Se instalo una app llamada web companion


#1

bueno hace mas o menos unas horas descargue un emulador de gameboy y unos juegos del mismo, y creo que los mismos me metieron el malware, mi internet esta mas lento desde entonces y google hace algo extraño… como si al hacer click sobre el, se abriera en otra ventana.


#2

Hola Randy_Baez_Olivo, [email protected] al nuevo foro

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis de amenazas, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes :arrow_forward: Informe de análisis encontrarás el reporte de MBAM, clic en Exportar :arrow_forward: Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine :arrow_forward: clic en ejecutar limpiador
  • Clic en la pestaña Registro :arrow_forward: clic en buscar problemas esperas que termine :arrow_forward: clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo


#3

Buenas daniela, muchas gracias por tu ayuda :grin:

aqui mi reporte de Malwarebytes’ Anti-Malware


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 2/1/19
Hora del análisis: 9:29
Archivo de registro: 701408e2-0e92-11e9-b9d6-d481d7ecc28c.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.508
Versión del paquete de actualización: 1.0.8211
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17134.472)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-RBJOVTB\r-and

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 280015
Amenazas detectadas: 13
Amenazas en cuarentena: 13
Tiempo transcurrido: 3 min, 37 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.DefaultSearch, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nladljmabboanhihfkjacnnkgjhnokhj, En cuarentena, [283], [550469],1.0.8211

Valor del registro: 1
PUP.Optional.DefaultSearch, HKU\S-1-5-21-4280517246-3670959479-336237639-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|NLADLJMABBOANHIHFKJACNNKGJHNOKHJ, En cuarentena, [283], [550469],1.0.8211

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 11
PUP.Optional.NovaRambler.ChrPRST, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [316], [493310],1.0.8211
PUP.Optional.NovaRambler.ChrPRST, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [316], [493310],1.0.8211
Adware.Elex.ShrtCln, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [259], [454691],1.0.8211
Adware.Elex.ShrtCln, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [259], [454691],1.0.8211
PUP.Optional.NovaRambler.ChrPRST, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [316], [493310],1.0.8211
PUP.Optional.Linkury, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [244], [455237],1.0.8211
PUP.Optional.Linkury, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [244], [455237],1.0.8211
PUP.Optional.Conduit, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [215], [454835],1.0.8211
PUP.Optional.Conduit, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [215], [454835],1.0.8211
PUP.Optional.Trovi, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [397], [454808],1.0.8211
PUP.Optional.Linkury, C:\USERS\R-AND\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [244], [455237],1.0.8211

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end) 

#5

Hola

Falta el reporte de AdwCleaner y comentar como sigue el problema.

Un saludo


#6

no me permitio poner los dos logs en un mismo post, porque no puedo poner dos enlaces por ser usuario nuevo o algo asi, en cuanto al funcionamiento el internet recobro su velocidad normal, pero se me desinstalo el programa Utorrent, y google chrome aun continua abriendose en una ventana diferente, me gustaria poner una imagen de esto ultimo pero no me lo permite

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build:    12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support:  
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    01-02-2019
# Duration: 00:00:05
# OS:       Windows 10 Home
# Cleaned:  10
# Failed:   0


***** [ Services ] *****

Deleted       WCAssistantService

***** [ Folders ] *****

Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted       HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted       HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted       HKCU\Software\Lavasoft\Web Companion
Deleted       HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted       HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted       HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URL ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URL ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2191 octets] - [02/01/2019 09:56:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## 

#7

Hola

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo


#8
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
Ran by r-and (administrator) on DESKTOP-RBJOVTB (02-01-2019 14:49:29)
Running from C:\Users\r-and\OneDrive\Escritorio
Loaded Profiles: r-and (Available Profiles: r-and)
Platform: Windows 10 Home Version 1803 17134.472 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Service\Tobii.Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
() C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Tobii EyeX Interaction\Tobii.EyeX.Tray.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Tobii EyeX Interaction\Tobii.EyeX.Interaction.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Alienware Corp.) C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(A-Volute) C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
() C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe
() C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files (x86)\Tobii\Service\Tobii Lite Core.exe
(Microsoft Corporation) C:\Windows\System32\SensorDataService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9218568 2017-05-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493000 2017-05-05] (Realtek Semiconductor)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13856 2017-03-21] (Alienware)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AWSoundCenterUILauncher] => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe [1217208 2016-12-15] (A-Volute)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [3747256 2016-12-02] (Alienware Corp.)
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\Run: [uTorrent] => C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe [1739960 2018-12-22] (BitTorrent Inc.)
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3948600 2018-08-24] (Tonec Inc.)
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)
HKLM\Software\...\AppCompatFlags\Custom\setuphost.exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> a3a25ec11052d401
HKLM\Software\...\AppCompatFlags\Custom\setupprep.exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> a3a25ec11052d401
HKLM\Software\...\AppCompatFlags\InstalledSDB\{5534e02f-0f5d-40dd-ba92-bea38d22384d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb [2018-06-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-07-25]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{2245edba-a6e8-4a38-8805-1f556a17384e}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-13] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)

FireFox:
========
FF HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5 [2018-08-24] [Legacy] [not signed]
FF HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com.do/
CHR StartupUrls: Default -> "hxxp://google.com.do/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default [2019-01-02]
CHR Extension: (Presentaciones) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-24]
CHR Extension: (Documentos) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-24]
CHR Extension: (Google Drive) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-16]
CHR Extension: (YouTube) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-24]
CHR Extension: (Adblock Plus) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (Hojas de cálculo) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (AdBlock) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (anonymoX) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2018-08-24]
CHR Extension: (The Great Suspender) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2018-08-24]
CHR Extension: (IDM Integration Module) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-12-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-24]
CHR Extension: (Gmail) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-23]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [424288 2018-05-22] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-08-31] (PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] ()
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation)
R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [14392 2016-11-15] (Alienware)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-13] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
R2 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2067168 2017-02-21] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431664 2018-12-23] (Overwolf LTD)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [227728 2018-02-28] (Qualcomm Technologies Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333328 2017-05-05] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2015968 2016-08-15] (Intel Corporation)
R2 Tobii Service; C:\Program Files (x86)\Tobii\Service\Tobii.Service.exe [202304 2018-02-23] (Tobii AB)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [72024 2018-05-22] (Qualcomm)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [35216 2016-08-18] ()
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-21] (Intel Corporation)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-02] (Intel Mobile Communications)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-13] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72248 2018-02-13] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-11] (Qualcomm Atheros, Inc.)
R3 kiox_ff_driver; C:\WINDOWS\system32\DRIVERS\kiox_ff_driver.sys [50312 2016-09-21] (Kionix, Inc.)
R0 kxdiskprot; C:\WINDOWS\System32\DRIVERS\kxdiskprot.sys [38544 2016-06-13] (Kionix, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-02] (Malwarebytes)
S3 nhi; C:\WINDOWS\System32\drivers\tbt81x.sys [129608 2016-08-24] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_e565bb9db9e93f47\nvlddmkm.sys [17147136 2018-04-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31800 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
S3 PtpFilterDriver; C:\WINDOWS\System32\drivers\PtpFilterDriver.sys [51840 2016-12-27] ()
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [99680 2017-02-21] (Rivet Networks, LLC.)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-21] (Realtek Semiconductor Corp.)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-02] (MobileTop)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [52792 2017-12-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated)
S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-02] (MCCI Corporation)
S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-02] (MCCI Corporation)
S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-02] (MCCI)
S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-02] (MCCI Corporation)
S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-02] (MCCI Corporation)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [48920 2014-12-02] (QUALCOMM Incorporated)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-02] (MCCI Corporation)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26392 2014-12-02] (DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-02 14:41 - 2019-01-02 14:49 - 000000000 ____D C:\FRST
2019-01-02 10:03 - 2019-01-02 10:03 - 000002538 _____ C:\Users\r-and\OneDrive\Documents\cc_20190102_100308.reg
2019-01-02 09:58 - 2019-01-02 09:58 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-02 09:55 - 2019-01-02 09:56 - 000000000 ____D C:\AdwCleaner
2019-01-02 09:27 - 2019-01-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-02 09:27 - 2019-01-02 09:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-02 09:27 - 2019-01-02 09:27 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-02 09:27 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-02 00:52 - 2019-01-02 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-01-02 00:52 - 2019-01-02 00:52 - 000000000 ____D C:\Users\r-and\AppData\Roaming\Lavasoft
2019-01-02 00:52 - 2019-01-02 00:52 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2019-01-02 00:51 - 2019-01-02 00:51 - 000000000 ____D C:\ProgramData\Lavasoft
2019-01-02 00:43 - 2019-01-02 00:43 - 000001554 _____ C:\Users\r-and\OneDrive\Documents\cc_20190102_004308.reg
2019-01-01 23:29 - 2019-01-01 23:29 - 000000862 _____ C:\Users\r-and\OneDrive\Documents\cc_20190101_232936.reg
2019-01-01 18:55 - 2019-01-01 18:55 - 000000000 _____ C:\WINDOWS\invcol.tmp
2018-12-28 14:02 - 2019-01-02 00:30 - 000000000 ____D C:\Users\r-and\AppData\LocalLow\uTorrent
2018-12-23 17:48 - 2018-12-23 17:48 - 000000000 ____D C:\Users\r-and\OneDrive\Documents\Rise of the Tomb Raider
2018-12-23 17:48 - 2018-12-23 17:48 - 000000000 ____D C:\Users\r-and\AppData\Roaming\Crystal Dynamics
2018-12-23 16:11 - 2018-12-23 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rise of the Tomb Raider
2018-12-22 18:58 - 2018-12-22 18:58 - 000001308 _____ C:\Users\r-and\OneDrive\Documents\cc_20181222_185856.reg
2018-12-20 14:44 - 2018-12-14 08:24 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-12-20 14:44 - 2018-12-14 03:29 - 006567472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-20 14:44 - 2018-12-14 03:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 14:44 - 2018-12-14 03:23 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-12-20 14:44 - 2018-12-14 03:23 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-12-20 14:44 - 2018-12-14 03:22 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-20 14:44 - 2018-12-14 03:22 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-12-20 14:44 - 2018-12-14 03:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 14:44 - 2018-12-14 03:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 14:44 - 2018-12-14 03:13 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-12-20 14:44 - 2018-12-14 03:12 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-12-20 14:44 - 2018-12-14 03:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 14:44 - 2018-12-14 02:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 14:44 - 2018-12-14 02:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 14:44 - 2018-12-14 02:53 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-12-20 14:44 - 2018-12-14 02:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 14:44 - 2018-12-14 02:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 14:44 - 2018-12-14 02:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 14:43 - 2018-12-14 03:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 14:43 - 2018-12-14 03:23 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-20 14:43 - 2018-12-14 03:23 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-12-20 14:43 - 2018-12-14 03:23 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-12-20 14:43 - 2018-12-14 03:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 14:43 - 2018-12-14 03:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 14:43 - 2018-12-14 03:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 14:43 - 2018-12-14 03:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 14:43 - 2018-12-14 02:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 14:43 - 2018-12-14 02:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 14:43 - 2018-12-14 02:54 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-12-20 14:43 - 2018-12-14 02:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 14:43 - 2018-12-14 01:34 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-12-19 15:31 - 2018-12-19 15:31 - 000001160 _____ C:\Users\r-and\OneDrive\Documents\cc_20181219_153108.reg
2018-12-18 11:23 - 2018-12-18 11:23 - 000000576 _____ C:\Users\r-and\OneDrive\Documents\cc_20181218_112318.reg
2018-12-15 20:13 - 2018-12-15 20:13 - 000002348 _____ C:\Users\r-and\OneDrive\Documents\cc_20181215_201156.reg
2018-12-14 03:36 - 2018-12-14 03:36 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2018-12-12 13:19 - 2018-12-08 08:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 13:19 - 2018-12-08 08:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 13:19 - 2018-12-08 08:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 13:19 - 2018-12-08 04:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-12-12 13:19 - 2018-12-08 04:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 13:19 - 2018-12-08 03:49 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-12 13:19 - 2018-12-08 03:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 13:19 - 2018-12-08 03:42 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 13:19 - 2018-12-08 03:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 13:19 - 2018-12-08 03:38 - 022016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-12 13:19 - 2018-12-08 03:33 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 13:19 - 2018-11-09 02:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 13:19 - 2018-11-08 22:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-12 13:19 - 2018-11-08 22:16 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 13:19 - 2018-11-08 21:26 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 13:18 - 2018-12-08 08:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 13:18 - 2018-12-08 08:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-12-12 13:18 - 2018-12-08 08:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-12-12 13:18 - 2018-12-08 08:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 13:18 - 2018-12-08 08:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-12 13:18 - 2018-12-08 08:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-12-12 13:18 - 2018-12-08 08:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 13:18 - 2018-12-08 08:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-12-12 13:18 - 2018-12-08 08:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 13:18 - 2018-12-08 08:29 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-12-12 13:18 - 2018-12-08 08:28 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 13:18 - 2018-12-08 08:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 13:18 - 2018-12-08 08:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 13:18 - 2018-12-08 08:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 13:18 - 2018-12-08 08:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 13:18 - 2018-12-08 08:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 13:18 - 2018-12-08 08:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 13:18 - 2018-12-08 08:25 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 13:18 - 2018-12-08 08:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 13:18 - 2018-12-08 08:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-12-12 13:18 - 2018-12-08 08:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 13:18 - 2018-12-08 08:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 13:18 - 2018-12-08 08:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 13:18 - 2018-12-08 04:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 13:18 - 2018-12-08 04:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 13:18 - 2018-12-08 04:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 13:18 - 2018-12-08 04:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 13:18 - 2018-12-08 04:07 - 001063416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-12 13:18 - 2018-12-08 04:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 13:18 - 2018-12-08 04:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 13:18 - 2018-12-08 04:06 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-12-12 13:18 - 2018-12-08 04:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 13:18 - 2018-12-08 04:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 13:18 - 2018-12-08 04:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 002463384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000706040 _____ (Microsoft Corporation)

