AutoIt Error Line 0 Error opening file

Tengo un problema similar al que comentaba Ogarciax, aunque el número de fichero es diferente, también es un test.au3, seguí las instrucciones que le dabáis, pero hoy vuelve a aparecer, el antibirus es Bitdefender Total Security, lo que os comento por si podéis ayudarme AdwCleaner[S00].txt (9,3 KB) Archivo de Malwarenites del 26-11-19.txt (5,9 KB)

Con Adwcleaner pulsaste en eliminar después de analizar?

Comprobar y pega estos logs

  • Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

  • Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits?

  • Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

  • En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

  • Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

Gracias Miguel Menendez por tu respuesta La verdad es que no recuerdo si le di a eliminar, no soy muy experto en esto de los foros y ya se sabe con los novatos. He seguido tus instrucciones de su correo y te envío los ficheros, espero que acierte

xxxxxxxx First,txtxxxxxxxxxxxxxxxxxx

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by Ricar (administrator) on TRANTOR6 (HP HP Notebook) (27-11-2019 16:32:30)
Running from C:\Users\Ricar\Desktop
Loaded Profiles: Ricar (Available Profiles: Ricar)
Platform: Windows 10 Home Version 1809 17763.864 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdtrackersnmh.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe
(BitTorrent Inc.) [File not signed] C:\Users\Ricar\AppData\Roaming\BitTorrent\updates\7.9.9_42974\bittorrentie.exe
(BitTorrent Inc.) [File not signed] C:\Users\Ricar\AppData\Roaming\BitTorrent\updates\7.9.9_42974\bittorrentie.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126577.inf_amd64_ae71f87c8938d56a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126577.inf_amd64_ae71f87c8938d56a\igfxEM.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_10d045798a3d667e\aesm_service.exe
(Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\psp.exe
(Lotus Development Corporation) [File not signed] C:\lotus\organize\EasyClip.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILGE.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2017-01-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [BitTorrent] => C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe [2406600 2016-11-24] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [{39618882-4B58-4091-BF42-FE3B568D8DE0}] => C:\WINDOWS\system32\msiexec.exe /cmdloc "HKCU\Software\Ookla AiTemp\{39618882-4B58-4091-BF42-FE3B568D8DE0}" <==== ATTENTION
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [c8212e39] => C:\ProgramData\Intel\Wireless\263bef3\ibffdke.exe [943784 2019-11-27] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\MountPoints2: {e2aee163-cd31-11e8-b9cf-548ca05945b2} - "I:\RTK_U3_NIC_DRIVER_INSTALLER.sfx.exe" 
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE [297024 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lotus Organizer EasyClip.lnk [2018-01-11]
ShortcutTarget: Lotus Organizer EasyClip.lnk -> C:\lotus\organize\EasyClip.exe (Lotus Development Corporation) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lotus QuickStart.lnk [2018-01-11]
ShortcutTarget: Lotus QuickStart.lnk -> C:\lotus\wordpro\ltsstart.exe (Lotus Development Corporation) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02AFDCC9-C752-417B-9680-244303BE2050} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-16] (Adobe Inc. -> Adobe)
Task: {0A6976E0-38EF-49C1-8FD7-1189110AFDD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {0DC64C0B-0C27-414E-AE6A-6866390514E8} - System32\Tasks\{A8FABC73-870D-4FDF-9A5E-F5327FD5C794} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\psp.exe" -d "C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\"
Task: {1DC2065F-F240-48F7-A207-F95B21CE4D9F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-26] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {20B4D4B6-8C89-4303-8B2A-E47FA9BF2D75} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {20DE2245-0A12-44FE-AEBA-C91A506FA691} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-19] (Dropbox, Inc -> Dropbox, Inc.)
Task: {24FE0EB6-F66F-4BE1-9C75-E8019795E83C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {2DCF9BB5-9A7C-46A2-B5E5-EACF6305A58C} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
Task: {2F034EB6-4C9E-406B-93EF-9035F4BB334B} - System32\Tasks\EPSON XP-215 217 Series Update {4CBE40C3-63D6-42CB-83BE-53BDDDE341E2} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {2F2E7982-6E33-46C3-BDB8-A6A1F5159231} - System32\Tasks\EPSON XP-215 217 Series Update {A5AFB959-AD92-496E-9CE8-FA2F7002BCFB} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {356532C4-B225-4525-80BB-F123BADC0C32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-06] (Google Inc -> Google Inc.)
Task: {3BA3386A-6A14-45FD-BA80-4AE3BFB228A8} - System32\Tasks\EPSON XP-215 217 Series Invitation {93673DB8-1211-4205-A820-65D8EC1699D0} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {4575EEFD-3609-48BF-AA48-1BF8CB42CAA7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {4B1E862E-D462-4192-8410-98A006FB0246} - System32\Tasks\EPSON XP-215 217 Series Invitation {339A510A-CA12-4789-B26A-37CD73BDB256} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {57E8FE4A-DA86-4E4E-B375-25B2809FE71D} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [520456 2019-11-23] (Bitdefender SRL -> Bitdefender)
Task: {5D460BD5-9C3B-4BE9-A0A9-DABCCE59700D} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {5D50D4EB-D900-4C70-B38E-85E9B2064C72} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {60D24338-1C8C-4686-961A-C693DDFD01E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-26] (Piriform Software Ltd -> Piriform Ltd)
