Autoit Error Line 0

Hola, instale un antivirus a mi notebook y después de reiniciar me aparece este mensaje de error.

AutoIt Error Line 0 (File ‘‘C:\streamer\stream.txt’’): Error: Error opening the file.

El antivirus es AVG AntiVirus y Malwarebytes

Y ya no se que hacer para solucionarlo. Desde ya gracias y espero que puedan ayudarme.

Hola @MentePodrida bienvenido a ForoSpyware

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis personalizado, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Informes >> Informe de análisis encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 7/8/19
Hora del análisis: 19:12
Archivo de registro: 7e83d78a-b960-11e9-8015-7c67a29768d1.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11904
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.885)
CPU: x64
Sistema de archivos: NTFS
Usuario: PILAR\mapil

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 468462
Amenazas detectadas: 1
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 hr, 2 min, 31 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 1
PUP.Optional.IdleKMS, C:\USERS\MAPIL\DOWNLOADS\ACTIVADOR OFFICE 2016\AUTOPICO.EXE, Error durante la eliminación, [9615], [156330],1.0.11904

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-07-2019
# Duration: 00:00:02
# OS:       Windows 10 Home Single Language
# Cleaned:  15
# Failed:   1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\Host App Service
Deleted       C:\Users\mapil\Desktop\Got
Deleted       C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted       C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Not Deleted   C:\Users\mapil\AppData\Local\Host App Service

***** [ Files ] *****

Deleted       C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Deleted       HKCU\Software\App Host Service
Deleted       HKCU\Software\Host App Service
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{615AA445-E7CF-45A3-89B6-255BD1857F04} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted       HKU\S-1-5-19\Software\Host App Service
Deleted       HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKU\S-1-5-20\Software\Host App Service
Deleted       HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2816 octets] - [07/08/2019 18:16:42]
AdwCleaner[S01].txt - [2877 octets] - [07/08/2019 18:18:09]
AdwCleaner[C01].txt - [2682 octets] - [07/08/2019 18:18:22]
AdwCleaner[S02].txt - [1595 octets] - [07/08/2019 18:21:26]
AdwCleaner[S03].txt - [1656 octets] - [07/08/2019 18:42:26]
AdwCleaner[C03].txt - [1869 octets] - [07/08/2019 18:43:18]
AdwCleaner[S04].txt - [3101 octets] - [07/08/2019 21:05:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

Seguí todo el procedimiento que describiste sin problemas. Reinicié, pero el equipo sigue dando el mismo cartel de error. Aca adjunte los reportes. Primero el de Malwarebytes y despues el de AdwCleaner.

Hola

Desactiva temporalmente tu antivirus y cualquier programa de seguridad que tengas en funciones.

Descarga Farbar Recovery Scan Tool en el escritorio de Tu PC. Selecciona la versión adecuada para la arquitectura (32 o 64bits) de tu equipo.

Como saber si Mi Windows es de 32 0 64 Bits`

  • Ejecuta FRST.exe
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

En Tu próxima respuesta, debes pegar los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Guía: Como Pegar reportes en el Foro