#9

C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-12 13:18 - 2018-12-08 04:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-12-12 13:18 - 2018-12-08 04:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 13:18 - 2018-12-08 04:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000268280 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-12 13:18 - 2018-12-08 03:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 13:18 - 2018-12-08 03:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-12-12 13:18 - 2018-12-08 03:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-12-12 13:18 - 2018-12-08 03:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-12-12 13:18 - 2018-12-08 03:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-12-12 13:18 - 2018-12-08 03:40 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-12 13:18 - 2018-12-08 03:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-12-12 13:18 - 2018-12-08 03:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 13:18 - 2018-12-08 03:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-12 13:18 - 2018-12-08 03:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 13:18 - 2018-12-08 03:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 13:18 - 2018-12-08 03:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 13:18 - 2018-12-08 03:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-12-12 13:18 - 2018-12-08 03:35 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-12-12 13:18 - 2018-12-08 03:35 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-12 13:18 - 2018-12-08 03:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 13:18 - 2018-12-08 03:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-12 13:18 - 2018-12-08 03:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 13:18 - 2018-12-08 03:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-12-12 13:18 - 2018-12-08 03:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 13:18 - 2018-12-08 03:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-12-12 13:18 - 2018-12-08 03:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-12-12 13:18 - 2018-12-08 03:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 13:18 - 2018-12-08 03:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 13:18 - 2018-12-08 03:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 13:18 - 2018-12-08 03:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-12-12 13:18 - 2018-12-08 03:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 13:18 - 2018-12-08 03:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 13:18 - 2018-11-09 02:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-12 13:18 - 2018-11-09 01:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-12-12 13:18 - 2018-11-09 01:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-12-12 13:18 - 2018-11-09 01:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-12 13:18 - 2018-11-09 01:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-12-12 13:18 - 2018-11-09 01:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-12 13:18 - 2018-11-09 01:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-12-12 13:18 - 2018-11-09 01:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-12-12 13:18 - 2018-11-09 01:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 13:18 - 2018-11-09 01:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-12 13:18 - 2018-11-09 01:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-12-12 13:18 - 2018-11-09 01:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 13:18 - 2018-11-09 01:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-12 13:18 - 2018-11-09 01:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-12-12 13:18 - 2018-11-09 01:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-12 13:18 - 2018-11-09 01:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-12-12 13:18 - 2018-11-09 01:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-12-12 13:18 - 2018-11-09 01:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-12-12 13:18 - 2018-11-09 01:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-12 13:18 - 2018-11-08 22:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-12 13:18 - 2018-11-08 22:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-12-12 13:18 - 2018-11-08 22:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 13:18 - 2018-11-08 22:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-12-12 13:18 - 2018-11-08 22:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 13:18 - 2018-11-08 22:47 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-12 13:18 - 2018-11-08 22:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-12 13:18 - 2018-11-08 22:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-12-12 13:18 - 2018-11-08 22:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 13:18 - 2018-11-08 22:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-12-12 13:18 - 2018-11-08 22:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-12-12 13:18 - 2018-11-08 22:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-12-12 13:18 - 2018-11-08 22:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-12-12 13:18 - 2018-11-08 22:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 13:18 - 2018-11-08 22:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-12-12 13:18 - 2018-11-08 22:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-12-12 13:18 - 2018-11-08 22:20 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-12-12 13:18 - 2018-11-08 22:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-12-12 13:18 - 2018-11-08 22:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-12-12 13:18 - 2018-11-08 22:19 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-12 13:18 - 2018-11-08 22:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-12 13:18 - 2018-11-08 22:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-12-12 13:18 - 2018-11-08 22:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 13:18 - 2018-11-08 22:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-12-12 13:18 - 2018-11-08 22:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-12 13:18 - 2018-11-08 22:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-12-12 13:18 - 2018-11-08 22:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-12-12 13:18 - 2018-11-08 22:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-12 13:18 - 2018-11-08 22:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-12-12 13:18 - 2018-11-08 22:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 13:18 - 2018-11-08 21:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-12 13:18 - 2018-11-08 21:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 002253184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-12-12 13:18 - 2018-11-08 21:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-12-12 13:18 - 2018-11-08 21:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 13:18 - 2018-11-08 21:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 13:18 - 2018-11-08 21:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-12-12 13:18 - 2018-11-08 21:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-12 13:18 - 2018-11-08 21:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 13:18 - 2018-11-08 21:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-12-12 13:18 - 2018-11-08 21:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-12-12 13:18 - 2018-11-08 21:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-12-12 13:18 - 2018-11-08 21:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-12-12 13:18 - 2018-11-08 21:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-12-12 13:18 - 2018-11-08 21:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-12-11 21:28 - 2018-12-11 21:28 - 000000494 _____ C:\Users\r-and\OneDrive\Documents\cc_20181211_212843.reg
2018-12-08 13:40 - 2018-12-08 13:40 - 000000494 _____ C:\Users\r-and\OneDrive\Documents\cc_20181208_134011.reg
2018-12-07 23:52 - 2018-12-07 23:52 - 000000500 _____ C:\Users\r-and\OneDrive\Documents\cc_20181207_235159.reg
2018-12-05 05:38 - 2018-12-05 05:38 - 000000164 _____ C:\Users\r-and\OneDrive\Documents\cc_20181205_053810.reg
2018-12-04 19:41 - 2018-12-04 19:41 - 000001586 _____ C:\Users\r-and\OneDrive\Documents\cc_20181204_194102.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-02 14:33 - 2018-09-25 18:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-02 14:33 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-02 13:10 - 2017-07-25 13:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2019-01-02 11:18 - 2018-08-24 08:59 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-02 11:18 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-01-02 11:16 - 2018-08-24 09:11 - 000000000 __SHD C:\Users\r-and\IntelGraphicsProfiles
2019-01-02 10:32 - 2018-08-24 12:36 - 000000000 ____D C:\Users\r-and\AppData\Roaming\DMCache
2019-01-02 10:01 - 2018-08-24 12:37 - 000000000 ____D C:\Users\r-and\AppData\Roaming\IDM
2019-01-02 10:01 - 2018-08-24 12:28 - 000000000 ____D C:\Users\r-and\AppData\Roaming\uTorrent
2019-01-02 10:01 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Registration
2019-01-02 09:58 - 2018-09-25 19:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-02 09:57 - 2018-04-11 17:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-02 00:51 - 2018-08-24 12:28 - 000002686 _____ C:\Users\r-and\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-01-02 00:40 - 2018-11-05 13:31 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-02 00:40 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-02 00:40 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-01 21:58 - 2018-09-25 19:02 - 000000000 ____D C:\Users\r-and
2019-01-01 19:05 - 2018-11-24 13:46 - 000000000 ____D C:\Games
2019-01-01 13:42 - 2018-10-10 20:29 - 000000000 ____D C:\Users\r-and\AppData\Roaming\vlc
2019-01-01 10:27 - 2018-10-28 03:07 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-23 17:47 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-21 09:45 - 2017-07-25 12:39 - 000000000 ____D C:\ProgramData\PCDr
2018-12-21 09:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-21 09:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-20 14:52 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-20 10:25 - 2018-09-25 19:17 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4280517246-3670959479-336237639-1001
2018-12-20 10:25 - 2018-09-25 19:02 - 000002365 _____ C:\Users\r-and\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-20 10:25 - 2018-08-24 09:14 - 000000000 ___RD C:\Users\r-and\OneDrive
2018-12-19 15:15 - 2018-09-25 19:17 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-19 15:15 - 2018-09-25 19:17 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 11:39 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-19 09:22 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-14 03:39 - 2018-09-25 19:15 - 000841392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-14 03:35 - 2017-07-25 13:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-12 21:24 - 2018-08-24 09:11 - 000000000 ___RD C:\Users\r-and\3D Objects
2018-12-12 21:24 - 2017-07-25 13:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-12 21:22 - 2018-09-25 18:55 - 000403088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-12 20:05 - 2018-04-11 19:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-12 20:05 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-12 20:05 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-12 19:03 - 2018-08-24 11:05 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-12 13:45 - 2018-08-25 02:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-12 13:30 - 2018-08-25 02:11 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-11 11:08 - 2018-08-25 02:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-11 11:08 - 2018-08-24 20:30 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-07 16:03 - 2018-08-25 02:14 - 000000000 ____D C:\Program Files\rempl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-25 18:55