Task: {6A897DEC-77F2-42E5-BAFB-F9154468469F} - System32\Tasks\EPSON XP-215 217 Series Update {B80FA13D-8E38-47DA-9CA4-360F94AEE622} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {7DDB0A06-E4C4-45C9-8457-F91D1CC435F6} - System32\Tasks\EPSON XP-215 217 Series Invitation {4CBE40C3-63D6-42CB-83BE-53BDDDE341E2} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {874EE4CC-F770-47F9-AA10-B3E89F317289} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {87D9C6BF-B92F-4829-94DC-69679569B60F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8D4442E8-8D52-4311-8019-D08AD777A436} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {905C7FAA-2D15-436C-913D-7D1BF8D9AE76} - System32\Tasks\EPSON XP-215 217 Series Invitation {A5AFB959-AD92-496E-9CE8-FA2F7002BCFB} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {A04008B0-0C9E-4B5E-9E91-A016B3A57A72} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {A99130D6-5589-4C48-96E2-3371865BC1BC} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {AB2BE3FB-A8EF-4309-97D7-840DD5A817A6} - System32\Tasks\EPSON XP-215 217 Series Update {339A510A-CA12-4789-B26A-37CD73BDB256} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {AE57F3F9-FF8D-4338-803C-074AC8FA5B28} - System32\Tasks\EPSON XP-215 217 Series Invitation {B80FA13D-8E38-47DA-9CA4-360F94AEE622} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B00401A1-DA0C-494C-9DD0-945824AE47B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-06] (Google Inc -> Google Inc.)
Task: {B2172999-2BF6-463A-A43B-016A2DE1E2B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {B72233BE-0901-4E3D-8C64-F5494FF5EAEB} - System32\Tasks\EPSON XP-215 217 Series Update {93673DB8-1211-4205-A820-65D8EC1699D0} => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B9AD93BB-C4B7-4FC9-A684-7631EFD854F5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-16] (Adobe Inc. -> Adobe)
Task: {C027C1A6-C7EC-4381-BABE-1C9FADCB4712} - System32\Tasks\EPSON XP-215 217 Series Invitation {4C1162F1-94BC-437D-8E9D-5E5B34998E27} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {C82D6B9E-9E8C-4708-80FC-C8C9A847074A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-26] (HP Inc. -> )
Task: {CFBDB3A5-F9CE-44DD-B622-1FD768CEBA84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {D34776D5-701B-4AF1-B5A6-10DAFB67F160} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp80439.exe <==== ATTENTION
Task: {D9ACAC54-0B6C-488F-B116-EF4A0C7DBD13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {DEB8892E-B4DA-4C55-AD96-416A948E235D} - System32\Tasks\EPSON XP-215 217 Series Update {4C1162F1-94BC-437D-8E9D-5E5B34998E27} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {DF33E696-EA4F-40FE-8E66-D4355956E600} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
Task: {E650800E-CD2F-4208-9AF3-EE4BE5660E32} - System32\Tasks\HPCeeScheduleForRicar => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {F94702F1-C764-4AC3-A40A-3EB59EE065EA} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-19] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {339A510A-CA12-4789-B26A-37CD73BDB256}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {4C1162F1-94BC-437D-8E9D-5E5B34998E27}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {4CBE40C3-63D6-42CB-83BE-53BDDDE341E2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {93673DB8-1211-4205-A820-65D8EC1699D0}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {A5AFB959-AD92-496E-9CE8-FA2F7002BCFB}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Invitation {B80FA13D-8E38-47DA-9CA4-360F94AEE622}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {339A510A-CA12-4789-B26A-37CD73BDB256}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{339A510A-CA12-4789-B26A-37CD73BDB256} /F:UpdateWORKGROUP\TRANTOR6$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {4C1162F1-94BC-437D-8E9D-5E5B34998E27}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{4C1162F1-94BC-437D-8E9D-5E5B34998E27} /F:UpdateWORKGROUP\TRANTOR6$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {4CBE40C3-63D6-42CB-83BE-53BDDDE341E2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{4CBE40C3-63D6-42CB-83BE-53BDDDE341E2} /F:UpdateWORKGROUP\TRANTOR6$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {93673DB8-1211-4205-A820-65D8EC1699D0}.job => C:\windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{93673DB8-1211-4205-A820-65D8EC1699D0} /F:UpdateWORKGROUP\U2NBC374E7FDE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {A5AFB959-AD92-496E-9CE8-FA2F7002BCFB}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{A5AFB959-AD92-496E-9CE8-FA2F7002BCFB} /F:UpdateWORKGROUP\TRANTOR6$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-215 217 Series Update {B80FA13D-8E38-47DA-9CA4-360F94AEE622}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE:/EXE:{B80FA13D-8E38-47DA-9CA4-360F94AEE622} /F:UpdateWORKGROUP\TRANTOR6$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleForRicar.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.166.210.80 212.166.132.104
Tcpip\..\Interfaces\{121120a3-8d1e-4374-8de3-d3db08cf8989}: [DhcpNameServer] 212.166.210.80 212.166.132.104
Tcpip\..\Interfaces\{5680dd08-d54f-40af-84ca-fd309652b8f7}: [DhcpNameServer] 212.166.210.80 212.166.132.104
Tcpip\..\Interfaces\{951f0ff1-d31b-43dd-aa80-9c48f8adbd62}: [DhcpNameServer] 62.81.16.213 62.81.29.254
Tcpip\..\Interfaces\{a204d4d4-9e65-44c8-9fd6-2946f2525f2a}: [DhcpNameServer] 62.81.16.213 62.81.29.254
Tcpip\..\Interfaces\{bc33bd86-51d7-41db-b5f6-51ac2ad5cb36}: [DhcpNameServer] 212.166.210.80 212.166.132.104
Tcpip\..\Interfaces\{c1901de2-e058-4763-b193-7a6bd6e6c88f}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{cc1f0898-52e8-464f-85a6-168ce181acac}: [DhcpNameServer] 62.81.16.213 62.81.29.254
Tcpip\..\Interfaces\{fcc427a2-5556-43ca-b9fd-59fd711b4b52}: [DhcpNameServer] 62.81.16.213 62.81.29.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
SearchScopes: HKU\S-1-5-21-1162601402-3218926904-2126613369-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-1162601402-3218926904-2126613369-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2019-11-23] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-11-23] (Bitdefender SRL -> Bitdefender)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2019-11-23] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-11-23] (Bitdefender SRL -> Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-11-23] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-11-23] (Bitdefender SRL -> Bitdefender)