Un saludo

Primera parte del reporte FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2019 02
Ran by mapil (administrator) on PILAR (LENOVO 80XC) (08-08-2019 10:47:12)
Running from C:\Users\mapil\Desktop
Loaded Profiles: mapil (Available Profiles: mapil)
Platform: Windows 10 Home Single Language Version 1803 17134.885 (X64) Language: Español (España, internacional)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc -> Autodesk Inc.) C:\Users\mapil\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Chaos Software Ltd. -> ) [File not signed] C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe
(Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_65b556571f480af0\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_65b556571f480af0\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_65b556571f480af0\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_65b556571f480af0\IntelCpHeciSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\IMCONTROLLER\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\IMCONTROLLER\Service\Lenovo.Modern.ImController.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.5.21.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.5.21.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781312 2017-01-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2017-01-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [316848 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [APP] => C:\Program Files\Dolby\Dolby DAX3\APP\DAX3TrayIcon.exe [963376 2016-10-27] (Dolby Laboratories, Inc. -> )
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [477064 2013-12-22] (Autodesk, Inc -> Autodesk Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46993264 2019-06-27] (Google LLC -> )
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Run: [strdat] => C:\WINDOWS\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Run: [CCleanerBrowserAutoLaunch_38D584E8D50CEE44D7F6083A927BF627] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1828216 2019-07-22] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Policies\Explorer: [] 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\75.1.103.145\Installer\chrmstp.exe [2019-08-07] (Piriform Software Ltd -> Piriform Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DDCBFBF-2314-4E52-ABC3-5994328AFE31} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {174A51CA-100A-4A30-BB1E-8EBC791AF65B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8e66263d-0c31-433b-9243-ecb35498cd9f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {1DF3209A-A6C7-487C-B8F0-A0CEDABB6E98} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {22047B9F-931A-4A9D-B92B-C72A8875B7F8} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1828216 2019-07-22] (Piriform Software Ltd -> Piriform Software)
Task: {29A4D340-F881-4418-B9C3-06EC9E698771} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {31D8488C-5341-4FD2-A249-CA6801849403} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {376E9827-65FC-4F1A-9A64-BBCE509DCA9F} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {38B531A7-EA4C-4436-93D6-0608BBEDCD9B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54440 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {3D5E157D-0EC8-4EE1-977D-1FE3054CD11C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3987888 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {3DDA1F84-799A-4FC8-8B3F-CE8FBFEDAE0D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {42D49CAE-8063-477C-B3A3-415D7A007F17} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9fdc50fa-e106-45d7-b43b-d88321b5fc69 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {52D995F6-2545-4F9C-9082-67EEB4F30284} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {55601C29-146E-4A1B-953F-FFFFD9DAD721} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-08-07] (Piriform Software Ltd -> Piriform Software)
Task: {89772CD1-2999-491B-AB79-E1B361CDA30D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A647A84-39BD-44B4-9664-41E4D8F05695} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B257178-8F66-4C30-AB4D-5C48E5BF7975} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BA6441F-6A98-47D1-972A-74DAA65E0927} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-08-07] (Piriform Software Ltd -> Piriform Software)
Task: {8F4A9AD5-6E0A-48C1-BC65-6C6072A0126E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B783D31-76A1-4CDD-8198-7767706EC718} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1828216 2019-07-22] (Piriform Software Ltd -> Piriform Software)
Task: {A7F258DA-ED38-45F1-97FD-FCEE750449D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A9C4DE99-80D4-4864-8FA7-0AF8CDF63CE8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF077C78-BAFF-4C18-A38D-D1D153DCF1C1} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {C3E5AB81-790F-46DC-863C-175BED51FB1F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {D84CA3A0-15FE-43C9-9FCA-B889FA2C7B39} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b48ff3be-751e-4c42-9814-514dc1cb141d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E8B5918C-A159-4CBD-A3B5-690EAE576487} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4519576 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFEB1588-0468-4367-BFF7-0020B03733F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-02-21] (Google Inc -> Google Inc.)
Task: {F0694F9C-1FA5-4398-8012-022F723316E0} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2079152 2019-08-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {F3E97987-0FBF-4B77-85E4-6662E2C1E97C} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {FC95872D-F785-43E6-ABAA-2FCA00D37F9D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551488 2019-08-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 9.9.9.9
Tcpip\..\Interfaces\{6cac6d91-44fa-407b-9068-17020174a43f}: [DhcpNameServer] 10.64.90.10
Tcpip\..\Interfaces\{9b9606d5-d84c-419a-bf03-2a10c9ba51f6}: [DhcpNameServer] 150.100.0.10
Tcpip\..\Interfaces\{f11a3610-e547-4784-8b99-44af840b225d}: [DhcpNameServer] 9.9.9.9

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-1577253813-3313902073-122605203-1001 -> DefaultScope {9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} URL = 
SearchScopes: HKU\S-1-5-21-1577253813-3313902073-122605203-1001 -> {9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ke2o1voj.default
FF ProfilePath: C:\Users\mapil\AppData\Roaming\Mozilla\Firefox\Profiles\ke2o1voj.default [2019-08-08]
FF Extension: (Adblock Plus) - C:\Users\mapil\AppData\Roaming\Mozilla\Firefox\Profiles\ke2o1voj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-03-18]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Profile: C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default [2019-08-08]
CHR Extension: (Google Drive) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-14]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AVG SafePrice | Comparaciones, ofertas y cupones) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2019-06-05]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22]
CHR Profile: C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-07]
CHR Profile: C:\Users\mapil\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-07]
CHR HKU\S-1-5-21-1577253813-3313902073-122605203-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\mapil\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-03-18]
CHR HKU\S-1-5-21-1577253813-3313902073-122605203-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [576904 2013-12-22] (Autodesk, Inc -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [415032 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6845400 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-08-07] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\75.1.103.145\elevation_service.exe [978680 2019-07-22] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-08-07] (Piriform Software Ltd -> Piriform Software)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 DAXAPI; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [147760 2017-01-16] (Dolby Laboratories, Inc. -> )
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2211448 2016-11-08] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [174200 2016-10-14] (Intel Corporation - pGFX -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [76968 2019-04-24] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-10-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 VRLService; C:\Program Files\Chaos Group\VRLService\OLS/vrol.exe [6520832 2018-07-06] (Chaos Software Ltd.) [File not signed]
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2018-07-06] (Chaos Software Ltd. -> ) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [209304 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [263784 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [206624 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61736 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42552 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [168944 2019-08-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112568 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [88208 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-08-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [477336 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [225864 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [387736 2019-08-06] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72592 2016-10-24] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67984 2016-10-24] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355216 2016-10-24] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [249104 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-07] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-11] (Microsoft Windows -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_878490f8a01d9e65\nvlddmkm.sys [14244920 2017-01-02] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3222016 2016-12-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X]
S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]