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by r-and (02-01-2019 14:51:12)
Running from C:\Users\r-and\OneDrive\Escritorio
Windows 10 Home Version 1803 17134.472 (X64) (2018-09-25 23:18:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4280517246-3670959479-336237639-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4280517246-3670959479-336237639-503 - Limited - Disabled)
Guest (S-1-5-21-4280517246-3670959479-336237639-501 - Limited - Disabled)
r-and (S-1-5-21-4280517246-3670959479-336237639-1001 - Administrator - Enabled) => C:\Users\r-and
WDAGUtilityAccount (S-1-5-21-4280517246-3670959479-336237639-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Alienware  Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Alienware Command Center (HKLM\...\{4A7B5997-A768-4678-9329-00F3A1F2554D}) (Version: 4.7.10.0 - Dell Inc.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{4A7B5997-A768-4678-9329-00F3A1F2554D}) (Version: 4.7.10.0 - Dell Inc.)
Alienware Graphics Amplifier Software Installer (HKLM\...\{B74FEE36-FB11-413A-BD9A-BF3E38891153}) (Version: 3.0.11.0 - Dell Inc.) Hidden
Alienware Graphics Amplifier Software Installer (HKLM-x32\...\InstallShield_{B74FEE36-FB11-413A-BD9A-BF3E38891153}) (Version: 3.0.11.0 - Dell Inc.)
Alienware On-Screen Display (HKLM-x32\...\{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.30 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.30 - Alienware Corp.)
Alienware Sound Center (HKLM-x32\...\{e2d19baa-995b-4b46-866b-baaf95c06224}) (Version: 1.1.5 - Alienware) Hidden
Alienware Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.83 - NVIDIA Corporation) Hidden
AudioLaunchpadConfigurator (HKLM\...\{3726345E-31B4-4A39-983E-1BCF0104DF75}) (Version: 1.1.501 - Alienware) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CheckDevicesConfigurator (HKLM\...\{FD0044F5-AF4F-460B-BF79-6689558721C9}) (Version: 1.1.501 - Alienware) Hidden
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden
EMSC (HKLM-x32\...\{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.31 - Compal Electronics, Inc.) Hidden
EMSC (HKLM-x32\...\InstallShield_{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.31 - Compal Electronics, Inc.) Hidden
Free Fall Data Protection (HKLM\...\{5141F653-8707-4B96-9349-247C66319C11}) (Version: 1.1.5.2 - Kionix, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Killer Ethernet Performance Suite (HKLM\...\{4F197F57-6B96-4342-ADA7-C7C0691A19BF}) (Version: 1.0.1028 - Rivet Networks)
Killer Wireless Drivers (HKLM\...\{6F049896-97FF-4C03-A033-8AF06D2AA53F}) (Version: 1.2.1194 - Rivet Networks)
LauncherSetup (HKLM\...\{57EB0016-CE37-4D09-8282-D83133249A0F}) (Version: 1.1.501 - Alienware) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nahimic2UISetup (HKLM\...\{D77F79ED-B98F-4DB9-8498-39C5AD2BE1FD}) (Version: 1.1.501 - Alienware) Hidden
NahimicSettingsConfigurator (HKLM\...\{F88A4367-5097-44EF-8E77-27D801B84B00}) (Version: 1.1.501 - Alienware) Hidden
Nitro Pro (HKLM\...\{0521ADAD-7151-4E96-B7CB-0CB0B6A7733F}) (Version: 12.0.0.112 - Nitro)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.121.1.30 - Overwolf Ltd.)
ProductDaemonSetup (HKLM\...\{0638E5BA-125E-425D-BF01-8A6B0CDBB34E}) (Version: 1.1.501 - Alienware) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro (HKLM\...\Revo Uninstaller Pro) (Version:  - VS Revo Group)
Rise of the Tomb Raider Deluxe Edition MULTi13 - ElAmigos versión 1.0.767.2 (HKLM-x32\...\{C364857D-4D76-4067-89DA-EEF5B02CCA0E}_is1) (Version: 1.0.767.2 - Square Enix)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
SonicMapperConfigurator (HKLM\...\{ED221F20-5D17-4703-8EB4-909DD736DB3E}) (Version: 1.1.501 - Alienware) Hidden
Tet Fw Files Installer (HKLM-x32\...\{B80DB4C3-49E3-4BD5-AD5B-A2EAFE97148C}) (Version: 2.27.0 - Tobii AB) Hidden
Thunderbolt(TM) Software (HKLM-x32\...\{F55C97BF-D9B2-4BB6-B16A-25A621BC50E9}) (Version: 16.2.52.250 - Intel Corporation)
Tobii Bundle Requirements (HKLM-x32\...\{0FC6EDE1-E1B6-4AC4-833B-3FBC2871A208}) (Version: 2.13.1.7294 - Tobii AB) Hidden
Tobii Eula (HKLM-x32\...\{2983042C-1698-41CC-B567-2D6CE0E928C4}) (Version: 2.13.1.7294 - Tobii AB) Hidden
Tobii Eye Tracker HID package installer (HKLM-x32\...\{2D213961-EDE8-431A-BE05-6D52DE7375C2}) (Version: 1.5.606.0 - Tobii AB) Hidden
Tobii Eye Tracking (HKLM-x32\...\{025d54d3-44bd-4b31-a50d-c4941d823026}) (Version: 2.13.1.7294 - Tobii AB)
Tobii Eye Tracking Troubleshooter Installer (HKLM-x32\...\{86B6AE69-21F3-44A6-A64B-AFD54C238985}) (Version: 1.2.0.257 - Tobii AB) Hidden
Tobii EyeX Config (HKLM-x32\...\{106FB191-F161-4325-A3C3-FFCEA14D996E}) (Version: 4.10.0.1118 - Tobii AB) Hidden
Tobii EyeX Intro (HKLM-x32\...\{B62D536C-1BDD-40ED-83EE-3F5BBF8E95F5}) (Version: 1.0.3.173 - Moonshot) Hidden
Tobii Hello3 Installer (HKLM\...\{A45971EB-CED7-426A-ACFF-584D3ED257B2}) (Version: 2.0.2.1 - Tobii AB) Hidden
Tobii Hello3 Installer (HKLM\...\{EB7EEC55-D001-4EB4-AA84-35AC2D65FD3E}) (Version: 2.0.2.0 - Tobii AB) Hidden
Tobii Interaction Engine Installer (HKLM-x32\...\{AD39ED14-0C31-49D2-8D68-9759FEC9AF38}) (Version: 1.24.0.7191 - Tobii AB) Hidden
Tobii IS3 Eye Tracker Driver (HKLM-x32\...\{432D9D4E-D79E-4451-BF37-E36174D92E29}) (Version: 2.0.4 - Tobii AB) Hidden
Tobii PTP Filter Driver (HKLM\...\{AB77784C-40BA-4ABD-B7D6-5296773E8B67}) (Version: 1.1.0.75 - Tobii AB) Hidden
Tobii Service (HKLM-x32\...\{A9D645A2-E026-4289-A799-FF4931693573}) (Version: 1.25.0.7326 - Tobii AB) Hidden
Tobii Stream Engine Service (HKLM-x32\...\{9F52864C-6711-4E1C-9A50-86B9B427054A}) (Version: 0.5.3.667 - Tobii AB) Hidden
Tobii Windows Interactions (HKLM-x32\...\{FE4C655B-308B-4D24-B729-56E7CB59EE46}) (Version: 2.13.0.5174 - Tobii AB) Hidden
Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
UIInstallUpgrade (HKLM\...\{AC37CB0E-29C5-4B76-A6EC-533D72670523}) (Version: 1.1.501 - Alienware) Hidden
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VR Fw Files (HKLM-x32\...\{3DACA8A9-7B35-4A25-A474-BE80BCB4C1F4}) (Version: 1.13.3 - Tobii AB) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{3bddc468-f861-4112-8753-814e408ee467}) (Version: 4.4.1950.3825 - Lavasoft)
Windows Driver Package - Kionix, Inc. (kiox_ff_driver) Sensor I/O devices  (06/13/2016 1.1.5.1) (HKLM\...\5627B7BF339E63F3AA7A6C19623784C368E02915) (Version: 06/13/2016 1.1.5.1 - Kionix, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ========================== 

#10
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro\12\NPShellExtension.dll [2018-06-08] (Nitro Software, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxDTCM.dll [2018-03-21] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-07] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02951434-529A-4A45-9B18-2E7AAD1EC563} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-13] (Microsoft Corporation)
Task: {0C0C8536-8240-45B2-B789-F4C2FDF2DE80} - System32\Tasks\AWSoundCenterUILauncherRun => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe [2016-12-15] (A-Volute)
Task: {0C34C145-C502-42C4-923C-3C4E33C8B549} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation)
Task: {18D46407-E803-4586-8EDD-241C260675CC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {229CDC2E-1B99-4474-BA1B-40CE0B31E4BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-24] (Google Inc.)
Task: {27A81E36-37E3-4573-8626-DDC489E7A78D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {2C776E5E-6D01-49DE-A0FC-1E72AC4A0C4B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {38733F49-786E-4354-B8EE-7BACEEB027E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-24] (Google Inc.)
Task: {3B57DA97-E197-482C-830A-17831ECF0BF7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd)
Task: {3CDABBCF-8C61-47E9-87E1-D1DC91910897} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {3D90C7DC-1151-4FEC-861F-8ABCD7BE83BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {42FD3F0F-9F11-411F-B567-FE4DAAEBBFA3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {47840B82-E391-48C7-9489-F38D1DFEE67D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-13] (Microsoft Corporation)
Task: {5E0902F2-00CA-48EA-AECD-546741918848} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-31] (AVAST Software)
Task: {642C9ACF-8415-4EE6-B707-C62116C23FAF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {647D8D67-E84A-406A-8A21-C38D96DE8A8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {6837A206-CC3A-40D9-B215-98FDD63EA67E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {6B1DA665-F36E-460E-BB5E-442499AD6485} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-12-23] (Overwolf LTD)
Task: {7539127C-3193-4B4E-A164-1C20C5A24275} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {7BFA6458-5F8F-4597-AE2A-CB6810A3B7A0} - System32\Tasks\AWSoundCenterSvc32Run => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe [2016-12-15] ()
Task: {8104C6BC-33C7-43CB-811D-C6A128EE83BC} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {817D234B-CE93-4BBB-938F-F139F1E70C21} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {8C29C07A-733F-4C98-9FD5-14794F453FB9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {8F24E85E-045E-4004-A0D3-342BA350783C} - System32\Tasks\AWSoundCenterSvc64Run => C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe [2016-12-15] ()
Task: {B63D99EA-E1D6-4D51-8661-BF5490DF46A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-13] (Microsoft Corporation)
Task: {BCD539AF-B808-4DDA-8294-08CB48CB373F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {BD29E2E3-68F2-4335-AC6E-5CB769670107} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {C07B482D-0162-48E6-82C0-B915698D695B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-13] (Microsoft Corporation)
Task: {C4437353-4D5F-46F1-989A-FF02E0B34B72} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {C8226A72-12A8-4914-87D1-EB70CD6617A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {D7A54976-8400-4D55-A115-E1D7835E6113} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {D8C9B66F-3A30-4D27-B687-EA1179BF53F5} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {DB64AE31-4DE3-4EB5-A5CD-075DB4C392D1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation)
Task: {E1E24490-A1B6-427B-BA46-517A8A401A9B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {EC44EEA2-1A21-404A-9D4F-9A2E9B6EE046} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {FCFFA52E-7BCA-414E-B1DD-10824AD908A8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AWSoundCenterSvc32Run.job => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe
Task: C:\WINDOWS\Tasks\AWSoundCenterSvc64Run.job => C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe
Task: C:\WINDOWS\Tasks\AWSoundCenterUILauncherRun.job => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-07-25 13:06 - 2017-03-28 15:31 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2019-01-02 09:27 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-08-31 01:07 - 2018-08-31 01:07 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
2018-11-12 13:46 - 2018-11-12 13:46 - 000035976 _____ () C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
2018-08-24 08:59 - 2018-03-07 13:00 - 000134952 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-15 06:14 - 2016-12-15 06:14 - 000199864 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll
2016-12-15 06:14 - 2016-12-15 06:14 - 000273592 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 13:18 - 2018-11-08 22:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-20 14:44 - 2018-12-14 02:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 08:56 - 2018-10-23 08:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-14 03:49 - 2018-12-14 03:49 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-12-14 03:49 - 2018-12-14 03:53 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-12-14 03:49 - 2018-12-14 03:50 - 010927616 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-12-14 03:49 - 2018-12-14 03:53 - 002916864 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\skypert.dll
2018-12-14 03:49 - 2018-12-14 03:51 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-12-14 03:49 - 2018-12-14 03:53 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2016-12-15 06:12 - 2016-12-15 06:12 - 002340024 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCentersvc32.exe
2016-12-15 06:15 - 2016-12-15 06:15 - 000495800 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCentersvc64.exe
2018-11-06 19:03 - 2018-11-06 19:04 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 19:03 - 2018-11-06 19:04 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 19:03 - 2018-11-06 19:04 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2017-11-14 14:17 - 2017-11-14 14:17 - 002545088 _____ () C:\Program Files (x86)\Tobii\Service\Tobii Lite Core.exe
2018-12-12 19:03 - 2018-12-12 01:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-12 19:03 - 2018-12-12 01:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-16 14:49 - 2018-11-16 14:52 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-16 14:49 - 2018-11-16 14:52 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-08-25 11:59 - 2018-08-25 12:00 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-16 14:49 - 2018-11-16 14:52 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-16 14:49 - 2018-11-16 14:51 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-16 14:49 - 2018-11-16 14:52 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-25 11:59 - 2018-08-25 12:00 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-25 11:59 - 2018-08-25 12:00 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-25 11:59 - 2018-08-25 12:00 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-16 14:49 - 2018-11-16 14:52 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-16 14:49 - 2018-11-16 14:51 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-16 14:49 - 2018-11-16 14:49 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-23 23:57 - 2018-09-24 00:00 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-25 11:59 - 2018-08-25 12:00 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-18 09:02 - 2018-12-18 09:09 - 001436760 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-12-10 19:13 - 2018-12-10 19:14 - 034870272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-12-10 19:13 - 2018-12-10 19:14 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-24 12:55 - 2018-08-24 13:03 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 18:36 - 2018-11-29 18:37 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-12-10 19:13 - 2018-12-10 19:14 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-12-10 19:13 - 2018-12-10 19:14 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-09-25 08:58 - 2018-09-25 08:58 - 001308672 _____ () C:\WINDOWS\system32\FaceProcessor.dll
2018-09-25 08:58 - 2018-09-25 08:58 - 000542888 _____ () C:\WINDOWS\system32\FaceProcessorCore.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 001348664 _____ () C:\WINDOWS\system32\FaceTrackerInternal.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000051680 _____ () C:\Program Files (x86)\Tobii\Service\plugins\Tobii.EyeX.Controller.Service.Library.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000051680 _____ () C:\Program Files (x86)\Tobii\Service\tecs.hid.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000430048 _____ () C:\Program Files (x86)\Tobii\Service\tecs.host.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000191968 _____ () C:\Program Files (x86)\Tobii\Service\tecs.lite.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000164832 _____ () C:\Program Files (x86)\Tobii\Service\libtobii_windll.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 000284160 _____ () C:\Program Files (x86)\Tobii\Service\platform_modules\platmod_is3.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 002675712 _____ () C:\Program Files (x86)\Tobii\Service\platform_modules\platmod_is4.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 000128000 _____ () C:\Program Files (x86)\Tobii\Service\tobii_firmware_upgrade.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 000289280 _____ () C:\Program Files (x86)\Tobii\Service\platform_modules\platmod_legacy.dll
2017-04-28 10:05 - 2017-04-28 10:05 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-07-25 13:06 - 2017-03-28 15:31 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-30 18:21 - 2017-10-30 18:21 - 001127152 _____ () C:\Program Files (x86)\Tobii\Tobii EyeX\tobii_stream_engine.DLL
2017-04-28 09:41 - 2017-04-28 09:41 - 000130800 _____ () C:\Program Files (x86)\Tobii\Tobii EyeX\tobii_firmware_upgrade.dll
2016-12-15 06:10 - 2016-12-15 06:10 - 000174776 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterDevProps.dll
2016-12-15 06:08 - 2016-12-15 06:08 - 000250552 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterOSD.dll
2017-07-25 12:46 - 2017-07-25 12:45 - 000939008 _____ () C:\WINDOWS\SYSTEM32\EMSC.dll
2017-07-25 13:06 - 2017-03-21 16:27 - 002442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2017-07-25 13:06 - 2017-03-21 16:27 - 000363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2017-07-25 13:06 - 2017-03-21 16:27 - 000254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2017-07-25 13:06 - 2017-03-21 16:27 - 000385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2017-07-25 13:06 - 2017-03-21 16:27 - 000469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2017-07-25 13:06 - 2017-03-21 16:27 - 000571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2017-11-14 14:17 - 2017-11-14 14:17 - 000119040 _____ () C:\Program Files (x86)\Tobii\Service\iframeclientDll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\r-and\OneDrive\Documents\The Witcher 3:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\r-and\OneDrive\Documents\Witcher 2:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{64BB51C8-8447-4D4F-810A-7899C111CFD7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation)
FirewallRules: [{4F88F920-780F-4F38-A74E-42217FE04AC0}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{51CC4E73-BDCF-4E29-B1E2-897F2A825D1C}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{ADE5F6A8-3C69-480B-9C47-972F6B784C77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{0068F1E5-668E-4E1C-9FDB-E94E07083304}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{FC6BA09F-FEE4-49BA-939C-4D46D518C54B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation)
FirewallRules: [{0E4F77AF-1BD0-4873-8140-CC3AC7792EA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{1618046F-026F-41C0-AEC3-C78DC3F7ED08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{8E5A37C8-6406-44B3-A4B2-3DB1B224FB8E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{3B6E68C4-F471-4F1A-B436-F314E9762AA2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{E4278474-1545-4B03-982F-61DDDE6973D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [TCP Query User{8FBC004A-B2A4-440E-A5C4-79C677678029}C:\games\rise of the tomb raider\rottr.exe] => (Allow) C:\games\rise of the tomb raider\rottr.exe (Eidos Inc.)
FirewallRules: [UDP Query User{80550646-2E12-4975-B907-128BA7E80743}C:\games\rise of the tomb raider\rottr.exe] => (Allow) C:\games\rise of the tomb raider\rottr.exe (Eidos Inc.)
FirewallRules: [TCP Query User{1C579589-F5CD-42A4-A09D-C0AAE0D7A1BA}C:\games\rise of the tomb raider\rottr.exe] => (Block) C:\games\rise of the tomb raider\rottr.exe (Eidos Inc.)
FirewallRules: [UDP Query User{C929C27C-935E-4720-9787-61358ED2D302}C:\games\rise of the tomb raider\rottr.exe] => (Block) C:\games\rise of the tomb raider\rottr.exe (Eidos Inc.)
FirewallRules: [{7BBF6E38-0557-47BD-8CEA-4C923D6A2C61}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{FABB93E7-28D5-4BBC-9E7E-8F31AA78B140}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{D2813F6B-8F7E-4B24-8477-AB0785B0B77A}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{26A3B204-7850-436F-973F-B0FC661F265A}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{1FBCB41F-C241-4E5C-8EFD-8B542E7817DE}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{DEC02B10-0A15-4694-AB5F-0A14BB20E2C8}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