Edge: 
======
DownloadDir: C:\Users\Ricar\Downloads

FireFox:
========
FF DefaultProfile: 181s9i64.default-1534811874022
FF ProfilePath: C:\Users\Ricar\AppData\Roaming\Mozilla\Firefox\Profiles\181s9i64.default-1534811874022 [2019-11-27]
FF Notifications: Mozilla\Firefox\Profiles\181s9i64.default-1534811874022 -> hxxps://forospyware.com
FF Extension: (AdBlock) - C:\Users\Ricar\AppData\Roaming\Mozilla\Firefox\Profiles\181s9i64.default-1534811874022\Extensions\[email protected] [2019-10-11]
FF Extension: (Save PDF) - C:\Users\Ricar\AppData\Roaming\Mozilla\Firefox\Profiles\181s9i64.default-1534811874022\Extensions\{077f4ca9-a296-4624-9524-4e9b3835f512}.xpi [2019-03-24]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Ricar\AppData\Roaming\Mozilla\Firefox\Profiles\181s9i64.default-1534811874022\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-22]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2019-09-21]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2019-11-23]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2019-02-15] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-16] (Adobe Inc. -> )
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-16] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG -> Nero AG)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2016-03-03] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> )
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-23] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-23] <==== ATTENTION

Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/ui/v1/icons/mail/images/favicon5.ico
CHR Notifications: Default -> hxxps://gcx.alibaba.com
CHR Profile: C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default [2019-11-27]
CHR Extension: (Presentaciones) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-21]
CHR Extension: (Documentos) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Google Drive) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-06]
CHR Extension: (Hojas de cálculo) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-21]
CHR Extension: (Bitdefender Wallet) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2019-07-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Gmail) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjadopoenpcjhdnknblbddcmlnlefid [2019-04-07]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2019-11-19]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Ricar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_10d045798a3d667e\aesm_service.exe [3367272 2018-11-28] (Intel(R) Software Development Products -> Intel Corporation)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560520 2018-12-21] (Advanced Micro Devices, Inc. -> AMD)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-11-23] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-11-23] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-19] (Dropbox, Inc -> Dropbox, Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [119368 2019-11-14] (Bitdefender SRL -> Bitdefender)
S4 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2017-01-24] (Intel Corporation - pGFX -> Intel Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent)
S4 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
S4 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-11-26] (Malwarebytes Inc -> Malwarebytes)
S4 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S4 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [327320 2016-03-03] (Nitro Software, Inc. -> Nitro PDF Software)
S4 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [417944 2016-03-03] (Nitro Software, Inc. -> )
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312576 2017-01-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [726600 2019-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360872 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [151656 2019-11-23] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-11-23] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-02-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-02-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320987.inf_amd64_9802caeb47af3d17\atikmdag.sys [36577160 2018-12-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0320987.inf_amd64_9802caeb47af3d17\atikmpag.sys [537992 2018-12-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2016-03-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2016-08-31] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-11-23] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [739264 2019-11-23] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2019-09-21] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2015-09-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2017-01-24] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2017-01-24] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2017-01-24] (Intel Corporation -> Intel Corporation)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564112 2019-11-23] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2019-06-03] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-09-21] (Bitdefender SRL -> Bitdefender)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2017-01-24] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [796560 2019-06-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [411648 2018-09-15] (Microsoft Windows -> Realtek Corporation )
S3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9607464 2019-03-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55400 2018-09-21] (Synaptics Incorporated -> Synaptics Incorporated)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-02-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-02-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
============FIRST.TXT 2==============================
    ==================== One month (created) ===================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-11-27 16:25 - 2019-11-27 16:32 - 000057435 _____ C:\Users\Ricar\Desktop\Addition.txt
    2019-11-27 16:18 - 2019-11-27 16:33 - 000043156 _____ C:\Users\Ricar\Desktop\FRST.txt
    2019-11-27 16:18 - 2019-11-27 16:33 - 000000000 ____D C:\FRST
    2019-11-27 16:15 - 2019-11-27 16:15 - 002262016 _____ (Farbar) C:\Users\Ricar\Desktop\Fabar Recovery ST64.exe
    2019-11-26 18:10 - 2019-11-26 18:10 - 000001515 _____ C:\Users\Ricar\Desktop\CCleaner64.exe - Acceso directo.lnk
    2019-11-26 17:38 - 2019-11-26 21:03 - 000000000 ____D C:\Program Files\CCleaner
    2019-11-26 17:38 - 2019-11-26 17:38 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
    2019-11-26 17:38 - 2019-11-26 17:38 - 000002874 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
    2019-11-26 17:38 - 2019-11-26 17:38 - 000000903 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2019-11-26 17:38 - 2019-11-26 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2019-11-26 14:45 - 2019-11-26 14:51 - 000000000 ____D C:\AdwCleaner
    2019-11-26 14:44 - 2019-11-26 14:44 - 007622344 _____ (Malwarebytes) C:\Users\Ricar\Desktop\adwcleaner_7.4.2.exe
    2019-11-26 12:57 - 2019-11-26 12:57 - 000000000 ____D C:\Users\Ricar\AppData\LocalLow\IGDump
    2019-11-26 12:52 - 2019-11-26 12:52 - 000002061 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
    2019-11-26 12:52 - 2019-11-26 12:52 - 000000000 ____D C:\Users\Ricar\AppData\Local\mbamtray