Segunda parte del reporte FRST.txt


==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 10:47 - 2019-08-08 10:47 - 000031836 _____ C:\Users\mapil\Desktop\FRST.txt
2019-08-08 10:45 - 2019-08-08 10:47 - 000000000 ____D C:\FRST
2019-08-08 10:41 - 2019-08-08 10:41 - 002096640 _____ (Farbar) C:\Users\mapil\Desktop\FRST64.exe
2019-08-07 21:22 - 2019-08-07 21:22 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-07 21:17 - 2019-08-07 21:17 - 000179520 _____ C:\Users\mapil\Desktop\cc_20190807_211732.reg
2019-08-07 21:16 - 2019-08-07 21:16 - 000003842 _____ C:\WINDOWS\System32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2019-08-07 21:16 - 2019-08-07 21:16 - 000003258 _____ C:\WINDOWS\System32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2019-08-07 21:16 - 2019-08-07 21:16 - 000002464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2019-08-07 21:16 - 2019-08-07 21:16 - 000002429 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2019-08-07 21:14 - 2019-08-07 21:16 - 000000000 ____D C:\Users\mapil\AppData\Local\CCleaner Browser
2019-08-07 21:14 - 2019-08-07 21:16 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2019-08-07 21:14 - 2019-08-07 21:14 - 000003608 _____ C:\WINDOWS\System32\Tasks\CCleanerUpdateTaskMachineUA
2019-08-07 21:14 - 2019-08-07 21:14 - 000003484 _____ C:\WINDOWS\System32\Tasks\CCleanerUpdateTaskMachineCore
2019-08-07 21:14 - 2019-08-07 21:14 - 000000000 ____D C:\ProgramData\CCleaner Browser
2019-08-07 21:13 - 2019-08-07 21:13 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-07 21:13 - 2019-08-07 21:13 - 000002868 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-08-07 21:13 - 2019-08-07 21:13 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-07 21:13 - 2019-08-07 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-08-07 21:13 - 2019-08-07 21:13 - 000000000 ____D C:\Program Files\CCleaner
2019-08-07 21:11 - 2019-08-07 21:12 - 020891464 _____ (Piriform Software Ltd) C:\Users\mapil\Downloads\ccsetup560.exe
2019-08-07 21:07 - 2019-08-07 21:07 - 000002924 _____ C:\Users\mapil\Desktop\AdwCleaner[C04].txt
2019-08-07 21:02 - 2019-08-07 21:02 - 000001625 _____ C:\Users\mapil\Desktop\reporte de Malwarebytes.txt
2019-08-07 18:31 - 2019-08-07 18:31 - 000000000 ____D C:\Users\mapil\AppData\Local\mbam
2019-08-07 18:29 - 2019-08-07 18:29 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-07 18:29 - 2019-08-07 18:29 - 000000000 ____D C:\Users\mapil\AppData\Local\mbamtray
2019-08-07 18:29 - 2019-08-07 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-07 18:29 - 2019-08-07 18:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-07 18:29 - 2019-08-07 18:29 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-07 18:29 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-08-07 18:29 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-08-07 18:25 - 2019-08-07 18:28 - 064660208 _____ (Malwarebytes ) C:\Users\mapil\Downloads\mb3-setup-009996.009996-3.8.3.2965-1.0.613-1.0.11804.exe
2019-08-07 18:16 - 2019-08-07 18:18 - 000000000 ____D C:\AdwCleaner
2019-08-07 18:14 - 2019-08-07 18:15 - 007623880 _____ (Malwarebytes) C:\Users\mapil\Desktop\adwcleaner_7.4.exe
2019-08-07 12:14 - 2019-08-07 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-08-07 12:13 - 2019-08-07 21:22 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-07-24 20:57 - 2019-08-02 17:53 - 000168944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-07-24 20:57 - 2019-07-24 20:57 - 000001994 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2019-07-24 20:57 - 2019-07-24 20:56 - 000363440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-07-24 20:57 - 2019-07-24 20:56 - 000225864 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-07-12 16:25 - 2019-08-07 12:14 - 000002587 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-07-12 16:25 - 2019-08-07 12:14 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-07-10 18:35 - 2019-07-04 06:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 18:35 - 2019-07-04 01:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 18:35 - 2019-07-04 01:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 18:35 - 2019-07-04 01:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 18:35 - 2019-07-04 01:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 18:35 - 2019-07-04 01:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 18:35 - 2019-07-04 01:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 18:35 - 2019-07-04 01:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 18:34 - 2019-07-04 06:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 18:34 - 2019-07-04 06:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 18:34 - 2019-07-04 06:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-10 18:34 - 2019-07-04 06:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 18:34 - 2019-07-04 06:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 18:34 - 2019-07-04 06:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 18:34 - 2019-07-04 06:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 18:34 - 2019-07-04 06:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 18:34 - 2019-07-04 06:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 18:34 - 2019-07-04 06:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 18:34 - 2019-07-04 06:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 18:34 - 2019-07-04 05:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 18:34 - 2019-07-04 05:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 18:34 - 2019-07-04 05:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 18:34 - 2019-07-04 05:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 18:34 - 2019-07-04 05:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 18:34 - 2019-07-04 05:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 18:34 - 2019-07-04 02:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 18:34 - 2019-07-04 01:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 18:34 - 2019-07-04 01:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 18:34 - 2019-07-04 01:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 18:34 - 2019-07-04 01:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 18:34 - 2019-07-04 01:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 18:34 - 2019-07-04 01:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 18:34 - 2019-07-04 01:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 18:34 - 2019-07-04 01:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 