==================== Restore Points =========================

29-12-2018 18:38:03 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2019 11:18:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorIcon.exe, version: 15.2.2.1030, time stamp: 0x5809e507
Faulting module name: KERNELBASE.dll, version: 10.0.17134.441, time stamp: 0x3da51fd0
Exception code: 0xe0434352
Fault offset: 0x00111812
Faulting process id: 0x2560
Faulting application start time: 0x01d4a2ae5babae8e
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 152ba521-be1c-4142-aa83-2d47923bf911
Faulting package full name: 
Faulting package-relative application ID:

Error: (01/02/2019 11:18:06 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorIcon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
   at System.IO.Path.LegacyNormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.NormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.GetFullPathInternal(System.String)
   at System.IO.Path.GetFullPath(System.String)
   at System.IO.FileSystemWatcher.StartRaisingEvents()
   at System.IO.FileSystemWatcher.set_EnableRaisingEvents(Boolean)
   at IAStorIcon.StorageIcon.FileWatcher()
   at IAStorIcon.StorageIcon.ConstructIconUI()
   at IAStorIcon.StorageIcon..ctor()
   at IAStorIcon.Program.Main()

Error: (01/02/2019 10:32:34 AM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Object reference not set to an instance of an object.

Error: (01/02/2019 10:32:32 AM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Object reference not set to an instance of an object.

Error: (01/02/2019 10:32:31 AM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Object reference not set to an instance of an object.

Error: (01/02/2019 10:02:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x2ff0
Faulting application start time: 0x01d4a2a3c6d7fc2a
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 117d539c-7403-48bb-8644-754ccf725538
Faulting package full name: DellInc.DellSupportAssistforPCs_3.1.15.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App

Error: (01/02/2019 10:00:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorIcon.exe, version: 15.2.2.1030, time stamp: 0x5809e507
Faulting module name: KERNELBASE.dll, version: 10.0.17134.441, time stamp: 0x3da51fd0
Exception code: 0xe0434352
Fault offset: 0x00111812
Faulting process id: 0x2c5c
Faulting application start time: 0x01d4a2a3798daa31
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 517916f8-0854-4198-8983-ef34832dca59
Faulting package full name: 
Faulting package-relative application ID:

Error: (01/02/2019 10:00:12 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorIcon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
   at System.IO.Path.LegacyNormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.NormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.GetFullPathInternal(System.String)
   at System.IO.Path.GetFullPath(System.String)
   at System.IO.FileSystemWatcher.StartRaisingEvents()
   at System.IO.FileSystemWatcher.set_EnableRaisingEvents(Boolean)
   at IAStorIcon.StorageIcon.FileWatcher()
   at IAStorIcon.StorageIcon.ConstructIconUI()
   at IAStorIcon.StorageIcon..ctor()
   at IAStorIcon.Program.Main()


System errors:
=============
Error: (01/02/2019 11:23:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-RBJOVTB)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-RBJOVTB\r-and SID (S-1-5-21-4280517246-3670959479-336237639-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:22:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:22:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:17:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:17:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:16:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:16:39 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/02/2019 11:16:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-12-14 17:39:24.502
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DAE5216C-E10A-4D98-883E-07741295A4EB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-13 17:43:52.584
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {9AFF06B7-2C21-45E2-91D2-22DC61CD84D8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-12 14:03:28.587
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {CABD070A-7E2B-49A8-8B68-75BE01528E89}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-05 07:26:32.758
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {ED2FBE51-370B-401D-A82D-4916347AE239}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-11-26 12:07:05.670
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E290DBD7-0EF0-4ED4-A542-270CAF6C8439}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-12-08 09:30:02.692
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.283.83.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help. 

Date: 2018-12-01 00:15:32.494
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.1155.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80070643
Error description: Fatal error during installation. 

CodeIntegrity:
===================================

Date: 2019-01-01 19:00:15.674
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.

Date: 2018-12-11 05:12:53.122
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.

Date: 2018-12-07 23:58:32.649
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.

Date: 2018-12-07 23:58:28.371
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 07:40:24.411
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 07:40:24.403
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.

Date: 2018-11-28 07:40:23.213
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-28 07:40:23.209
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7820HK CPU @ 2.90GHz
Percentage of memory in use: 51%
Total physical RAM: 8061.27 MB
Available physical RAM: 3939.14 MB
Total Virtual: 19837.27 MB
Available Virtual: 12760.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:929.61 GB) (Free:803.76 GB) NTFS

\\?\Volume{fa163f4e-df9b-47b4-b435-179dbb698b05}\ () (Fixed) (Total:0.83 GB) (Free:0.35 GB) NTFS
\\?\Volume{11ac65ed-fb1c-4797-8267-0388e7d41ac1}\ (WINRETOOLS) (Fixed) (Total:0.44 GB) (Free:0.09 GB) NTFS
\\?\Volume{f6b2369a-4c27-4609-87ee-9d880748439f}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: ACC09D3F)

Partition: GPT.

==================== End of Addition.txt ============================

#11

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
FF Extension: (IDM CC) - C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5 [2018-08-24] [Legacy] [not signed]
CHR Extension: (Chrome Media Router) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {18D46407-E803-4586-8EDD-241C260675CC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {38733F49-786E-4354-B8EE-7BACEEB027E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-24] (Google Inc.)
Task: {3B57DA97-E197-482C-830A-17831ECF0BF7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd)
Task: {3CDABBCF-8C61-47E9-87E1-D1DC91910897} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {7539127C-3193-4B4E-A164-1C20C5A24275} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2017-04-18] (PC-Doctor, Inc.)
AlternateDataStreams: C:\Users\r-and\OneDrive\Documents\The Witcher 3:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\r-and\OneDrive\Documents\Witcher 2:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo


#12

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by r-and (03-01-2019 11:00:37) Run:1
Running from C:\Users\r-and\OneDrive\Escritorio
Loaded Profiles: r-and (Available Profiles: r-and)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
FF Extension: (IDM CC) - C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5 [2018-08-24] [Legacy] [not signed]
CHR Extension: (Chrome Media Router) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {18D46407-E803-4586-8EDD-241C260675CC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {38733F49-786E-4354-B8EE-7BACEEB027E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-24] (Google Inc.)
Task: {3B57DA97-E197-482C-830A-17831ECF0BF7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd)
Task: {3CDABBCF-8C61-47E9-87E1-D1DC91910897} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {7539127C-3193-4B4E-A164-1C20C5A24275} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2017-04-18] (PC-Doctor, Inc.)
AlternateDataStreams: C:\Users\r-and\OneDrive\Documents\The Witcher 3:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]
AlternateDataStreams: C:\Users\r-and\OneDrive\Documents\Witcher 2:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata [194]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5 => moved successfully
CHR Extension: (Chrome Media Router) - C:\Users\r-and\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-07] => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18D46407-E803-4586-8EDD-241C260675CC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18D46407-E803-4586-8EDD-241C260675CC}" => removed successfully
C:\WINDOWS\System32\Tasks\PCDEventLauncherTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncherTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38733F49-786E-4354-B8EE-7BACEEB027E0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38733F49-786E-4354-B8EE-7BACEEB027E0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3B57DA97-E197-482C-830A-17831ECF0BF7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B57DA97-E197-482C-830A-17831ECF0BF7}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleaner Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CDABBCF-8C61-47E9-87E1-D1DC91910897}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CDABBCF-8C61-47E9-87E1-D1DC91910897}" => removed successfully
C:\WINDOWS\System32\Tasks\CCleanerSkipUAC => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65B85F6F-35B3-4459-A179-28255D5B7B25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65B85F6F-35B3-4459-A179-28255D5B7B25}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7539127C-3193-4B4E-A164-1C20C5A24275}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7539127C-3193-4B4E-A164-1C20C5A24275}" => removed successfully
C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask" => removed successfully
C:\Users\r-and\OneDrive\Documents\The Witcher 3 => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Users\r-and\OneDrive\Documents\Witcher 2 => ":${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.Metadata" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4280517246-3670959479-336237639-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4280517246-3670959479-336237639-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Ethernet while it has its media disconnected.
No operation can be performed on Local Area Connection* 1 while it has its media disconnected.
No operation can be performed on Local Area Connection* 11 while it has its media disconnected.
No operation can be performed on Bluetooth Network Connection while it has its media disconnected.

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Wireless LAN adapter Local Area Connection* 1:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Wireless LAN adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::192f:e38c:343d:1e50%5
   IPv4 Address. . . . . . . . . . . : 10.0.0.8
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::1%5
                                       10.0.0.1

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {46D8C60A-9FC2-4DB2-8138-6818459B2B95}.
Unable to cancel {9768E508-0536-49FF-84C1-0878A2D147ED}.
Unable to cancel {D2170F6F-602D-4F05-9B8F-FE7CF5984BDB}.
Unable to cancel {C2A715C3-B0F9-4D11-8747-B52CB0751409}.
0 out of 4 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


========= netsh int ipv4 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8413184 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 149738914 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 632460531 B
Edge => 16384 B
Chrome => 8162830 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 11374194 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
r-and => 6293213 B

RecycleBin => 0 B
EmptyTemp: => 778.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:03:00 ====

Buenas daniela, gracias por tu ayuda y tu tiempo. lo unico que sobresale de todo esto es que google chrome abre una ventana diferente ( esto es que por ejemplo en la barra de programas, cuando le doy clic en chrome este en vez de abrirse ahi mismo donde ya he clicqueado se abre en una segunda ventana mientras ) como si el virus abriese su propia version de google chrome y quiza por esto en algunas ocasiones me dice que no se puede hacer tal o cual cosa porque la version de google chrome es obsoleta… lo que hice fue desinstalarlo y volverlo a instalar y no hay caso, una vez lo cierro vuele a la version “del virus”


#13

Hola

Desinstala Chrome con RevoUninstall, utiliza el modo avanzado.