    2019-11-26 12:52 - 2019-11-26 12:52 - 000000000 ____D C:\Users\Ricar\AppData\Local\mbam
    2019-11-26 12:52 - 2019-11-26 12:52 - 000000000 ____D C:\Users\Ricar\AppData\Local\cache
    2019-11-26 12:52 - 2019-11-26 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
    2019-11-26 12:51 - 2019-11-26 12:51 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
    2019-11-26 12:51 - 2019-11-26 12:51 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
    2019-11-26 12:51 - 2019-11-26 12:51 - 000000000 ____D C:\ProgramData\Malwarebytes
    2019-11-26 12:51 - 2019-11-26 12:51 - 000000000 ____D C:\Program Files\Malwarebytes
    2019-11-26 12:50 - 2019-11-26 12:51 - 001883976 _____ (Malwarebytes) C:\Users\Ricar\Downloads\MBSetup.exe
    2019-11-25 22:01 - 2019-11-27 09:41 - 000000000 ____D C:\Users\Ricar\AppData\LocalLow\BitTorrent
    2019-11-23 14:28 - 2019-11-23 14:28 - 000074276 _____ C:\ProgramData\agent.update.1574515708.bdinstall.v2.bin
    2019-11-23 14:10 - 2019-11-23 14:14 - 000000000 ____D C:\0e4ccbb
    2019-11-23 14:10 - 2019-11-23 14:10 - 000000000 ____D C:\testintel
    2019-11-23 00:40 - 2019-11-23 00:40 - 000079356 _____ C:\Users\Ricar\Downloads\export20191123(1).pdf
    2019-11-23 00:37 - 2019-11-23 00:37 - 000080811 _____ C:\Users\Ricar\Downloads\export20191123.pdf
    2019-11-20 12:27 - 2019-11-20 12:27 - 000072800 _____ C:\ProgramData\dm.update.1574249137.bdinstall.bin
    2019-11-20 12:26 - 2019-11-20 12:26 - 000036388 _____ C:\ProgramData\dm.uninstall.1574249158.bdinstall.bin
    2019-11-13 23:46 - 2019-11-13 23:47 - 119589173 _____ C:\Users\Ricar\Downloads\Vitruvius Britannicus or the British architect.pdf
    2019-11-13 14:02 - 2019-11-13 14:02 - 023455232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 012258816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 006934016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 006547896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 006318328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 005770240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 005608336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 004873216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 003872336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 003656792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 002918200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 002699976 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 002628112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 002072176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001486472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001267240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
    2019-11-13 14:02 - 2019-11-13 14:02 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000808272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000773208 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000661264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000588816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000542320 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
    2019-11-13 14:02 - 2019-11-13 14:02 - 000473832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000435512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000427832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000262152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
    2019-11-13 14:02 - 2019-11-13 14:02 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
    2019-11-13 14:02 - 2019-11-13 14:02 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000112168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
    2019-11-13 14:02 - 2019-11-13 14:02 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000086744 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
    2019-11-13 14:02 - 2019-11-13 14:02 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000023768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
    2019-11-13 14:02 - 2019-11-13 14:02 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 022137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 009667896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 007700696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 007656072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 005575168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 004413936 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 004049920 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 003637760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 001933408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001702600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
    2019-11-13 14:01 - 2019-11-13 14:01 - 001668784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001473296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001346216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
    2019-11-13 14:01 - 2019-11-13 14:01 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001294792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 001258512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001183504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001054224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001049608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000888560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000862008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000856424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000747536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000536320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000514600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000509968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000505640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000465416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000450632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000445752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000389408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000240640 _____ (Microsoft Corporation) 
C:\WINDOWS\system32\SearchFilterHost.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000087080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
    2019-11-13 14:01 - 2019-11-13 14:01 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000061480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
    2019-11-13 14:01 - 2019-11-13 14:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
    2019-11-13 14:01 - 2019-11-13 14:01 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
    2019-11-13 14:00 - 2019-11-13 14:00 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
    2019-11-13 14:00 - 2019-11-13 14:00 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
    2019-11-13 14:00 - 2019-11-13 14:00 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
    2019-11-13 14:00 - 2019-11-13 14:00 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
    2019-11-04 20:13 - 2019-11-04 20:13 - 000009632 _____ C:\Users\Ricar\Downloads\ALB.000061.pdf
    2019-11-02 13:01 - 2019-11-02 13:01 - 002088513 _____ C:\Users\Ricar\Downloads\livret-soubise-grands-dépôts.pdf
    2019-10-30 22:33 - 2019-10-30 22:33 - 000080185 _____ C:\Users\Ricar\Downloads\export20191030.pdf