18:34 - 2019-07-04 01:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 18:34 - 2019-07-04 01:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-10 18:34 - 2019-07-04 01:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 18:34 - 2019-07-04 01:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 18:34 - 2019-07-04 01:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 18:34 - 2019-07-04 01:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 18:34 - 2019-07-04 01:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 18:34 - 2019-07-04 01:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 18:34 - 2019-07-04 01:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 18:34 - 2019-07-04 01:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 18:34 - 2019-07-04 01:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 18:34 - 2019-07-04 01:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 18:34 - 2019-07-04 01:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 18:34 - 2019-07-04 01:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 18:34 - 2019-07-04 01:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 18:34 - 2019-07-04 01:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 18:34 - 2019-07-04 01:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 18:34 - 2019-07-04 01:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 18:34 - 2019-07-04 01:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 18:34 - 2019-07-04 01:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 18:34 - 2019-07-04 01:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 18:34 - 2019-07-04 01:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 18:34 - 2019-07-04 01:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-10 18:34 - 2019-07-04 01:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 18:34 - 2019-07-04 01:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 18:34 - 2019-07-04 01:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 18:34 - 2019-07-04 01:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 18:34 - 2019-07-04 01:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 18:34 - 2019-07-04 01:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 18:34 - 2019-07-04 01:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 18:34 - 2019-07-04 01:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 18:34 - 2019-07-04 01:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 18:34 - 2019-07-04 01:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 18:34 - 2019-07-04 01:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 18:34 - 2019-07-04 01:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 18:34 - 2019-07-04 01:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 18:34 - 2019-07-04 01:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 18:34 - 2019-07-04 01:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 18:34 - 2019-07-04 01:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 18:34 - 2019-07-04 01:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 18:34 - 2019-07-04 01:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 18:34 - 2019-07-04 01:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 18:34 - 2019-07-04 01:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 18:34 - 2019-07-04 01:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 18:34 - 2019-07-04 01:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 18:34 - 2019-07-04 01:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 18:34 - 2019-07-04 01:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 18:34 - 2019-07-04 01:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 18:34 - 2019-07-04 01:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 18:34 - 2019-07-04 01:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 18:34 - 2019-07-04 01:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 18:34 - 2019-07-04 01:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 18:34 - 2019-07-04 01:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 18:34 - 2019-07-04 01:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 18:34 - 2019-07-04 00:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-10 18:34 - 2019-06-21 05:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 18:34 - 2019-06-13 09:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 18:34 - 2019-06-13 09:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 18:34 - 2019-06-13 09:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 18:34 - 2019-06-13 09:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 18:34 - 2019-06-13 09:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 18:34 - 2019-06-13 08:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 18:34 - 2019-06-13 08:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 18:34 - 2019-06-13 08:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 18:34 - 2019-06-13 08:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 18:34 - 2019-06-13 08:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 18:34 - 2019-06-13 08:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 18:34 - 2019-06-13 08:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 18:34 - 2019-06-13 08:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 18:34 - 2019-06-13 08:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 18:34 - 2019-06-13 08:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-10 18:34 - 2019-06-13 08:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-10 18:34 - 2019-06-13 08:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-10 18:34 - 2019-06-13 08:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-10 18:34 - 2019-06-13 08:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 18:34 - 2019-06-13 08:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 18:34 - 2019-06-13 08:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 18:34 - 2019-06-13 08:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 18:34 - 2019-06-13 08:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 18:34 - 2019-06-13 08:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 18:34 - 2019-06-13 08:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 18:34 - 2019-06-13 08:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 18:34 - 2019-06-13 08:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 18:34 - 2019-06-13 08:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 18:34 - 2019-06-13 08:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 