Después de reiniciar, saca de nuevo los reportes con FRST.

No vuelvas a instalar Chrome hasta que no te lo indique.

Un saludo


#14

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
Ran by r-and (administrator) on DESKTOP-RBJOVTB (03-01-2019 18:49:02)
Running from C:\Users\r-and\OneDrive\Escritorio
Loaded Profiles: r-and (Available Profiles: r-and)
Platform: Windows 10 Home Version 1803 17134.472 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Alienware) C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
() C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Service\Tobii.Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Tobii EyeX\Tobii.EyeX.Engine.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Tobii EyeX Interaction\Tobii.EyeX.Tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe
(Tobii AB) C:\Program Files (x86)\Tobii\Tobii EyeX Interaction\Tobii.EyeX.Interaction.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(A-Volute) C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Alienware Corp.) C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Tobii\Service\Tobii Lite Core.exe
(Microsoft Corporation) C:\Windows\System32\SensorDataService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
() C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe
() C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe
() C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\pcdrwi.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\SystemIdleCheck.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9218568 2017-05-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493000 2017-05-05] (Realtek Semiconductor)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13856 2017-03-21] (Alienware)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AWSoundCenterUILauncher] => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe [1217208 2016-12-15] (A-Volute)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [3747256 2016-12-02] (Alienware Corp.)
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3948600 2018-08-24] (Tonec Inc.)
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\Run: [uTorrent] => C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe [2003384 2019-01-03] (BitTorrent Inc.)
HKLM\Software\...\AppCompatFlags\Custom\setuphost.exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> a3a25ec11052d401
HKLM\Software\...\AppCompatFlags\Custom\setupprep.exe: [{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb] -> a3a25ec11052d401
HKLM\Software\...\AppCompatFlags\InstalledSDB\{5534e02f-0f5d-40dd-ba92-bea38d22384d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb [2018-06-27]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Control Center.lnk [2017-07-25]
ShortcutTarget: Killer Control Center.lnk -> C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{2245edba-a6e8-4a38-8805-1f556a17384e}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alienwarearena.com/welcome-us
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-4280517246-3670959479-336237639-1001 -> DefaultScope {C363D2D8-3C23-4C9C-A896-C5929243EA71} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-13] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-06-19] (Internet Download Manager, Tonec Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)

FireFox:
========
FF HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\r-and\AppData\Roaming\IDM\idmmzcc5 [2019-01-03] [Legacy] [not signed]
FF HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2016-12-08] (Nitro PDF)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2018-06-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [424288 2018-05-22] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation)
S2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\DSAPI.exe [935744 2018-08-31] (PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] ()
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation)
R2 GraphicsAmplifierWindowsService; C:\Program Files\Alienware\Graphics Amplifier\GraphicsAmplifierWindowsService.exe [14392 2016-11-15] (Alienware)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2593848 2018-02-13] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel Corporation)
R2 Killer Network Service; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2067168 2017-02-21] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2016-12-08] (Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2016-12-08] ()
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2431664 2018-12-23] (Overwolf LTD)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [227728 2018-02-28] (Qualcomm Technologies Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333328 2017-05-05] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [45016 2018-07-08] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2015968 2016-08-15] (Intel Corporation)
R2 Tobii Service; C:\Program Files (x86)\Tobii\Service\Tobii.Service.exe [202304 2018-02-23] (Tobii AB)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-11] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-11] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [72024 2018-05-22] (Qualcomm)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2018-02-10] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-02-10] (Dell Computer Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation)
R0 EMSC; C:\WINDOWS\System32\drivers\EMSC.SYS [35216 2016-08-18] ()
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-21] (Intel Corporation)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2014-12-02] (Intel Mobile Communications)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [942128 2018-02-13] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [72248 2018-02-13] (Intel Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-11] (Qualcomm Atheros, Inc.)
R3 kiox_ff_driver; C:\WINDOWS\system32\DRIVERS\kiox_ff_driver.sys [50312 2016-09-21] (Kionix, Inc.)
R0 kxdiskprot; C:\WINDOWS\System32\DRIVERS\kxdiskprot.sys [38544 2016-06-13] (Kionix, Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-03] (Malwarebytes)
S3 nhi; C:\WINDOWS\System32\drivers\tbt81x.sys [129608 2016-08-24] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_e565bb9db9e93f47\nvlddmkm.sys [17147136 2018-04-13] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31800 2017-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
S3 PtpFilterDriver; C:\WINDOWS\System32\drivers\PtpFilterDriver.sys [51840 2016-12-27] ()
R2 RfeCoSvc; C:\WINDOWS\system32\DRIVERS\RfeCo10X64.sys [99680 2017-02-21] (Rivet Networks, LLC.)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-21] (Realtek Semiconductor Corp.)
S3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2014-12-02] (MobileTop)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [52792 2017-12-19] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated)
S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2014-12-02] (MCCI Corporation)
S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2014-12-02] (MCCI Corporation)
S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2014-12-02] (MCCI)
S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2014-12-02] (MCCI Corporation)
S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2014-12-02] (MCCI Corporation)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [48920 2014-12-02] (QUALCOMM Incorporated)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2014-12-02] (MCCI Corporation)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26392 2014-12-02] (DEVGURU Co., LTD.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-11] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-11] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-11] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-03 18:46 - 2019-01-03 18:46 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-03 14:08 - 2019-01-03 17:27 - 000000000 ____D C:\Users\r-and\Downloads\Shadow of the Tomb Raider Croft Edition v1.0.237.6 ElAmigos
2019-01-03 13:57 - 2019-01-03 18:45 - 000000000 ____D C:\Users\r-and\AppData\Roaming\uTorrent
2019-01-03 13:57 - 2019-01-03 14:07 - 000000878 _____ C:\Users\r-and\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-01-03 13:24 - 2019-01-03 13:24 - 000002014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2019-01-03 13:24 - 2019-01-03 13:24 - 000000000 ____D C:\Program Files\Nitro
2019-01-03 13:24 - 2019-01-03 13:24 - 000000000 ____D C:\Program Files\Common Files\Nitro
2019-01-03 13:24 - 2019-01-03 13:24 - 000000000 ____D C:\Program Files (x86)\Nitro
2019-01-03 13:24 - 2016-12-08 12:29 - 000031944 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalmon11.dll
2019-01-03 13:24 - 2016-12-08 12:29 - 000020168 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalui11.dll
2019-01-03 13:23 - 2019-01-03 13:23 - 000000000 ____D C:\Users\r-and\AppData\Roaming\Downloaded Installations
2019-01-03 12:45 - 2017-10-21 17:35 - 000750280 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\NxPrinterMonitor.dll
2019-01-03 12:29 - 2019-01-03 12:29 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-01-03 11:48 - 2019-01-03 11:48 - 000000000 ____D C:\ProgramData\VS Revo Group
2019-01-03 11:48 - 2019-01-03 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-01-03 11:48 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2019-01-03 11:36 - 2019-01-03 11:36 - 001136176 _____ (Google Inc.) C:\Users\r-and\Downloads\ChromeSetup.exe
2019-01-03 11:35 - 2019-01-03 11:35 - 000014002 _____ C:\Users\r-and\OneDrive\Documents\cc_20190103_113502.reg
2019-01-03 11:21 - 2019-01-03 11:21 - 000002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-03 10:55 - 2019-01-03 10:55 - 000000247 _____ C:\DelFix.txt
2019-01-03 10:55 - 2019-01-03 10:55 - 000000000 ____D C:\WINDOWS\ERUNT
2019-01-02 14:41 - 2019-01-03 18:49 - 000000000 ____D C:\FRST
2019-01-02 10:03 - 2019-01-02 10:03 - 000002538 _____ C:\Users\r-and\OneDrive\Documents\cc_20190102_100308.reg
2019-01-02 09:55 - 2019-01-02 09:56 - 000000000 ____D C:\AdwCleaner
2019-01-02 09:27 - 2019-01-02 09:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-02 09:27 - 2019-01-02 09:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-02 09:27 - 2019-01-02 09:27 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-02 09:27 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-02 00:43 - 2019-01-02 00:43 - 000001554 _____ C:\Users\r-and\OneDrive\Documents\cc_20190102_004308.reg
2019-01-01 23:29 - 2019-01-01 23:29 - 000000862 _____ C:\Users\r-and\OneDrive\Documents\cc_20190101_232936.reg
2018-12-28 14:02 - 2019-01-03 14:07 - 000000000 ____D C:\Users\r-and\AppData\LocalLow\uTorrent
2018-12-23 17:48 - 2018-12-23 17:48 - 000000000 ____D C:\Users\r-and\OneDrive\Documents\Rise of the Tomb Raider
2018-12-23 17:48 - 2018-12-23 17:48 - 000000000 ____D C:\Users\r-and\AppData\Roaming\Crystal Dynamics
2018-12-23 16:11 - 2018-12-23 16:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rise of the Tomb Raider
2018-12-22 18:58 - 2018-12-22 18:58 - 000001308 _____ C:\Users\r-and\OneDrive\Documents\cc_20181222_185856.reg
2018-12-20 14:44 - 2018-12-14 08:24 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-12-20 14:44 - 2018-12-14 03:29 - 006567472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-20 14:44 - 2018-12-14 03:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-20 14:44 - 2018-12-14 03:23 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-12-20 14:44 - 2018-12-14 03:23 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-12-20 14:44 - 2018-12-14 03:22 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-20 14:44 - 2018-12-14 03:22 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-12-20 14:44 - 2018-12-14 03:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-20 14:44 - 2018-12-14 03:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-20 14:44 - 2018-12-14 03:13 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-12-20 14:44 - 2018-12-14 03:12 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-12-20 14:44 - 2018-12-14 03:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 14:44 - 2018-12-14 02:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-20 14:44 - 2018-12-14 02:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-12-20 14:44 - 2018-12-14 02:53 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-12-20 14:44 - 2018-12-14 02:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-20 14:44 - 2018-12-14 02:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-12-20 14:44 - 2018-12-14 02:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 14:43 - 2018-12-14 03:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-12-20 14:43 - 2018-12-14 03:23 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-20 14:43 - 2018-12-14 03:23 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-12-20 14:43 - 2018-12-14 03:23 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-12-20 14:43 - 2018-12-14 03:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-20 14:43 - 2018-12-14 03:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-12-20 14:43 - 2018-12-14 03:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-20 14:43 - 2018-12-14 03:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-12-20 14:43 - 2018-12-14 02:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-12-20 14:43 - 2018-12-14 02:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-12-20 14:43 - 2018-12-14 02:54 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-12-20 14:43 - 2018-12-14 02:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-20 14:43 - 2018-12-14 01:34 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-12-19 15:31 - 2018-12-19 15:31 - 000001160 _____ C:\Users\r-and\OneDrive\Documents\cc_20181219_153108.reg
2018-12-18 11:23 - 2018-12-18 11:23 - 000000576 _____ C:\Users\r-and\OneDrive\Documents\cc_20181218_112318.reg
2018-12-15 20:13 - 2018-12-15 20:13 - 000002348 _____ C:\Users\r-and\OneDrive\Documents\cc_20181215_201156.reg
2018-12-14 03:36 - 2018-12-14 03:36 - 000002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-12-14 03:36 - 2018-12-14 03:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2018-12-12 13:19 - 2018-12-08 08:42 - 004527800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 13:19 - 2018-12-08 08:42 - 001616824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 13:19 - 2018-12-08 08:25 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 13:19 - 2018-12-08 04:07 - 005625352 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-12-12 13:19 - 2018-12-08 04:05 - 007436216 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 13:19 - 2018-12-08 03:49 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-12 13:19 - 2018-12-08 03:45 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 13:19 - 2018-12-08 03:42 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 13:19 - 2018-12-08 03:40 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 13:19 - 2018-12-08 03:38 - 022016000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-12 13:19 - 2018-12-08 03:33 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 13:19 - 2018-11-09 02:15 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 13:19 - 2018-11-08 22:56 - 001213472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-12 13:19 - 2018-11-08 22:16 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 13:19 - 2018-11-08 21:26 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 13:18 - 2018-12-08 08:47 - 001048712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 13:18 - 2018-12-08 08:47 - 000645320 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-12-12 13:18 - 2018-12-08 08:46 - 000549760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2018-12-12 13:18 - 2018-12-08 08:42 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 13:18 - 2018-12-08 08:41 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-12 13:18 - 2018-12-08 08:41 - 000481880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-12-12 13:18 - 2018-12-08 08:40 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 13:18 - 2018-12-08 08:39 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2018-12-12 13:18 - 2018-12-08 08:29 - 013572608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 13:18 - 2018-12-08 08:29 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-12-12 13:18 - 2018-12-08 08:28 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 13:18 - 2018-12-08 08:28 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 13:18 - 2018-12-08 08:28 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 13:18 - 2018-12-08 08:27 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 13:18 - 2018-12-08 08:27 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 13:18 - 2018-12-08 08:27 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 13:18 - 2018-12-08 08:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 13:18 - 2018-12-08 08:25 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 13:18 - 2018-12-08 08:23 - 002892288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 13:18 - 2018-12-08 08:23 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 001661440 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 13:18 - 2018-12-08 08:23 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-12-12 13:18 - 2018-12-08 08:22 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 13:18 - 2018-12-08 08:22 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 13:18 - 2018-12-08 08:22 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 13:18 - 2018-12-08 04:12 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 13:18 - 2018-12-08 04:12 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 13:18 - 2018-12-08 04:12 - 000092688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 13:18 - 2018-12-08 04:07 - 001328632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 13:18 - 2018-12-08 04:07 - 001063416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-12 13:18 - 2018-12-08 04:06 - 001017168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 13:18 - 2018-12-08 04:06 - 000777512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 13:18 - 2018-12-08 04:06 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-12-12 13:18 - 2018-12-08 04:06 - 000491416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 13:18 - 2018-12-08 04:06 - 000433168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 13:18 - 2018-12-08 04:06 - 000249088 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 002822656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 002463384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 001935008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 001018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000793592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000706040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-12 13:18 - 2018-12-08 04:05 - 000421176 _____ (Microsoft Corporation) C:\WINDOWS\system32\xbgmengine.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 000413920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-12-12 13:18 - 2018-12-08 04:05 - 000130312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 13:18 - 2018-12-08 04:05 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 002590296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-12-12 13:18 - 2018-12-08 04:04 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 001943328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 001188512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 001150312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 13:18 - 2018-12-08 04:04 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000416024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000413176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000268280 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000158624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 13:18 - 2018-12-08 04:04 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000058168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 13:18 - 2018-12-08 04:04 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-12 13:18 - 2018-12-08 03:47 - 000861744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 13:18 - 2018-12-08 03:47 - 000785760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 001397104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 000457056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-12-12 13:18 - 2018-12-08 03:46 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 004789952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 002307240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-12-12 13:18 - 2018-12-08 03:45 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 001620472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 001379816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-12-12 13:18 - 2018-12-08 03:45 - 000129296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-12-12 13:18 - 2018-12-08 03:42 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-12-12 13:18 - 2018-12-08 03:41 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-12-12 13:18 - 2018-12-08 03:40 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-12 13:18 - 2018-12-08 03:39 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2018-12-12 13:18 - 2018-12-08 03:38 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-12-12 13:18 - 2018-12-08 03:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 13:18 - 2018-12-08 03:38 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-12 13:18 - 2018-12-08 03:37 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-12-12 13:18 - 2018-12-08 03:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 13:18 - 2018-12-08 03:36 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 13:18 - 2018-12-08 03:36 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2018-12-12 13:18 - 2018-12-08 03:36 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 13:18 - 2018-12-08 03:35 - 002126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