    ==================== One month (modified) ==================

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2019-11-27 16:31 - 2016-11-24 07:42 - 000000000 ____D C:\Users\Ricar\AppData\Roaming\BitTorrent
    2019-11-27 16:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2019-11-27 15:56 - 2019-02-21 13:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2019-11-27 14:51 - 2019-10-02 17:47 - 000000000 ____D C:\Users\Ricar\AppData\Local\CrashDumps
    2019-11-27 09:40 - 2016-11-19 23:16 - 000000000 ____D C:\Users\Ricar\AppData\LocalLow\Mozilla
    2019-11-27 09:31 - 2016-11-19 20:54 - 000000000 __SHD C:\Users\Ricar\IntelGraphicsProfiles
    2019-11-27 01:40 - 2019-02-21 13:22 - 000000000 ____D C:\Users\Ricar
    2019-11-26 21:21 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
    2019-11-26 21:21 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
    2019-11-26 21:05 - 2019-02-21 13:13 - 000681408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2019-11-26 21:03 - 2019-02-21 13:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2019-11-26 18:03 - 2017-02-05 02:25 - 000000000 ____D C:\Users\Ricar\AppData\Roaming\MPC-HC
    2019-11-26 18:02 - 2019-02-21 11:23 - 000000000 ___DC C:\WINDOWS\Panther
    2019-11-26 18:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS
\LiveKernelReports
    2019-11-26 18:02 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
    2019-11-26 15:19 - 2019-02-21 13:37 - 001927984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2019-11-26 15:19 - 2018-09-15 17:36 - 000831554 _____ C:\WINDOWS\system32\perfh00A.dat
    2019-11-26 15:19 - 2018-09-15 17:36 - 000175746 _____ C:\WINDOWS\system32\perfc00A.dat
    2019-11-26 15:14 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
    2019-11-26 15:13 - 2016-11-19 20:57 - 000000000 ____D C:\Users\Ricar\AppData\Local\HP
    2019-11-26 15:13 - 2016-04-22 04:43 - 000000000 ____D C:\Program Files\HP
    2019-11-26 14:53 - 2019-02-19 22:00 - 000000000 ____D C:\Program Files\Bitdefender Agent
    2019-11-26 12:51 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
    2019-11-25 12:07 - 2019-02-21 13:45 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1162601402-3218926904-2126613369-1001
    2019-11-25 12:07 - 2019-02-21 13:22 - 000002447 _____ C:\Users\Ricar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2019-11-25 12:07 - 2016-11-19 20:58 - 000000000 ___RD C:\Users\Ricar\OneDrive
    2019-11-24 14:53 - 2019-10-13 10:07 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForRicar.job
    2019-11-24 10:55 - 2019-10-13 10:07 - 000003242 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForRicar
    2019-11-23 15:28 - 2019-02-19 22:02 - 001693368 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
    2019-11-23 15:28 - 2019-02-19 22:02 - 000739264 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
    2019-11-23 15:28 - 2019-02-19 22:02 - 000564112 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
    2019-11-23 14:16 - 2018-09-15 07:09 - 000065536 _____ C:\WINDOWS\system32\config\ELAM
    2019-11-23 14:12 - 2016-06-22 02:35 - 000000000 ____D C:\ProgramData\Realtek
    2019-11-22 00:13 - 2017-08-06 20:04 - 000002339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2019-11-22 00:13 - 2017-08-06 20:04 - 000002298 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2019-11-20 12:26 - 2019-02-19 22:01 - 000000000 ____D C:\Program Files\Bitdefender
    2019-11-16 13:08 - 2019-02-21 13:45 - 000004604 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
    2019-11-16 13:08 - 2019-02-21 13:45 - 000004430 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
    2019-11-16 13:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
    2019-11-16 13:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
    2019-11-16 13:08 - 2017-01-13 23:38 - 000000000 ____D C:\Users\Ricar\AppData\Local\Adobe
    2019-11-14 02:42 - 2018-08-21 01:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2019-11-14 02:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
    2019-11-14 02:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
    2019-11-14 02:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
    2019-11-14 02:38 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
    2019-11-14 02:37 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2019-11-14 02:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
    2019-11-14 02:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
    2019-11-14 02:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
    2019-11-13 14:13 - 2016-11-20 20:02 - 000000000 ____D C:\WINDOWS\system32\MRT
    2019-11-13 14:07 - 2016-11-20 20:01 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2019-11-13 14:06 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
    2019-11-12 14:16 - 2016-11-19 20:55 - 000000000 ____D C:\Users\Ricar\AppData\Local\VirtualStore
    2019-11-05 08:16 - 2019-02-21 13:45 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
    2019-11-05 08:16 - 2019-02-21 13:45 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
    2019-11-05 08:16 - 2017-08-06 20:04 - 000000000 ____D C:\Program Files (x86)\Google
    2019-11-01 14:08 - 2018-07-09 20:23 - 000000000 ____D C:\ProgramData\Packages
    2019-11-01 09:20 - 2018-08-21 01:37 - 000001045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
    2019-11-01 09:20 - 2018-08-21 01:37 - 000000000 ____D C:\Program Files\Mozilla Firefox