18:34 - 2019-06-13 08:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 18:34 - 2019-06-13 08:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 18:34 - 2019-06-13 08:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 18:34 - 2019-06-13 08:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 18:34 - 2019-06-13 08:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 18:34 - 2019-06-13 08:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 18:34 - 2019-06-13 08:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 18:34 - 2019-06-13 08:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 18:34 - 2019-06-13 08:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-10 18:34 - 2019-06-13 08:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 18:34 - 2019-06-13 08:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 18:34 - 2019-06-13 07:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-10 18:34 - 2019-06-13 07:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 18:34 - 2019-06-13 07:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 18:34 - 2019-06-13 07:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 18:34 - 2019-06-13 06:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 18:34 - 2019-06-13 06:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 18:34 - 2019-06-13 06:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 18:34 - 2019-06-13 06:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-10 18:34 - 2019-06-13 06:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 18:34 - 2019-06-13 06:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 18:34 - 2019-06-13 06:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 18:34 - 2019-06-13 06:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 18:34 - 2019-06-13 04:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-10 18:34 - 2019-06-13 04:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 18:34 - 2019-06-13 04:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 18:34 - 2019-06-13 04:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 18:34 - 2019-06-13 04:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 18:34 - 2019-06-13 03:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 18:34 - 2019-06-13 03:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 18:34 - 2019-06-13 03:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 18:34 - 2019-06-13 03:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 18:34 - 2019-06-13 03:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-10 18:34 - 2019-06-13 03:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 18:34 - 2019-06-13 03:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 18:34 - 2019-06-13 03:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 18:34 - 2019-06-13 03:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 18:34 - 2019-06-13 03:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-10 18:34 - 2019-06-13 03:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 18:34 - 2019-06-13 03:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-10 18:34 - 2019-06-13 03:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-10 18:34 - 2019-06-13 03:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-10 18:34 - 2019-06-13 03:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 18:34 - 2019-06-13 03:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-10 18:34 - 2019-06-13 03:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 18:34 - 2019-06-13 03:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 18:34 - 2019-06-13 03:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 18:34 - 2019-06-13 03:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-10 18:34 - 2019-06-13 03:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-10 18:34 - 2019-06-13 03:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-10 18:34 - 2019-06-13 03:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-10 18:34 - 2019-06-13 03:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 18:34 - 2019-06-13 03:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 18:34 - 2019-06-13 03:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 18:34 - 2019-06-13 03:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 18:34 - 2019-06-13 03:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 18:34 - 2019-06-13 03:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 18:34 - 2019-06-13 03:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 18:34 - 2019-06-13 03:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-10 18:34 - 2019-06-13 03:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 18:34 - 2019-06-13 03:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 18:34 - 2019-06-13 03:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 18:34 - 2019-06-13 03:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-10 18:34 - 2019-06-13 03:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 18:34 - 2019-06-13 03:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 18:34 - 2019-06-13 03:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 18:34 - 2019-06-13 03:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 18:34 - 2019-06-13 03:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 18:34 - 2019-06-13 03:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 18:34 - 2019-06-13 03:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 18:34 - 2019-06-13 03:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 18:34 - 2019-06-13 03:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-10 18:34 - 2019-06-13 03:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 18:34 - 2019-06-13 02:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 18:34 - 2019-06-13 02:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-10 18:34 - 2019-06-13 02:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-10 18:34 - 2019-06-13 02:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 18:34 - 2019-06-13 02:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 18:34 - 2019-06-13 02:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-10 18:34 - 2019-06-13 02:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-10 18:34 - 2019-06-13 01:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-10 18:34 - 2019-06-13 01:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-10 18:34 - 2019-06-13 01:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-10 18:34 - 2019-06-13 01:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 