#15

2018-12-12 13:18 - 2018-12-08 03:35 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-12-12 13:18 - 2018-12-08 03:35 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-12 13:18 - 2018-12-08 03:35 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-12 13:18 - 2018-12-08 03:34 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 001457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 13:18 - 2018-12-08 03:33 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2018-12-12 13:18 - 2018-12-08 03:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-12 13:18 - 2018-12-08 03:32 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 13:18 - 2018-12-08 03:32 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 13:18 - 2018-12-08 03:30 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-12-12 13:18 - 2018-12-08 03:30 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 13:18 - 2018-12-08 03:30 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-12-12 13:18 - 2018-12-08 03:29 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-12-12 13:18 - 2018-12-08 03:29 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 13:18 - 2018-12-08 03:29 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 13:18 - 2018-12-08 03:29 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 13:18 - 2018-12-08 03:28 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2018-12-12 13:18 - 2018-12-08 03:27 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 13:18 - 2018-12-08 03:26 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-12-12 13:18 - 2018-12-08 03:26 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 13:18 - 2018-12-08 03:25 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2018-12-12 13:18 - 2018-12-08 03:25 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 13:18 - 2018-12-08 03:24 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 13:18 - 2018-11-09 02:00 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-12 13:18 - 2018-11-09 01:59 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-12-12 13:18 - 2018-11-09 01:58 - 000244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-12-12 13:18 - 2018-11-09 01:57 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-12 13:18 - 2018-11-09 01:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-12-12 13:18 - 2018-11-09 01:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-12 13:18 - 2018-11-09 01:56 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-12-12 13:18 - 2018-11-09 01:56 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-12-12 13:18 - 2018-11-09 01:55 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 13:18 - 2018-11-09 01:55 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-12 13:18 - 2018-11-09 01:54 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2018-12-12 13:18 - 2018-11-09 01:32 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 13:18 - 2018-11-09 01:22 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-12 13:18 - 2018-11-09 01:20 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-12-12 13:18 - 2018-11-09 01:20 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-12 13:18 - 2018-11-09 01:19 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-12-12 13:18 - 2018-11-09 01:18 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-12-12 13:18 - 2018-11-09 01:18 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-12-12 13:18 - 2018-11-09 01:17 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-12 13:18 - 2018-11-08 22:49 - 000723416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-12 13:18 - 2018-11-08 22:49 - 000565048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-12-12 13:18 - 2018-11-08 22:49 - 000368656 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 003179760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 002719736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 13:18 - 2018-11-08 22:48 - 001613288 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 000899920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 000766704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-12-12 13:18 - 2018-11-08 22:48 - 000745472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-12-12 13:18 - 2018-11-08 22:48 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 13:18 - 2018-11-08 22:47 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-12 13:18 - 2018-11-08 22:47 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-12 13:18 - 2018-11-08 22:47 - 002062392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-12-12 13:18 - 2018-11-08 22:47 - 001285432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 13:18 - 2018-11-08 22:47 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-12-12 13:18 - 2018-11-08 22:47 - 000537912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-12-12 13:18 - 2018-11-08 22:22 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-12-12 13:18 - 2018-11-08 22:22 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 13:18 - 2018-11-08 22:21 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-12-12 13:18 - 2018-11-08 22:21 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 13:18 - 2018-11-08 22:20 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-12-12 13:18 - 2018-11-08 22:20 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-12-12 13:18 - 2018-11-08 22:20 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2DP.sys
2018-12-12 13:18 - 2018-11-08 22:20 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2018-12-12 13:18 - 2018-11-08 22:20 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2018-12-12 13:18 - 2018-11-08 22:19 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-12 13:18 - 2018-11-08 22:19 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-12 13:18 - 2018-11-08 22:19 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 000573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-12-12 13:18 - 2018-11-08 22:18 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-12-12 13:18 - 2018-11-08 22:17 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 13:18 - 2018-11-08 22:17 - 001069568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-12-12 13:18 - 2018-11-08 22:16 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-12 13:18 - 2018-11-08 22:16 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-12-12 13:18 - 2018-11-08 22:16 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-12-12 13:18 - 2018-11-08 22:16 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-12-12 13:18 - 2018-11-08 22:15 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-12 13:18 - 2018-11-08 22:07 - 002417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-12-12 13:18 - 2018-11-08 22:07 - 001299704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 13:18 - 2018-11-08 21:48 - 000550728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-12 13:18 - 2018-11-08 21:47 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 002253184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 002161008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-12-12 13:18 - 2018-11-08 21:46 - 000721024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-12-12 13:18 - 2018-11-08 21:46 - 000573504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-12-12 13:18 - 2018-11-08 21:31 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 13:18 - 2018-11-08 21:31 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 13:18 - 2018-11-08 21:30 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-12-12 13:18 - 2018-11-08 21:30 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-12-12 13:18 - 2018-11-08 21:29 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-12 13:18 - 2018-11-08 21:28 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 13:18 - 2018-11-08 21:27 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2018-12-12 13:18 - 2018-11-08 21:26 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-12-12 13:18 - 2018-11-08 21:26 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-12-12 13:18 - 2018-11-08 21:26 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-12-12 13:18 - 2018-11-08 21:25 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-12-12 13:18 - 2018-11-08 21:25 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-12-11 21:28 - 2018-12-11 21:28 - 000000494 _____ C:\Users\r-and\OneDrive\Documents\cc_20181211_212843.reg
2018-12-08 13:40 - 2018-12-08 13:40 - 000000494 _____ C:\Users\r-and\OneDrive\Documents\cc_20181208_134011.reg
2018-12-07 23:52 - 2018-12-07 23:52 - 000000500 _____ C:\Users\r-and\OneDrive\Documents\cc_20181207_235159.reg
2018-12-05 05:38 - 2018-12-05 05:38 - 000000164 _____ C:\Users\r-and\OneDrive\Documents\cc_20181205_053810.reg
2018-12-04 19:41 - 2018-12-04 19:41 - 000001586 _____ C:\Users\r-and\OneDrive\Documents\cc_20181204_194102.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-03 18:49 - 2018-09-05 00:53 - 000000000 ____D C:\Users\r-and\AppData\Roaming\Nitro
2019-01-03 18:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-01-03 18:48 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\Registration
2019-01-03 18:47 - 2018-08-24 08:59 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-03 18:47 - 2018-04-11 19:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-03 18:46 - 2018-09-25 19:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-03 18:46 - 2018-08-24 09:11 - 000000000 __SHD C:\Users\r-and\IntelGraphicsProfiles
2019-01-03 18:45 - 2018-08-24 12:36 - 000000000 ____D C:\Users\r-and\AppData\Roaming\DMCache
2019-01-03 18:45 - 2018-04-11 17:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-03 18:36 - 2018-08-24 11:03 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-03 18:33 - 2018-09-25 18:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-03 12:24 - 2018-04-11 19:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-03 11:51 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-03 11:48 - 2018-08-26 20:54 - 000000000 ____D C:\Program Files\VS Revo Group
2019-01-03 11:21 - 2018-08-24 12:37 - 000000000 ____D C:\Users\r-and\AppData\Roaming\IDM
2019-01-03 11:02 - 2018-08-25 14:50 - 000000000 ____D C:\Users\r-and\AppData\LocalLow\Temp
2019-01-02 21:10 - 2017-07-25 13:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2019-01-02 00:40 - 2018-11-05 13:31 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-02 00:40 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-01 21:58 - 2018-09-25 19:02 - 000000000 ____D C:\Users\r-and
2019-01-01 19:05 - 2018-11-24 13:46 - 000000000 ____D C:\Games
2019-01-01 13:42 - 2018-10-10 20:29 - 000000000 ____D C:\Users\r-and\AppData\Roaming\vlc
2018-12-21 09:45 - 2017-07-25 12:39 - 000000000 ____D C:\ProgramData\PCDr
2018-12-21 09:38 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-21 09:37 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-20 14:52 - 2018-04-11 19:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-20 10:25 - 2018-09-25 19:17 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4280517246-3670959479-336237639-1001
2018-12-20 10:25 - 2018-09-25 19:02 - 000002365 _____ C:\Users\r-and\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-20 10:25 - 2018-08-24 09:14 - 000000000 ___RD C:\Users\r-and\OneDrive
2018-12-19 11:39 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-19 09:22 - 2018-04-11 19:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-14 03:39 - 2018-09-25 19:15 - 000841392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-14 03:35 - 2017-07-25 13:11 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-12 21:24 - 2018-08-24 09:11 - 000000000 ___RD C:\Users\r-and\3D Objects
2018-12-12 21:24 - 2017-07-25 13:21 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-12 21:22 - 2018-09-25 18:55 - 000403088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-12 20:05 - 2018-04-11 19:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-12 20:05 - 2018-04-11 19:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-12 20:05 - 2018-04-11 19:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-12 13:45 - 2018-08-25 02:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-12 13:30 - 2018-08-25 02:11 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-11 11:08 - 2018-08-25 02:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-11 11:08 - 2018-08-24 20:30 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-07 16:03 - 2018-08-25 02:14 - 000000000 ____D C:\Program Files\rempl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-25 18:55

