04-17 18:21 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe

2020-04-17 18:21 - 2020-04-17 18:21 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll

2020-04-17 18:21 - 2020-04-17 18:21 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll

2020-04-17 18:20 - 2020-04-17 18:21 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2020-04-17 18:20 - 2020-04-17 18:20 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2020-04-17 18:20 - 2020-04-17 18:20 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2020-04-17 18:20 - 2020-04-17 18:20 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2020-04-17 18:20 - 2020-04-17 18:20 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2020-04-17 18:20 - 2020-04-17 18:20 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2020-04-17 18:20 - 2020-04-17 18:20 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2020-04-17 18:20 - 2020-04-17 18:20 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe

2020-04-17 18:20 - 2020-04-17 18:20 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll

2020-04-17 18:20 - 2020-04-17 18:20 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe

2020-04-17 18:19 - 2020-04-17 18:19 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2020-04-17 18:19 - 2020-04-17 18:19 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe

2020-04-17 18:19 - 2020-04-17 18:19 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe

2020-04-17 18:19 - 2020-04-17 18:19 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe

2020-04-17 18:19 - 2020-04-17 18:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe

2020-04-17 18:19 - 2020-04-17 18:19 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll

2020-04-17 18:19 - 2020-04-17 18:19 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys

2020-04-17 18:19 - 2020-04-17 18:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys

2020-04-17 17:34 - 2020-03-16 23:56 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

2020-04-17 17:33 - 2020-03-16 23:57 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

2020-04-15 22:36 - 2020-04-15 22:36 - 000013078 _____ C:\Users\Cthulhu\Downloads\images.jfif

2020-04-13 16:04 - 2020-04-13 16:04 - 000001985 _____ C:\Users\Public\Desktop\AnyDesk.lnk

2020-04-13 16:04 - 2020-04-13 16:04 - 000001985 _____ C:\ProgramData\Desktop\AnyDesk.lnk

2020-04-13 16:04 - 2020-04-13 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk

2020-04-13 16:04 - 2020-04-13 16:04 - 000000000 ____D C:\ProgramData\AnyDesk

2020-04-13 16:04 - 2020-04-13 16:04 - 000000000 ____D C:\Program Files (x86)\AnyDesk

2020-04-13 16:02 - 2020-04-13 20:24 - 000000000 ____D C:\Users\Cthulhu\AppData\Roaming\AnyDesk

2020-04-13 16:02 - 2020-04-13 16:02 - 003189712 _____ (philandro Software GmbH) C:\Users\Cthulhu\Downloads\AnyDesk (1).exe

2020-04-13 16:01 - 2020-04-13 16:01 - 003189712 _____ (philandro Software GmbH) C:\Users\Cthulhu\Downloads\AnyDesk.exe

2020-04-13 15:56 - 2020-04-13 15:57 - 000020872 _____ C:\Users\Cthulhu\Downloads\CALENDARIO IVA Y RETENCIONES DE IVA 2020.xlsx

2020-04-10 16:50 - 2020-04-10 16:50 - 000000000 ___HD C:\OneDriveTemp

2020-04-09 21:14 - 2020-04-09 21:14 - 000001167 _____ C:\Users\Public\Desktop\VLC media player.lnk

2020-04-09 21:14 - 2020-04-09 21:14 - 000001167 _____ C:\ProgramData\Desktop\VLC media player.lnk

2020-04-09 20:59 - 2020-04-09 21:03 - 040772008 _____ C:\Users\Cthulhu\Downloads\vlc-3.0.8-win32.exe

2020-04-09 16:02 - 2020-04-09 19:15 - 1672284207 _____ C:\Users\Cthulhu\Downloads\fr0z3n.2.2019.dvds.720p.latino.mp4

2020-04-04 16:03 - 2020-04-04 16:03 - 000000000 ____D C:\Users\Cthulhu\Documents\FeedbackHub

2020-03-31 10:56 - 2020-03-31 10:56 - 000002858 _____ C:\Users\Cthulhu\AppData\Local\{3A51A2BC-CEC8-40B3-8736-F1C460289B88}

2020-03-28 23:27 - 2020-03-28 23:27 - 000534531 _____ C:\Users\Cthulhu\Downloads\Estados de cuenta.pdf

2020-03-26 22:03 - 2020-03-26 22:03 - 000001762 _____ C:\Users\Cthulhu\Desktop\b xvbj zjajn.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-25 14:15 - 2019-03-19 00:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2020-04-25 13:36 - 2019-05-01 16:01 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\Nox

2020-04-25 13:35 - 2019-12-18 22:57 - 000000000 ____D C:\Users\Cthulhu

2020-04-25 12:35 - 2019-12-18 22:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2020-04-25 12:17 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\AppReadiness

2020-04-25 11:58 - 2020-03-24 18:18 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\ElevatedDiagnostics

2020-04-25 11:34 - 2018-12-24 13:50 - 000000000 ____D C:\Users\Cthulhu\.android

2020-04-25 11:33 - 2020-02-24 00:31 - 000000000 ____D C:\Users\Cthulhu\.BigNox

2020-04-25 11:33 - 2020-02-21 23:16 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\NoxSrv

2020-04-25 11:33 - 2018-12-24 13:48 - 000000000 ____D C:\Users\Cthulhu\vmlogs

2020-04-25 11:29 - 2019-12-18 23:07 - 000842708 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2020-04-25 11:29 - 2019-03-19 00:50 - 000000000 ____D C:\WINDOWS\INF

2020-04-25 11:27 - 2019-03-16 15:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2020-04-24 17:56 - 2019-12-18 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2020-04-24 17:55 - 2019-03-19 00:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2020-04-24 15:34 - 2019-12-18 23:45 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\PlaceholderTileLogoFolder