18:34 - 2019-06-13 01:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 18:34 - 2019-06-13 01:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 18:34 - 2019-06-13 01:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 18:34 - 2019-06-13 01:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 18:34 - 2019-06-13 01:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 18:34 - 2019-06-13 01:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 18:34 - 2019-06-13 01:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-10 18:34 - 2019-06-13 01:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-10 18:34 - 2019-06-13 01:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-10 18:34 - 2019-06-13 01:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 18:34 - 2019-06-13 01:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 18:34 - 2019-06-13 01:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-10 18:34 - 2019-06-13 01:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 10:43 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-08 10:35 - 2018-06-02 19:55 - 000004218 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3BE4BA75-C0D1-4FFC-9D90-52276303727D}
2019-08-08 10:34 - 2018-02-21 21:22 - 000000000 ___RD C:\Users\mapil\Google Drive
2019-08-08 10:33 - 2018-02-21 20:42 - 000000000 __SHD C:\Users\mapil\IntelGraphicsProfiles
2019-08-07 21:46 - 2018-06-02 19:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-07 21:26 - 2018-06-02 19:56 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-07 21:26 - 2018-04-12 13:18 - 000789180 _____ C:\WINDOWS\system32\perfh00A.dat
2019-08-07 21:26 - 2018-04-12 13:18 - 000155760 _____ C:\WINDOWS\system32\perfc00A.dat
2019-08-07 21:26 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-07 21:22 - 2018-06-02 19:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-07 21:22 - 2018-06-02 19:48 - 000447976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-07 21:22 - 2018-04-11 18:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-08-07 21:16 - 2018-07-24 12:13 - 000000000 ____D C:\Users\mapil\AppData\Local\CrashDumps
2019-08-07 21:05 - 2017-09-29 10:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-08-07 19:09 - 2018-06-02 19:50 - 000000000 ____D C:\Users\mapil\AppData\Local\Host App Service
2019-08-07 19:09 - 2017-06-21 13:41 - 000000000 ____D C:\Users\Default\AppData\Local\Host App Service
2019-08-07 19:09 - 2017-06-21 13:41 - 000000000 ____D C:\Users\Default User\AppData\Local\Host App Service
2019-08-07 19:08 - 2017-06-21 13:41 - 000000000 ____D C:\Program Files\Lenovo
2019-08-07 19:07 - 2018-06-02 19:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2019-08-07 19:07 - 2018-03-18 17:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2019-08-07 19:07 - 2018-02-21 21:11 - 000000000 ____D C:\Users\mapil\AppData\Local\Lenovo
2019-08-07 19:07 - 2017-06-21 13:41 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-08-07 19:07 - 2017-06-21 13:31 - 000000000 ____D C:\ProgramData\Lenovo
2019-08-07 18:48 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-07 18:41 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-07 18:29 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-08-07 18:12 - 2018-06-02 19:55 - 000004266 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-08-07 18:11 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-08-07 12:30 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-07 12:14 - 2017-06-21 13:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-06 14:45 - 2018-02-22 01:01 - 000000000 ____D C:\Users\mapil\AppData\Local\Packages
2019-08-06 14:27 - 2018-03-18 16:48 - 000387736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-08-02 17:57 - 2018-02-21 20:44 - 000000000 ____D C:\Program Files\rempl
2019-08-02 17:53 - 2018-03-18 16:48 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-07-24 20:56 - 2019-01-14 18:47 - 000263784 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-07-24 20:56 - 2019-01-14 18:35 - 000206624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-07-24 20:56 - 2019-01-14 18:35 - 000061736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-07-24 20:56 - 2019-01-14 18:35 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-07-24 20:56 - 2018-11-01 21:37 - 000042552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-07-24 20:56 - 2018-03-18 16:48 - 000477336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-07-24 20:56 - 2018-03-18 16:48 - 000209304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-07-24 20:56 - 2018-03-18 16:48 - 000112568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-07-24 20:56 - 2018-03-18 16:48 - 000088208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-07-19 17:00 - 2018-07-16 23:05 - 000003704 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-07-17 10:08 - 2019-06-14 13:08 - 000000000 ____D C:\Users\mapil\Desktop\biblioteca
2019-07-17 09:38 - 2018-03-18 16:34 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-15 10:37 - 2018-10-04 14:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-07-15 10:37 - 2018-07-05 11:31 - 000002816 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-07-15 10:37 - 2018-06-02 19:55 - 000003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-15 10:37 - 2018-06-02 19:55 - 000003260 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-15 10:37 - 2018-06-02 19:55 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1577253813-3313902073-122605203-1001
2019-07-15 10:37 - 2018-06-02 19:55 - 000002564 _____ C:\WINDOWS\System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-07-12 17:29 - 2019-04-24 17:03 - 000000000 ____D C:\Users\mapil\Desktop\Int. al urbanismo
2019-07-11 21:26 - 2018-10-09 11:59 - 000000000 _RSHD C:\streamer
2019-07-11 21:26 - 2018-02-22 08:04 - 000000000 ___RD C:\Users\mapil\3D Objects
2019-07-11 21:26 - 2016-07-29 14:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 21:04 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-10 21:04 - 2018-04-11 18:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 18:34 - 2018-02-24 18:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 18:19 - 2018-02-24 18:13 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-10 18:00 - 2018-06-02 19:50 - 000002404 _____ C:\Users\mapil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-10 18:00 - 2018-02-21 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-10 18:00 - 2018-02-21 20:45 - 000000000 ___RD C:\Users\mapil\OneDrive