    ==================== Files in the root of some directories ========

    2019-04-06 13:06 - 2019-04-06 13:08 - 000038533 _____ () C:\Users\Ricar\AppData\Roaming\Valores separados por comas (DOS).ADR
    2016-11-19 20:55 - 2017-09-05 12:45 - 000674008 _____ () C:\Users\Ricar\AppData\Local\BTServer.log
    2018-07-15 09:11 - 2018-07-15 09:11 - 000000000 _____ () C:\Users\Ricar\AppData\Local\{03D51B5E-4228-46E0-98FE-BCE663484A01}
    2018-07-15 09:21 - 2018-07-15 09:21 - 000000000 _____ () C:\Users\Ricar\AppData\Local\{8DFF87F1-CDE6-468C-BF2A-730B00F4F3FC}

    ==================== SigCheck ============================

    (There is no automatic fix for files that do not pass verification.)

    ==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Ricar (27-11-2019 16:34:17)
Running from C:\Users\Ricar\Desktop
Windows 10 Home Version 1809 17763.864 (X64) (2019-02-21 12:47:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1162601402-3218926904-2126613369-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1162601402-3218926904-2126613369-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1162601402-3218926904-2126613369-1007 - Limited - Enabled)
Invitado (S-1-5-21-1162601402-3218926904-2126613369-501 - Limited - Disabled)
Ricar (S-1-5-21-1162601402-3218926904-2126613369-1001 - Administrator - Enabled) => C:\Users\Ricar
WDAGUtilityAccount (S-1-5-21-1162601402-3218926904-2126613369-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Disabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Disabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AutoFirma (HKLM-x32\...\AutoFirma) (Version: 1.6.3 - Gobierno de España)
Bejeweled 3 (HKLM-x32\...\WTA-1bbcf815-30d6-4ac3-a014-f8f5411a0110) (Version: 2.2.0.95 - WildTangent) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.132 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.12.72 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.19.85 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-cd97e187-cdbd-4465-997a-450787c3d24f) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-9fcdff9e-1223-4c16-925c-03530b4244c8) (Version: 3.0.2.48 - WildTangent) Hidden
calibre 64bit (HKLM\...\{03D76A6B-4B00-4CEA-835B-909D7462F32E}) (Version: 2.58.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM\...\{108D5EFB-62B2-F89A-920F-1E2FECC10465}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{DA36084C-FA37-072A-5FBE-0DA2FDCED2A6}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{6A33B6F5-9351-E699-0410-EFC78135625E}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{1E48BB5B-2FEB-E270-CF93-5A84D1D7E944}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{79050ED9-643C-68A5-2E62-178FC24EBFFE}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0E31313C-ACED-AD62-3EE7-D61BC1A45C48}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{36294A42-B636-E3E5-4F64-7A8F81DE2D2F}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{AB31322F-0A98-9289-E098-2C2651F5253C}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{0F73CCEC-978B-2185-580F-0379B3A20AAD}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{FCAD21F9-0825-7643-1081-2EBDE590FAF4}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97A6C719-A559-702E-05E3-230BE8F24E39}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{27651C4A-0A34-809C-FB0C-C44E11139DA4}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{C1EFEB79-7DA3-8C3A-83A4-F6D7111D56CE}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{76D90D6C-0447-FD20-F3C6-5D94C8FD52FA}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{5090A42D-FB09-E809-5C9A-9C652FEDFCA8}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{23756DC9-343D-07B9-57F8-F5BD3F883A7C}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{394F2529-8E54-42BA-3A4F-4D95C9B519B2}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4AE4D943-29F6-5E01-AD45-56D5451CB093}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{8A5E75EB-670F-73B5-CB3D-0D5D732A0A5D}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{BBDA6EB1-1E6E-85FD-1560-0B0538F987AD}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{DBD847E2-28DC-E84C-2E01-C3ADC898AA5D}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Crazy Chicken Soccer (HKLM-x32\...\WTA-44d625bf-be40-4a7f-8f77-e87805b7e092) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - Nombre de su organización) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-13408439-2646-45c3-ba5c-90e3c77eb236) (Version: 3.0.2.59 - WildTangent) Hidden
Derive 6 - Evaluación (HKLM-x32\...\Derive 6 - Evaluación) (Version: 6.0 - Texas Instruments Incorporated)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HP Color LaserJet 2600 series (HKLM\...\HP Color LaserJet 2600 series) (Version:  - )
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{C556057F-7E81-47E5-A747-C35D8530312D}) (Version: 12.13.42.1 - HP)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.10 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1069 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader2 Packages (HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\JDownloader2 Packages) (Version:  - ) <==== ATTENTION
Jewel Match 3 (HKLM-x32\...\WTA-94e505de-bd38-4a2a-afc6-e37fa321f26e) (Version: 2.2.0.97 - WildTangent) Hidden
Juegos WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
K-Lite Mega Codec Pack 14.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.0 - KLCP)
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)
LG Mobile Drivers (HKLM-x32\...\{C3C008A7-D4A5-4E19-B0D6-72043D6EFE34}) (Version: 4.2.0 - LG Electronics)
LibreOffice 5.2.4.2 (HKLM-x32\...\{70E9A143-18EB-4FAB-B020-E3854B12202C}) (Version: 5.2.4.2 - The Document Foundation)
Little Boy: Walter's Scooter (HKLM-x32\...\WTA-9c8100e5-0a22-4441-bbdd-193a75b7d3f4) (Version: 3.0.2.59 - WildTangent) Hidden
Lotus NotesSQL 3.01 driver (HKLM-x32\...\{113EECD6-9A04-11D4-811D-00805F923B86}) (Version:  - )
Lotus SmartSuite - Español (HKLM-x32\...\{536D6172-7453-7569-7465-392E3730040A}) (Version: 9.7.0 - Lotus Development Corporation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Manuales de EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nitro Pro 10 (HKLM\...\{88267846-6F04-424D-BB76-BDDEC9A92B66}) (Version: 10.5.8.44 - Nitro)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Nombre de su organización)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{EF451311-C2EC-4245-911F-4847C2294A82}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice 4.1.3 Language Pack (Spanish) (HKLM-x32\...\{789DA182-44AA-4DA9-9FA4-F087E4F8B6E9}) (Version: 4.13.9783 - Apache Software Foundation)
Paint Shop Pro 7 (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.2.0000 - Jasc Software Inc)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-e48d23c5-a5ad-464f-bbc7-636761f43568) (Version: 3.0.2.59 - WildTangent) Hidden
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
PuppetShow: Return to Joyville (HKLM-x32\...\WTA-1f012367-c8f8-4a21-b4c9-d6d45e4caee8) (Version: 3.0.2.126 - WildTangent) Hidden
PX Profile Update (HKLM-x32\...\{3CAA4177-5256-7BB4-249E-96E464E39785}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{3E213129-0089-388B-0CB7-DA55852F2184}) (Version: 1.00.1. - AMD) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-88ee5bde-6f26-4d95-84a8-7c18893a023b) (Version: 2.2.0.97 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.54 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7818 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.72 - REALTEK Semiconductor Corp.)
Regency Solitaire (HKLM-x32\...\WTA-faf20a88-d22d-4e73-9a11-508a65a0ee21) (Version: 3.0.2.126 - WildTangent) Hidden
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Runefall (HKLM-x32\...\WTA-78d61a0a-3a8d-46bd-872c-d5faf35a2fb0) (Version: 3.0.2.126 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden
Speedtest by Ookla (HKLM-x32\...\{98AAFE04-0997-4C56-90A6-D7CC662D401B}) (Version: 1.2.29.001 - Ookla)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Tasty Blue (HKLM-x32\...\WTA-14c8985a-3876-4d90-86e0-4c5fc57fdc72) (Version: 3.0.2.59 - WildTangent) Hidden
Trinklit Supreme (HKLM-x32\...\WTA-e044a27b-d23a-40c4-9ec3-da1bc0f0a05f) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-8f4820dc-a994-4849-9066-9f0d030677c4) (Version: 3.0.2.59 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-6) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
WildTangent Games App para HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.2 - WildTangent) Hidden
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.6.1.4734 - ZJMedia Digital Technology Ltd.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Youda Jewel Shop (HKLM-x32\...\WTA-3ddf08a5-4949-4ea6-a40e-a27b58afb7c4) (Version: 3.0.2.51 - WildTangent) Hidden