2020-04-24 15:34 - 2019-12-18 23:39 - 000000000 ____D C:\ProgramData\Packages

2020-04-24 15:34 - 2019-03-19 00:52 - 000000000 ___HD C:\Program Files\WindowsApps

2020-04-24 15:34 - 2019-01-02 20:29 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\Packages

2020-04-24 14:56 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2020-04-23 14:02 - 2020-01-31 20:03 - 000000000 ____D C:\Users\Cthulhu\Desktop\FOTOS

2020-04-22 15:56 - 2019-03-16 15:49 - 000000000 ____D C:\Users\Cthulhu\AppData\Roaming\TeamViewer

2020-04-22 13:11 - 2012-12-22 07:15 - 000000000 ____D C:\Program Files (x86)\CyberLink

2020-04-22 13:11 - 2012-12-22 07:04 - 000000000 ____D C:\ProgramData\Dell

2020-04-22 13:11 - 2012-12-22 07:04 - 000000000 ____D C:\Program Files\Dell

2020-04-21 16:39 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Registration

2020-04-20 13:44 - 2019-12-08 14:16 - 000000000 ____D C:\Users\Cthulhu\Desktop\TRABAJOS ARTC

2020-04-19 13:18 - 2019-03-19 00:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2020-04-19 12:32 - 2019-01-02 21:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2020-04-18 19:56 - 2017-06-05 22:55 - 000000000 ____D C:\Users\Cthulhu\AppData\LocalLow\Mozilla

2020-04-18 19:50 - 2019-01-13 11:42 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\Google

2020-04-18 19:50 - 2019-01-13 11:42 - 000000000 ____D C:\Program Files (x86)\Google

2020-04-18 16:36 - 2019-01-02 21:03 - 000000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2020-04-18 13:15 - 2019-12-17 00:55 - 000000000 ___RD C:\Users\Cthulhu\OneDrive

2020-04-18 13:08 - 2019-12-18 22:40 - 000446904 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2020-04-18 00:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SystemResources

2020-04-18 00:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation

2020-04-18 00:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\migwiz

2020-04-18 00:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\ShellExperiences

2020-04-18 00:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\Provisioning

2020-04-18 00:23 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\bcastdvr

2020-04-17 18:59 - 2019-03-19 00:37 - 000000000 ____D C:\WINDOWS\CbsTemp

2020-04-16 11:04 - 2019-12-18 22:57 - 000000000 ____D C:\Users\Administrator

2020-04-15 22:02 - 2020-02-13 14:18 - 000024258 _____ C:\Users\Cthulhu\Desktop\XLSVENTA FEBRERO.xlsx

2020-04-15 19:26 - 2019-08-29 22:25 - 000000000 ____D C:\Users\Cthulhu\Desktop\PROGRAMAS

2020-04-14 23:47 - 2020-02-24 00:30 - 000000000 ____D C:\Program Files (x86)\Bignox

2020-04-14 15:42 - 2019-12-18 23:13 - 000004544 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier

2020-04-14 15:40 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed

2020-04-14 15:40 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\Macromed

2020-04-14 15:39 - 2020-02-13 20:04 - 005197368 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe

2020-04-14 15:35 - 2019-06-17 21:31 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk

2020-04-14 14:39 - 2019-12-18 23:13 - 000004532 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier

2020-04-14 13:14 - 2019-03-13 11:45 - 000000000 ____D C:\Users\Cthulhu\Desktop\BANCOS

2020-04-09 23:22 - 2019-10-20 19:08 - 000000000 ____D C:\Users\Cthulhu\AppData\Roaming\vlc

2020-04-08 12:51 - 2019-09-27 17:36 - 000000000 ____D C:\Users\Cthulhu\AppData\Local\TeamViewer

2020-04-07 11:25 - 2020-03-13 23:35 - 000002415 _____ C:\Users\Cthulhu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2020-04-07 11:25 - 2019-12-18 23:59 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4110660986-1783647836-3085671652-1001

2020-04-07 11:13 - 2019-03-19 00:52 - 000000000 ____D C:\WINDOWS\system32\NDF

2020-04-02 14:17 - 2019-12-15 22:57 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2020-02-21 18:14 - 2020-02-21 18:14 - 000000823 _____ () C:\Users\Cthulhu\AppData\Local\Nox_crash.log

2019-06-22 14:16 - 2020-03-07 12:29 - 000000015 _____ () C:\Users\Cthulhu\AppData\Local\update_progress.txt

2020-03-31 10:56 - 2020-03-31 10:56 - 000002858 _____ () C:\Users\Cthulhu\AppData\Local\{3A51A2BC-CEC8-40B3-8736-F1C460289B88}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

El último reporte lo tuve que cortar en dos partes. Saludos

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory="Profile 1" --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switc (the data entry has 61 more characters).
HKU\S-1-5-21-4110660986-1783647836-3085671652-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory="Profile 1" --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-swit (the data entry has 61 more characters).
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\Installer\chrmstp.exe [2020-04-23] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\81.1.7.98\Installer\chrmstp.exe [2020-04-21] (Brave Software, Inc.) [File not signed]
Task: {104D723D-973B-4221-8420-3D899316C62E} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {3C1A0831-C798-416F-999C-F6DFB63420BD} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {4F9EF021-AFF8-47CE-ABAB-74A0801257BB} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {64FA975F-FF41-4988-9FF2-C46D9AD60D63} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\ProgramData\McAfee\MCLOGS\DynamicAppDownloader\1.4.111\DADUpdater.exe
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-06-17] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1333064 2018-10-26] (McAfee, Inc. -> McAfee, Inc.)
S2 DellDigitalDelivery; "c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]
C:\Program Files\Common Files\mcafee
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.