==================== Files in the root of some directories ================

2019-05-26 11:52 - 2019-06-12 18:57 - 000000132 _____ () C:\Users\mapil\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-09-29 09:42 - 2019-05-09 13:46 - 000000205 _____ () C:\Users\mapil\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Reporte de archivo Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by mapil (08-08-2019 10:48:09)
Running from C:\Users\mapil\Desktop
Windows 10 Home Single Language Version 1803 17134.885 (X64) (2018-06-02 22:56:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1577253813-3313902073-122605203-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1577253813-3313902073-122605203-503 - Limited - Disabled)
Invitado (S-1-5-21-1577253813-3313902073-122605203-501 - Limited - Disabled)
mapil (S-1-5-21-1577253813-3313902073-122605203-1001 - Administrator - Enabled) => C:\Users\mapil
WDAGUtilityAccount (S-1-5-21-1577253813-3313902073-122605203-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Disabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Aplicaciones destacadas de Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
App Manager de Autodesk (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-E001-040A-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 1.0.59.0 - Autodesk)
Autodesk AutoCAD 2015 - Español (Spanish) (HKLM\...\AutoCAD 2015 - Español (Spanish)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.6.3098 - AVG Technologies)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 75.1.103.145 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.21.0 - Piriform Software) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.0.633 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{CD4FAF77-25BC-4838-9B4B-5C59AC8662D1}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C0408619-0431-4B54-B63C-C3AB18B1E4B4}) (Version: 20.0.633 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.8.364 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - BR (x64) (HKLM\...\{575AFBB6-FDF0-4191-97D0-E109C1A53E9B}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CS (x64) (HKLM\...\{71C1FD4A-E7D1-4C24-82AE-D4A07516B6DD}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CT (x64) (HKLM\...\{D251081C-25F7-4EFA-9DF3-C3D3F751CFB2}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - CZ (x64) (HKLM\...\{1EE74A96-A900-4607-9D63-25F120E19CC4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - DE (x64) (HKLM\...\{78A4A2EA-7C1D-48A9-92F2-FF60E098EF53}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Docs (x64) (HKLM\...\{74127108-BAE6-4A9E-BE10-931292D9E1AC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - ES (x64) (HKLM\...\{AF2C3573-F52E-4B52-AED8-58F14E626002}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - FR (x64) (HKLM\...\{F4A5C1FF-1BEB-40D1-81F7-460F4021AD76}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IT (x64) (HKLM\...\{8A87BFC9-69B9-4A0A-9D3C-5A8884380DE0}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - JP (x64) (HKLM\...\{D202A107-A207-4A8C-ABE9-29640818EC4F}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - NL (x64) (HKLM\...\{65DC3D32-2462-49EC-9263-FB0A5056F899}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PL (x64) (HKLM\...\{217124CA-CFDD-410E-A7F9-C9D43137467E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - RU (x64) (HKLM\...\{EF129473-7919-4CDF-875A-ABF57158901D}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 -TR (x64) (HKLM\...\{AFB3227A-5276-4E51-A305-A893531C4895}) (Version: 20.1 - Corel Corporation) Hidden
Dolby Atmos Windows API SDK (HKLM\...\{4A2D8823-7CFF-4B1D-9A8A-1807645FFB4E}) (Version: 1.0.1.12 - Dolby Laboratories, Inc.)
Dolby Atmos Windows APP (HKLM\...\{3FC92273-FEF4-4C0B-9AF4-F38D747EB765}) (Version: 1.0.0.10 - Dolby Laboratories, Inc.)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Importación de SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4574 - Intel Corporation) Hidden
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 59.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.1 (x64 en-US)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 373.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 373.50 - NVIDIA Corporation) Hidden
Photoshop Cs6 versión Final (HKLM-x32\...\{5CF1F901-ED27-4C34-A9CE-A10E8C1DDDB2}_is1) (Version: Final - Braian Urzagaste)
SketchUp 2017 (HKLM\...\{31645965-D0A5-4D0B-98C8-48A2C804AD7A}) (Version: 17.2.2555 - Trimble Navigation Limited)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.02 - Chaos Software Ltd)
V-Ray Online License Server (HKLM\...\V-Ray Online License Server) (Version: 4.3.1 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.5 - Chaos Software Ltd)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\WhatsApp) (Version: 0.3.3330 - WhatsApp)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-01] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-10] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.2.0.8_x86__h6adky7gbf63m [2019-08-07] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-12] (Dolby Laboratories)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-02-21] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-15] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Studios)
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-24] (Microsoft Corporation) [MS Ad]
Portal de cuenta de Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-02-21] (LENOVO INCORPORATED.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1577253813-3313902073-122605203-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1577253813-3313902073-122605203-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1577253813-3313902073-122605203-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\es-ES\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1577253813-3313902073-122605203-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_65b556571f480af0\igfxDTCM.dll [2017-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-01-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-07-06 11:29 - 2018-07-06 11:29 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ffi\build\Release\ffi_bindings.node
2018-07-06 11:29 - 2018-07-06 11:29 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ref\build\Release\binding.node
2018-07-06 11:29 - 2018-07-06 11:29 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2018-07-06 11:28 - 2018-07-06 11:28 - 000144384 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\os-service\build\Release\service.node
2018-07-06 11:28 - 2018-07-06 11:28 - 000200704 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\VRLService\OLS\node_modules\vrloffline-win32\vrloffline.node