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by r-and (03-01-2019 18:51:03)
Running from C:\Users\r-and\OneDrive\Escritorio
Windows 10 Home Version 1803 17134.472 (X64) (2018-09-25 23:18:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4280517246-3670959479-336237639-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4280517246-3670959479-336237639-503 - Limited - Disabled)
Guest (S-1-5-21-4280517246-3670959479-336237639-501 - Limited - Disabled)
r-and (S-1-5-21-4280517246-3670959479-336237639-1001 - Administrator - Enabled) => C:\Users\r-and
WDAGUtilityAccount (S-1-5-21-4280517246-3670959479-336237639-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\uTorrent) (Version: 3.5.5.44954 - BitTorrent Inc.)
Alienware  Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Alienware Command Center (HKLM\...\{4A7B5997-A768-4678-9329-00F3A1F2554D}) (Version: 4.7.10.0 - Dell Inc.) Hidden
Alienware Command Center (HKLM-x32\...\InstallShield_{4A7B5997-A768-4678-9329-00F3A1F2554D}) (Version: 4.7.10.0 - Dell Inc.)
Alienware Graphics Amplifier Software Installer (HKLM\...\{B74FEE36-FB11-413A-BD9A-BF3E38891153}) (Version: 3.0.11.0 - Dell Inc.) Hidden
Alienware Graphics Amplifier Software Installer (HKLM-x32\...\InstallShield_{B74FEE36-FB11-413A-BD9A-BF3E38891153}) (Version: 3.0.11.0 - Dell Inc.)
Alienware On-Screen Display (HKLM-x32\...\{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.30 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.30 - Alienware Corp.)
Alienware Sound Center (HKLM-x32\...\{e2d19baa-995b-4b46-866b-baaf95c06224}) (Version: 1.1.5 - Alienware) Hidden
Alienware Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.83 - NVIDIA Corporation) Hidden
AudioLaunchpadConfigurator (HKLM\...\{3726345E-31B4-4A39-983E-1BCF0104DF75}) (Version: 1.1.501 - Alienware) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CheckDevicesConfigurator (HKLM\...\{FD0044F5-AF4F-460B-BF79-6689558721C9}) (Version: 1.1.501 - Alienware) Hidden
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden
EMSC (HKLM-x32\...\{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.31 - Compal Electronics, Inc.) Hidden
EMSC (HKLM-x32\...\InstallShield_{FEF06E73-A519-4510-8CF3-B66041B91D8A}) (Version: 0.0.0.31 - Compal Electronics, Inc.) Hidden
Free Fall Data Protection (HKLM\...\{5141F653-8707-4B96-9349-247C66319C11}) (Version: 1.1.5.2 - Kionix, Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Killer Ethernet Performance Suite (HKLM\...\{4F197F57-6B96-4342-ADA7-C7C0691A19BF}) (Version: 1.0.1028 - Rivet Networks)
Killer Wireless Drivers (HKLM\...\{6F049896-97FF-4C03-A033-8AF06D2AA53F}) (Version: 1.2.1194 - Rivet Networks)
LauncherSetup (HKLM\...\{57EB0016-CE37-4D09-8282-D83133249A0F}) (Version: 1.1.501 - Alienware) Hidden
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11029.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\OneDriveSetup.exe) (Version: 18.222.1104.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Nahimic2UISetup (HKLM\...\{D77F79ED-B98F-4DB9-8498-39C5AD2BE1FD}) (Version: 1.1.501 - Alienware) Hidden
NahimicSettingsConfigurator (HKLM\...\{F88A4367-5097-44EF-8E77-27D801B84B00}) (Version: 1.1.501 - Alienware) Hidden
Nitro Pro (HKLM\...\{9651FF7E-0DB1-4388-ADE7-017E4B9C9D47}) (Version: 11.0.3.134 - Nitro)
NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11029.20108 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.121.1.30 - Overwolf Ltd.)
ProductDaemonSetup (HKLM\...\{0638E5BA-125E-425D-BF01-8A6B0CDBB34E}) (Version: 1.1.501 - Alienware) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8098 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.0.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.0 - VS Revo Group, Ltd.)
Rise of the Tomb Raider Deluxe Edition MULTi13 - ElAmigos versión 1.0.767.2 (HKLM-x32\...\{C364857D-4D76-4067-89DA-EEF5B02CCA0E}_is1) (Version: 1.0.767.2 - Square Enix)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.70 - NVIDIA Corporation) Hidden
SonicMapperConfigurator (HKLM\...\{ED221F20-5D17-4703-8EB4-909DD736DB3E}) (Version: 1.1.501 - Alienware) Hidden
Tet Fw Files Installer (HKLM-x32\...\{B80DB4C3-49E3-4BD5-AD5B-A2EAFE97148C}) (Version: 2.27.0 - Tobii AB) Hidden
Thunderbolt(TM) Software (HKLM-x32\...\{F55C97BF-D9B2-4BB6-B16A-25A621BC50E9}) (Version: 16.2.52.250 - Intel Corporation)
Tobii Bundle Requirements (HKLM-x32\...\{0FC6EDE1-E1B6-4AC4-833B-3FBC2871A208}) (Version: 2.13.1.7294 - Tobii AB) Hidden
Tobii Eula (HKLM-x32\...\{2983042C-1698-41CC-B567-2D6CE0E928C4}) (Version: 2.13.1.7294 - Tobii AB) Hidden
Tobii Eye Tracker HID package installer (HKLM-x32\...\{2D213961-EDE8-431A-BE05-6D52DE7375C2}) (Version: 1.5.606.0 - Tobii AB) Hidden
Tobii Eye Tracking (HKLM-x32\...\{025d54d3-44bd-4b31-a50d-c4941d823026}) (Version: 2.13.1.7294 - Tobii AB)
Tobii Eye Tracking Troubleshooter Installer (HKLM-x32\...\{86B6AE69-21F3-44A6-A64B-AFD54C238985}) (Version: 1.2.0.257 - Tobii AB) Hidden
Tobii EyeX Config (HKLM-x32\...\{106FB191-F161-4325-A3C3-FFCEA14D996E}) (Version: 4.10.0.1118 - Tobii AB) Hidden
Tobii EyeX Intro (HKLM-x32\...\{B62D536C-1BDD-40ED-83EE-3F5BBF8E95F5}) (Version: 1.0.3.173 - Moonshot) Hidden
Tobii Hello3 Installer (HKLM\...\{A45971EB-CED7-426A-ACFF-584D3ED257B2}) (Version: 2.0.2.1 - Tobii AB) Hidden
Tobii Hello3 Installer (HKLM\...\{EB7EEC55-D001-4EB4-AA84-35AC2D65FD3E}) (Version: 2.0.2.0 - Tobii AB) Hidden
Tobii Interaction Engine Installer (HKLM-x32\...\{AD39ED14-0C31-49D2-8D68-9759FEC9AF38}) (Version: 1.24.0.7191 - Tobii AB) Hidden
Tobii IS3 Eye Tracker Driver (HKLM-x32\...\{432D9D4E-D79E-4451-BF37-E36174D92E29}) (Version: 2.0.4 - Tobii AB) Hidden
Tobii PTP Filter Driver (HKLM\...\{AB77784C-40BA-4ABD-B7D6-5296773E8B67}) (Version: 1.1.0.75 - Tobii AB) Hidden
Tobii Service (HKLM-x32\...\{A9D645A2-E026-4289-A799-FF4931693573}) (Version: 1.25.0.7326 - Tobii AB) Hidden
Tobii Stream Engine Service (HKLM-x32\...\{9F52864C-6711-4E1C-9A50-86B9B427054A}) (Version: 0.5.3.667 - Tobii AB) Hidden
Tobii Windows Interactions (HKLM-x32\...\{FE4C655B-308B-4D24-B729-56E7CB59EE46}) (Version: 2.13.0.5174 - Tobii AB) Hidden
Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
UIInstallUpgrade (HKLM\...\{AC37CB0E-29C5-4B76-A6EC-533D72670523}) (Version: 1.1.501 - Alienware) Hidden
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VR Fw Files (HKLM-x32\...\{3DACA8A9-7B35-4A25-A474-BE80BCB4C1F4}) (Version: 1.13.3 - Tobii AB) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Kionix, Inc. (kiox_ff_driver) Sensor I/O devices  (06/13/2016 1.1.5.1) (HKLM\...\5627B7BF339E63F3AA7A6C19623784C368E02915) (Version: 06/13/2016 1.1.5.1 - Kionix, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [			IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 11\NPShellExtension.dll [2016-12-08] (Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxDTCM.dll [2018-03-21] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-07] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02951434-529A-4A45-9B18-2E7AAD1EC563} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-13] (Microsoft Corporation)
Task: {0C0C8536-8240-45B2-B789-F4C2FDF2DE80} - System32\Tasks\AWSoundCenterUILauncherRun => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe [2016-12-15] (A-Volute)
Task: {0C34C145-C502-42C4-923C-3C4E33C8B549} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation)
Task: {27A81E36-37E3-4573-8626-DDC489E7A78D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {2C776E5E-6D01-49DE-A0FC-1E72AC4A0C4B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation)
Task: {3D90C7DC-1151-4FEC-861F-8ABCD7BE83BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {42FD3F0F-9F11-411F-B567-FE4DAAEBBFA3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {47840B82-E391-48C7-9489-F38D1DFEE67D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-13] (Microsoft Corporation)
Task: {5E0902F2-00CA-48EA-AECD-546741918848} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-10-31] (AVAST Software)
Task: {642C9ACF-8415-4EE6-B707-C62116C23FAF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {647D8D67-E84A-406A-8A21-C38D96DE8A8E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-12-07] (Microsoft Corporation)
Task: {6837A206-CC3A-40D9-B215-98FDD63EA67E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-07-08] (Dell Inc.)
Task: {6B1DA665-F36E-460E-BB5E-442499AD6485} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-12-23] (Overwolf LTD)
Task: {7BFA6458-5F8F-4597-AE2A-CB6810A3B7A0} - System32\Tasks\AWSoundCenterSvc32Run => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe [2016-12-15] ()
Task: {8104C6BC-33C7-43CB-811D-C6A128EE83BC} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {817D234B-CE93-4BBB-938F-F139F1E70C21} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {8C29C07A-733F-4C98-9FD5-14794F453FB9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {8F24E85E-045E-4004-A0D3-342BA350783C} - System32\Tasks\AWSoundCenterSvc64Run => C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe [2016-12-15] ()
Task: {B63D99EA-E1D6-4D51-8661-BF5490DF46A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-13] (Microsoft Corporation)
Task: {BCD539AF-B808-4DDA-8294-08CB48CB373F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {BD29E2E3-68F2-4335-AC6E-5CB769670107} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {C07B482D-0162-48E6-82C0-B915698D695B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-13] (Microsoft Corporation)
Task: {C4437353-4D5F-46F1-989A-FF02E0B34B72} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation)
Task: {C8226A72-12A8-4914-87D1-EB70CD6617A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {D7A54976-8400-4D55-A115-E1D7835E6113} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {D8C9B66F-3A30-4D27-B687-EA1179BF53F5} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {DB64AE31-4DE3-4EB5-A5CD-075DB4C392D1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation)
Task: {DBCCAC3E-92C3-438B-8991-8C84EA7540C5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {E1E24490-A1B6-427B-BA46-517A8A401A9B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation)
Task: {EC44EEA2-1A21-404A-9D4F-9A2E9B6EE046} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MpCmdRun.exe [2018-12-11] (Microsoft Corporation)
Task: {FCFFA52E-7BCA-414E-B1DD-10824AD908A8} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AWSoundCenterSvc32Run.job => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterSvc32.exe
Task: C:\WINDOWS\Tasks\AWSoundCenterSvc64Run.job => C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterSvc64.exe
Task: C:\WINDOWS\Tasks\AWSoundCenterUILauncherRun.job => C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterUILauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-25 08:58 - 2018-09-25 08:58 - 001308672 _____ () c:\windows\system32\FaceProcessor.dll
2018-09-25 08:58 - 2018-09-25 08:58 - 000542888 _____ () c:\windows\system32\FaceProcessorCore.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 001348664 _____ () c:\windows\system32\FaceTrackerInternal.dll
2017-07-25 13:06 - 2017-03-28 15:31 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-08 12:29 - 2016-12-08 12:29 - 000419016 _____ () c:\program files\nitro\pro 11\nitro_updateservice.exe
2016-12-08 12:29 - 2016-12-08 12:29 - 002730696 _____ () c:\program files\nitro\pro 11\Nitro_KissMetrics.dll
2019-01-02 09:27 - 2018-11-15 11:01 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 19:34 - 2018-04-11 19:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 13:18 - 2018-11-08 22:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-20 14:44 - 2018-12-14 02:50 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-23 08:56 - 2018-10-23 08:57 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-12-14 03:49 - 2018-12-14 03:49 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-09-23 23:51 - 2018-09-23 23:52 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-12-14 03:49 - 2018-12-14 03:53 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-06 19:03 - 2018-11-06 19:05 - 000070144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-11-06 19:03 - 2018-11-06 19:04 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-12-13 17:44 - 2018-12-13 17:44 - 002834944 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3241.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2018-12-13 17:44 - 2018-12-13 17:44 - 000120320 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3241.0_x64__8wekyb3d8bbwe\PeopleUtilRT.dll
2018-12-13 17:44 - 2018-12-13 17:44 - 009032704 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3241.0_x64__8wekyb3d8bbwe\Microsoft.People.NativeComponents.dll
2018-10-10 19:32 - 2018-10-10 19:33 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2017-11-14 14:17 - 2017-11-14 14:17 - 002545088 _____ () C:\Program Files (x86)\Tobii\Service\Tobii Lite Core.exe
2016-12-15 06:12 - 2016-12-15 06:12 - 002340024 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCentersvc32.exe
2016-12-15 06:15 - 2016-12-15 06:15 - 000495800 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCentersvc64.exe
2016-12-15 06:14 - 2016-12-15 06:14 - 000273592 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll
2018-08-31 01:07 - 2018-08-31 01:07 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1236\libprotobuf.dll
2018-11-12 13:46 - 2018-11-12 13:46 - 000035976 _____ () C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
2017-09-15 13:02 - 2017-09-15 13:02 - 000051680 _____ () C:\Program Files (x86)\Tobii\Service\plugins\Tobii.EyeX.Controller.Service.Library.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000051680 _____ () C:\Program Files (x86)\Tobii\Service\tecs.hid.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000191968 _____ () C:\Program Files (x86)\Tobii\Service\tecs.lite.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000430048 _____ () C:\Program Files (x86)\Tobii\Service\tecs.host.dll
2017-09-15 13:02 - 2017-09-15 13:02 - 000164832 _____ () C:\Program Files (x86)\Tobii\Service\libtobii_windll.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 000284160 _____ () C:\Program Files (x86)\Tobii\Service\platform_modules\platmod_is3.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 002675712 _____ () C:\Program Files (x86)\Tobii\Service\platform_modules\platmod_is4.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 000128000 _____ () C:\Program Files (x86)\Tobii\Service\tobii_firmware_upgrade.dll
2018-02-23 11:48 - 2018-02-23 11:48 - 000289280 _____ () C:\Program Files (x86)\Tobii\Service\platform_modules\platmod_legacy.dll
2017-07-25 13:06 - 2017-03-28 15:31 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-30 18:21 - 2017-10-30 18:21 - 001127152 _____ () C:\Program Files (x86)\Tobii\Tobii EyeX\tobii_stream_engine.DLL
2017-04-28 09:41 - 2017-04-28 09:41 - 000130800 _____ () C:\Program Files (x86)\Tobii\Tobii EyeX\tobii_firmware_upgrade.dll
2017-07-25 12:46 - 2017-07-25 12:45 - 000939008 _____ () C:\WINDOWS\SYSTEM32\EMSC.dll
2017-11-14 14:17 - 2017-11-14 14:17 - 000119040 _____ () C:\Program Files (x86)\Tobii\Service\iframeclientDll.dll
2016-12-15 06:08 - 2016-12-15 06:08 - 000250552 _____ () C:\Program Files\Alienware\AWSoundCenter\UserInterface\AWSoundCenterOSD.dll
2017-04-28 10:05 - 2017-04-28 10:05 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4280517246-3670959479-336237639-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 17:03 - 2019-01-03 11:01 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4280517246-3670959479-336237639-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1058ED58-71BF-4964-837E-0E9BD30695F6}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
FirewallRules: [{6BCCF3BD-94A9-479B-ACC1-9676DEBEBB78}] => (Allow) C:\Users\r-and\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)