Packages:
=========
¡Solitario! -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-07-01] (Random Salad Games LLC) [MS Ad]
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-01] (king.com)
Cool File Viewer Pro -> C:\Program Files\WindowsApps\20815shootingapp.AirFileViewerPro_1.0.6.0_x86__xcg28tkrsnqww [2019-06-25] (Cool File Viewer)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2204.0_x64__rz1tebttyb220 [2019-11-15] (Dolby Laboratories)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-06] (Universal Music Mobile)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-10] (Microsoft Studios) [MS Ad]
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0 [2019-11-24] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-19] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2016-03-03] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-05-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126577.inf_amd64_ae71f87c8938d56a\igfxDTCM.dll [2018-02-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
========================Addition. txt 2==============================
==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Ricar\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid
ShortcutWithArgument: C:\Users\Ricar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid

==================== Loaded Modules (Whitelisted) =============

1998-08-28 15:42 - 1998-08-28 15:42 - 000153088 _____ () [File not signed] C:\lotus\organize\ormmime.dll
1998-08-28 15:42 - 1998-08-28 15:42 - 000138752 _____ () [File not signed] C:\lotus\organize\ormprot.dll
1998-08-28 15:42 - 1998-08-28 15:42 - 000220160 _____ () [File not signed] C:\lotus\organize\ormutil.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000332800 _____ () [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\Fpxlib.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000122880 _____ () [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JPEGLib.dll
2016-11-24 00:06 - 2008-06-20 00:41 - 000062464 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-05-17 16:12 - 2017-05-17 16:12 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-05-17 16:12 - 2017-05-17 16:12 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamesp.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000212480 _____ (Eastman Kodak) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\PCDLIB32.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000036864 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JBrws_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000028672 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JBrwsUtil_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000032768 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JCMYK_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000024576 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JControls_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000040960 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JFF_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000032768 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JLem_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 000045056 ____R (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JWebTools_Spanish.dll
2001-02-14 01:02 - 2001-02-14 01:02 - 003735552 _____ (Jasc Software Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\PSP_Spanish.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000290816 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\jbrws.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000102400 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\jbrwsutil.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000065536 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\jcap.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000233472 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JCMYK.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000458752 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JControls.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 001892352 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\jff.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000069632 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\jlem.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000073728 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JMEM.dll
2001-02-14 07:02 - 2001-02-14 07:02 - 000376832 _____ (Jasc Software, Inc.) [File not signed] C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 7\JWebTools.dll
2001-07-25 13:24 - 2001-07-25 13:24 - 000162816 _____ (Lotus Developement Corp) [File not signed] C:\lotus\organize\orgapi32.dll
1998-01-06 17:49 - 1998-01-06 17:49 - 000125952 _____ (Lotus Development Corporation) [File not signed] C:\lotus\compnent\LTSCSN13.DLL
2001-09-04 14:31 - 2001-09-04 14:31 - 000024576 _____ (Lotus Development Corporation) [File not signed] C:\lotus\organize\ecES.dll
2001-08-30 20:47 - 2001-08-30 20:47 - 002934272 _____ (Lotus Development Corporation) [File not signed] C:\lotus\organize\OR1C50ES.DLL
2001-07-25 13:09 - 2001-07-25 13:09 - 000886272 _____ (Lotus Development Corporation) [File not signed] C:\lotus\organize\ORBACK.dll
2001-07-25 13:07 - 2001-07-25 13:07 - 000779264 _____ (Lotus Development Corporation) [File not signed] C:\lotus\organize\orutil.dll
2001-05-29 02:38 - 2001-05-29 02:38 - 000330752 _____ (Lotus Development Corporation.) [File not signed] C:\lotus\compnent\LTASWN23.DLL
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
1998-06-17 10:45 - 1998-06-17 10:45 - 000077878 _____ (Microsoft Corporation) [File not signed] C:\lotus\organize\MSVCIRT.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll
2018-08-19 13:57 - 2012-11-12 14:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2018-08-19 13:57 - 2012-10-22 16:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-09 14:19 - 2016-09-09 14:19 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2019-11-27 16:05 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\AutoFirma\AutoFirma
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 212.166.210.80 - 212.166.132.104
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BTDevManager => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: EPSON_PM_RPCV4_06 => 2
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HP Comm Recover => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: HPWMISVC => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMIRescue_7f921628-d1b9-c0ef-2479-9123d21e012f => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyEpson Portal Service => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NitroDriverReadSpool10 => 2
MSCONFIG\Services: NitroUpdateService => 2
MSCONFIG\Services: ProductAgentService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: RtkBtManServ => 2
MSCONFIG\Services: SynTPEnhService => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0C4FDDAB-3732-458D-AEE9-ABD38EACB060}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{64DF0383-61E4-4068-967F-900223717CE8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FA94473F-B031-42C3-A166-A09CCD601C51}] => (Allow) C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6568D661-690A-4520-B858-C2C370D1663E}] => (Allow) C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8C23C247-76AE-4B17-A15A-A7B978118E83}] => (Allow) C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5D252DA3-FDE2-4212-B76B-1210DB283C44}] => (Allow) C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EF07FDF6-5A79-48CC-9E48-5E1D98993EE4}] => (Allow) C:\Users\Ricar\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7BA88F90-8C7B-4B2A-AED5-CE38FFC50F43}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{82EF61A1-B15C-471A-BF4E-B37AEDE40937}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD044A20-126E-43E8-9B8E-A9C00069590D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB7B51FE-5F54-4F9D-8AEB-55281083049E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8EF944EB-570F-47BA-A8C9-2FF27C763382}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9E31B8D-D2C4-4271-BC2E-FBCC4DF44523}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F38C737D-BF29-496D-BFFF-A8E69072FD5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90C64969-B286-4F17-A426-616939CEA875}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56686BAB-FF5C-4FF2-8134-3B102C6C6EEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

23-11-2019 09:17:26 Punto de control programado

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/27/2019 02:51:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: DllHost.exe, versión: 10.0.17763.1, marca de tiempo: 0x5d3b6f40
Nombre del módulo con errores: thumbcache.dll, versión: 10.0.17763.404, marca de tiempo: 0x9892fc34
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000003a3d
Identificador del proceso con errores: 0x148c
Hora de inicio de la aplicación con errores: 0x01d5a4fd0f869a6a
Ruta de acceso de la aplicación con errores: C:\WINDOWS\system32\DllHost.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\thumbcache.dll
Identificador del informe: e276eeb8-1477-4639-81c9-4d8887e87ade
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/27/2019 09:32:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SearchUI.exe (versión 10.0.17763.719) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2ce0

Hora de Inicio: 01d5a4fd110feced

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Id. de informe: 65cfda58-b13a-4ef2-a3ff-1dc6e0a0cf3b

Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: CortanaUI

Tipo de bloqueo: Quiesce

Error: (11/26/2019 03:15:26 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 54882 ms

DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


Policy:  Passive Policy 2 [2]

Error: (11/26/2019 03:15:26 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 54599 ms

DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Critical Policy: Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


Policy:  Critical Policy [1]

Error: (11/26/2019 03:13:21 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (11/26/2019 02:54:00 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 84793 ms

DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


Policy:  Passive Policy 2 [2]

Error: (11/26/2019 02:54:00 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 84709 ms

DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002
Executing Function:  PolicyBase::takeControlOfOsc
Message:  Critical Policy: Failed to acquire OSC: Failure during execution of _OSC: 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function:  EsifServices::primitiveExecuteSet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]


Policy:  Critical Policy [1]

Error: (11/24/2019 03:54:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SearchUI.exe (versión 10.0.17763.719) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 4a0

Hora de Inicio: 01d5a2d6ffd29e39

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Id. de informe: 13826d77-8f30-47e3-9d23-c3dd57cd62f5

Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy

Id. de la aplicación relativa al paquete con errores: CortanaUI

Tipo de bloqueo: Quiesce


System errors:
=============
Error: (11/27/2019 02:43:02 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:57:20 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:53:58 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:53:58 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:53:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:53:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:53:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

Error: (11/27/2019 09:53:57 AM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk2\DR2.

===================Addition.txt 3======================================

CodeIntegrity:
===================================

Date: 2019-11-26 13:00:53.055
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-11-26 12:58:21.564
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2019-04-10 23:49:22.119
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-10 23:49:22.115
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-10 23:49:22.107
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-10 23:49:22.103
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-07 08:45:24.855
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-07 08:45:24.846
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\wscfix.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: Insyde F.30 06/25/2018
Motherboard: HP 8226
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 46%
Total physical RAM: 16238.91 MB
Available physical RAM: 8761.55 MB
Total Virtual: 17038.91 MB
Available Virtual: 8954 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1848.07 GB) (Free:1034.83 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.71 GB) (Free:1.62 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Caramón) (Fixed) (Total:3725.9 GB) (Free:989.31 GB) NTFS
Drive g: (AURORA) (Fixed) (Total:2794.39 GB) (Free:207.36 GB) NTFS

\\?\Volume{b4367882-e50a-4082-8c98-d7b835eaead7}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.41 GB) NTFS
\\?\Volume{c63715cb-2b50-429d-920a-8d7f835ca70f}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: A50E1C7D)

Partition: GPT.

==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: A1F48B58)

Partition: GPT.

==========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: AFCAD1A0)

Partition: GPT.