==================== Restore Points =========================

29-12-2018 18:38:03 Scheduled Checkpoint
03-01-2019 12:21:57 Removed Nitro Pro
03-01-2019 12:44:37 Installed Nitro Pro
03-01-2019 13:12:20 Removed Nitro Pro
03-01-2019 13:23:48 Instalado Nitro Pro

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/03/2019 06:48:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorIcon.exe, version: 15.2.2.1030, time stamp: 0x5809e507
Faulting module name: KERNELBASE.dll, version: 10.0.17134.441, time stamp: 0x3da51fd0
Exception code: 0xe0434352
Fault offset: 0x00111812
Faulting process id: 0x2608
Faulting application start time: 0x01d4a3b66c020386
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 82771223-f431-4345-ac94-481c3559e125
Faulting package full name: 
Faulting package-relative application ID:

Error: (01/03/2019 06:48:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorIcon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
   at System.IO.Path.LegacyNormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.NormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.GetFullPathInternal(System.String)
   at System.IO.Path.GetFullPath(System.String)
   at System.IO.FileSystemWatcher.StartRaisingEvents()
   at System.IO.FileSystemWatcher.set_EnableRaisingEvents(Boolean)
   at IAStorIcon.StorageIcon.FileWatcher()
   at IAStorIcon.StorageIcon.ConstructIconUI()
   at IAStorIcon.StorageIcon..ctor()
   at IAStorIcon.Program.Main()

Error: (01/03/2019 06:35:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (01/03/2019 06:34:04 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {9a42a606-6d87-48d6-8faa-5c7c3ed06195}

Error: (01/03/2019 02:03:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x3440
Faulting application start time: 0x01d4a38ea86a1bae
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 1cacd302-0daa-4e2d-bb42-f14f211a8835
Faulting package full name: DellInc.DellSupportAssistforPCs_3.1.15.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App

Error: (01/03/2019 02:02:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorIcon.exe, version: 15.2.2.1030, time stamp: 0x5809e507
Faulting module name: KERNELBASE.dll, version: 10.0.17134.441, time stamp: 0x3da51fd0
Exception code: 0xe0434352
Fault offset: 0x00111812
Faulting process id: 0x2754
Faulting application start time: 0x01d4a38e7390619c
Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: c4fa44a8-8a8b-4e08-91c0-da6006e2886f
Faulting package full name: 
Faulting package-relative application ID:

Error: (01/03/2019 02:02:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorIcon.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
   at System.IO.Path.LegacyNormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.NormalizePath(System.String, Boolean, Int32, Boolean)
   at System.IO.Path.GetFullPathInternal(System.String)
   at System.IO.Path.GetFullPath(System.String)
   at System.IO.FileSystemWatcher.StartRaisingEvents()
   at System.IO.FileSystemWatcher.set_EnableRaisingEvents(Boolean)
   at IAStorIcon.StorageIcon.FileWatcher()
   at IAStorIcon.StorageIcon.ConstructIconUI()
   at IAStorIcon.StorageIcon..ctor()
   at IAStorIcon.Program.Main()

Error: (01/03/2019 01:11:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: twinapi.appcore.dll, version: 10.0.17134.137, time stamp: 0xb5d50228
Exception code: 0xc000027b
Fault offset: 0x000000000009cad5
Faulting process id: 0x1b14
Faulting application start time: 0x01d4a3873e9e5a73
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\twinapi.appcore.dll
Report Id: 2564be82-c4d5-4c5f-9a90-dd07bcf728ad
Faulting package full name: DellInc.DellSupportAssistforPCs_3.1.15.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App


System errors:
=============
Error: (01/03/2019 06:48:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/03/2019 06:48:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/03/2019 06:47:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

#16
Error: (01/03/2019 06:47:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/03/2019 06:47:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/03/2019 06:46:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/03/2019 06:46:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (01/03/2019 06:46:27 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: The Bluetooth driver expected an HCI event with a certain size but did not receive it.


Windows Defender:
===================================
Date: 2019-01-03 13:09:06.148
Description: 
C:\PROGRA~1\Nitro\PRO11~1\NitroPDF.exe has been blocked from modifying %userprofile%\OneDrive\Documents by Controlled Folder Access.
Detection time: 2019-01-03T17:09:06.147Z
Path: %userprofile%\OneDrive\Documents
Process Name: C:\PROGRA~1\Nitro\PRO11~1\NitroPDF.exe
Signature Version: 1.283.2149.0
Engine Version: 1.1.15500.2
Product Version: 4.18.1812.3

Date: 2019-01-03 13:08:28.845
Description: 
C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe has been blocked from modifying %userprofile%\OneDrive\Documents\Alienware Macro Keys by Controlled Folder Access.
Detection time: 2019-01-03T17:08:28.845Z
Path: %userprofile%\OneDrive\Documents\Alienware Macro Keys
Process Name: C:\Program Files\Alienware\Command Center\AlienwareTactXMacroController.exe
Signature Version: 1.283.2149.0
Engine Version: 1.1.15500.2
Product Version: 4.18.1812.3

Date: 2019-01-03 13:03:05.228
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Vagger!rfn&threatid=2147723591&enterprise=0
Name: Trojan:Win32/Vagger!rfn
ID: 2147723591
Severity: Severe
Category: Trojan
Path: file:_C:\Program Files\Nitro\Pro 11\nitropdf.enterprise.pro.x64.11.xx-Upd1.patch.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\PickerHost.exe
Signature Version: AV: 1.283.2149.0, AS: 1.283.2149.0, NIS: 1.283.2149.0
Engine Version: AM: 1.1.15500.2, NIS: 1.1.15500.2

Date: 2019-01-03 13:02:19.975
Description: 
C:\Program Files\Nitro\Pro 11\NitroPDF.exe has been blocked from modifying %userprofile%\OneDrive\Documents by Controlled Folder Access.
Detection time: 2019-01-03T17:02:19.975Z
Path: %userprofile%\OneDrive\Documents
Process Name: C:\Program Files\Nitro\Pro 11\NitroPDF.exe
Signature Version: 1.283.2149.0
Engine Version: 1.1.15500.2
Product Version: 4.18.1812.3

Date: 2019-01-03 13:00:43.992
Description: 
C:\Program Files\Nitro\Pro 11\NitroPDF.exe has been blocked from modifying %userprofile%\OneDrive\Documents by Controlled Folder Access.
Detection time: 2019-01-03T17:00:43.991Z
Path: %userprofile%\OneDrive\Documents
Process Name: C:\Program Files\Nitro\Pro 11\NitroPDF.exe
Signature Version: 1.283.2149.0
Engine Version: 1.1.15500.2
Product Version: 4.18.1812.3

Date: 2018-12-08 09:30:02.692
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.283.83.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15500.2
Error code: 0x800704cf
Error description: The network location cannot be reached. For information about network troubleshooting, see Windows Help. 

Date: 2018-12-01 00:15:32.494
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.1155.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80070643
Error description: Fatal error during installation. 

CodeIntegrity:
===================================

Date: 2019-01-03 18:38:22.537
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.

Date: 2019-01-03 18:38:22.529
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.

Date: 2019-01-03 18:38:21.746
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-03 18:38:21.741
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-03 18:38:17.282
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.

Date: 2019-01-03 18:38:17.278
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.

Date: 2019-01-03 18:38:10.193
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterDevProps.dll that did not meet the Store signing level requirements.

Date: 2019-01-03 18:38:10.185
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Alienware\AWSoundCenter\UserInterface\x64\AWSoundCenterOSD.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7820HK CPU @ 2.90GHz
Percentage of memory in use: 43%
Total physical RAM: 8061.27 MB
Available physical RAM: 4592.63 MB
Total Virtual: 19837.27 MB
Available Virtual: 14684.25 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:929.61 GB) (Free:791.91 GB) NTFS

\\?\Volume{fa163f4e-df9b-47b4-b435-179dbb698b05}\ () (Fixed) (Total:0.83 GB) (Free:0.35 GB) NTFS
\\?\Volume{11ac65ed-fb1c-4797-8267-0388e7d41ac1}\ (WINRETOOLS) (Fixed) (Total:0.44 GB) (Free:0.09 GB) NTFS
\\?\Volume{f6b2369a-4c27-4609-87ee-9d880748439f}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: ACC09D3F)

Partition: GPT.

==================== End of Addition.txt ============================

#17

buenas daniela, primero que nada muchsimas gracias por tu tiempo y dedicacion, ya he resuelto mi problema, y muchas gracias al foro por sus aportes.


#18

Hola

Volviste a instalar Chrome después de utilizar RevoUninstaller? Hiciste algo más?

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Nos comentas si sigue todo bien.

Un saludo


#19

hola.

no, lo que hice fue formatear con windows 10, dejando los archivos normales intactos.

ya todo anda correctamente.

un millon de gracias por tu tiempo daniela


#20

Hola Randy_Baez_Olivo

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :Bien: Damos el tema por solucionado.

Solucionado

Un saludo


cerrado #21