==================== End of Addition.txt =======================

Ejecuta Adwcleaner y en opciones generales. dale a eliminar, para desinstalarlo

Descarga una nueva copia y ejecutarlo de nuevo, sale a eliminar si encuentra algo y me pegas el log, el que sale después de eliminar

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [{39618882-4B58-4091-BF42-FE3B568D8DE0}] => C:\WINDOWS\system32\msiexec.exe /cmdloc "HKCU\Software\Ookla AiTemp\{39618882-4B58-4091-BF42-FE3B568D8DE0}" <==== ATTENTION
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [c8212e39] => C:\ProgramData\Intel\Wireless\263bef3\ibffdke.exe [943784 2019-11-27] (AutoIt Consulting Ltd -> AutoIt Team)
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\MountPoints2: {e2aee163-cd31-11e8-b9cf-548ca05945b2} - "I:\RTK_U3_NIC_DRIVER_INSTALLER.sfx.exe" 
C:\ProgramData\Intel\Wireless
Task: {D34776D5-701B-4AF1-B5A6-10DAFB67F160} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp80439.exe <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-23] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-23] <==== ATTENTION
2019-11-23 14:10 - 2019-11-23 14:14 - 000000000 ____D C:\0e4ccbb
2018-07-15 09:11 - 2018-07-15 09:11 - 000000000 _____ () C:\Users\Ricar\AppData\Local\{03D51B5E-4228-46E0-98FE-BCE663484A01}
2018-07-15 09:21 - 2018-07-15 09:21 - 000000000 _____ () C:\Users\Ricar\AppData\Local\{8DFF87F1-CDE6-468C-BF2A-730B00F4F3FC}
ShortcutWithArgument: C:\Users\Ricar\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid
ShortcutWithArgument: C:\Users\Ricar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Aplicado el Script de reparación te facilito el fichero Fixlo

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Ricar (27-11-2019 22:48:28) Run:1
Running from C:\Users\Ricar\Desktop
Loaded Profiles: Ricar (Available Profiles: Ricar)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start

CreateRestorePoint:

CloseProcesses:



HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [{39618882-4B58-4091-BF42-FE3B568D8DE0}] => C:\WINDOWS\system32\msiexec.exe /cmdloc "HKCU\Software\Ookla AiTemp\{39618882-4B58-4091-BF42-FE3B568D8DE0}" <==== ATTENTION

HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\Run: [c8212e39] => C:\ProgramData\Intel\Wireless\263bef3\ibffdke.exe [943784 2019-11-27] (AutoIt Consulting Ltd -> AutoIt Team)

HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\...\MountPoints2: {e2aee163-cd31-11e8-b9cf-548ca05945b2} - "I:\RTK_U3_NIC_DRIVER_INSTALLER.sfx.exe" 

C:\ProgramData\Intel\Wireless

Task: {D34776D5-701B-4AF1-B5A6-10DAFB67F160} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp80439.exe <==== ATTENTION

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-09-23] <==== ATTENTION (Points to *.cfg file)

FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-09-23] <==== ATTENTION

2019-11-23 14:10 - 2019-11-23 14:14 - 000000000 ____D C:\0e4ccbb

2018-07-15 09:11 - 2018-07-15 09:11 - 000000000 _____ () C:\Users\Ricar\AppData\Local\{03D51B5E-4228-46E0-98FE-BCE663484A01}

2018-07-15 09:21 - 2018-07-15 09:21 - 000000000 _____ () C:\Users\Ricar\AppData\Local\{8DFF87F1-CDE6-468C-BF2A-730B00F4F3FC}

ShortcutWithArgument: C:\Users\Ricar\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid

ShortcutWithArgument: C:\Users\Ricar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hcjadopoenpcjhdnknblbddcmlnlefid





HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\Software\Microsoft\Windows\CurrentVersion\Run\\{39618882-4B58-4091-BF42-FE3B568D8DE0}" => removed successfully
"HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\Software\Microsoft\Windows\CurrentVersion\Run\\c8212e39" => removed successfully
HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e2aee163-cd31-11e8-b9cf-548ca05945b2} => removed successfully
C:\ProgramData\Intel\Wireless => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D34776D5-701B-4AF1-B5A6-10DAFB67F160}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D34776D5-701B-4AF1-B5A6-10DAFB67F160}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js => moved successfully
C:\Program Files\mozilla firefox\bd_config.cfg => moved successfully
C:\0e4ccbb => moved successfully
C:\Users\Ricar\AppData\Local\{03D51B5E-4228-46E0-98FE-BCE663484A01} => moved successfully
C:\Users\Ricar\AppData\Local\{8DFF87F1-CDE6-468C-BF2A-730B00F4F3FC} => moved successfully
C:\Users\Ricar\Desktop\Gmail.lnk => Shortcut argument removed successfully
C:\Users\Ricar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Gmail.lnk => Shortcut argument removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1162601402-3218926904-2126613369-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Ethernet 5:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::1821:750:6d54:3502%19
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.15
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27404629 B
Java, Flash, Steam htmlcache => 1150 B
Windows/system/drivers => 421562 B
Edge => 3146660 B
Chrome => 332814383 B
Firefox => 365233839 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 9388 B
NetworkService => 9388 B
Ricar => 983747194 B

RecycleBin => 100684 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:50:50 ====

Por cierto muchas gracias por la solución, espero que me vaya bien y no vuelva a aparecer el molesto mensaje. Muchas gracias

Ejecutaste de nuevo Adwcleaner como indiqué?

Comenta como va todo

Si borré el que tenía en el escritorio y bajé un limpio y lo ejecuté. Esto lo hice ayer cuando me llegó tu mensaje. Me llevó un tiempo hacer todo e iba a cotestaros hoy. Desde ayer no ha vuelto a aparecer el mensaje ni el Antivirus diciendo que lo pone en cuarentena, lo borraba y volvía a entrar a los diez o quince minutos, curiosamente siempre que no hacía nada al ordenador en ese momento Os agradezco mucho vuestra ayuda y el interés que os habéis tomado en este tema. Tocaré madera. Si necesitas algún registro y lo tengo te lo puedo enviar. Gracias, un saludo

Para eliminar las herramientas usadas en la desinfección, realizas:

  • Descargas y Ejecutas >> Delfix, en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >>;Ejecutar como Administrador.)

  • Marca solamente la casilla Remove disinfection tools

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Si queda alguna herramienta, la desinstalas desde panel de Windows y aquellas que no estén listadas, se eliminan directamente.


Me alegro de haberte podido ayudar! :+1:


TEMA SOLUCIONADO

Este tema se cerró automáticamente 2 días después de la última publicación. No se permiten nuevas respuestas.