2019-08-08 10:33 - 2019-08-08 10:33 - 000113664 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ctypes.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000173568 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_elementtree.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001800192 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_hashlib.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000032256 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_multiprocessing.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000046080 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_psutil_windows.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000047616 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_socket.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 002230784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ssl.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000026112 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_yappi.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000080896 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\bz2.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 006277632 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\cello.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000014848 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\common.time34.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000007680 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\hashobjs_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000301568 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\PIL._imaging.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000169472 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pyexpat.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001084416 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pysqlite2._sqlite.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000548864 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pythoncom27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000137728 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pywintypes27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000010752 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\select.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020992 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\thumbnails_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000689664 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\unicodedata.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000118784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\usb_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000128512 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32api.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000438784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32com.shell.shell.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000011776 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32crypt.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000023040 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32event.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000149504 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32file.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000223232 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32gui.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000048128 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32inet.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000029696 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pdh.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000027648 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pipe.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000044032 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32process.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020480 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32profile.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000136192 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32security.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000026624 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32ts.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000034304 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.conditional.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000038400 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.connectivity.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000073216 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.device_monitor.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000110592 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.volumes.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020480 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.winwrap.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001325056 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._controls_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001489408 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._core_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001007104 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._gdi_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000103424 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._html2.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000916992 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._misc_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001039872 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._windows_.pyd
2018-07-06 11:29 - 2018-07-06 11:29 - 000090176 _____ (Chaos Software Ltd. -> ) [File not signed] C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
2018-07-06 11:29 - 2018-07-06 11:29 - 006529536 _____ (Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
2018-07-06 11:28 - 2018-07-06 11:28 - 006520832 _____ (Chaos Software Ltd.) [File not signed] C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
2019-08-08 10:33 - 2019-08-08 10:33 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\python27.dll
2019-03-15 12:12 - 2018-08-12 20:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_net_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_adv_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_core_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_html_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1577253813-3313902073-122605203-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 08:47 - 2018-12-07 09:32 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1577253813-3313902073-122605203-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 9.9.9.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{9ADBEF39-3FCB-42DF-9EAB-DA859E61EF44}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [TCP Query User{B3BBE46F-E706-4C12-9CFD-CEA30C39DF15}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [UDP Query User{48243770-C16F-489C-B46C-979D58AD1451}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [TCP Query User{E308FD02-4071-4F5A-87B7-051F2698E237}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [{2F213EC8-97A0-46D3-86EE-32BC270ED66B}] => (Allow) LPort=50248
FirewallRules: [UDP Query User{B5E73EF8-5DB8-4FAA-8D3F-4BB7A79E7157}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{ECCD8D28-7C34-47D9-A2E9-FBE8FA8D6667}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{91B91149-AB0D-417C-B8D1-B99DB5A862B0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{76102FE8-734E-4906-9E17-F46A106FCCB1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B83C39B0-2CCF-4320-83E6-4EDEEAE96E93}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FD20E2A5-37FE-4A83-BEC8-14B056DD6926}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{039DF854-1F08-406C-9A16-93F590580C20}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{99F825DC-0A60-4951-8666-7B19C73BA725}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{AD753399-DE3E-49F2-81EE-8AAA4FF2C47C}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDRW.exe No File
FirewallRules: [{FA409450-7933-44D3-A2AD-C81B40893CCC}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe No File
FirewallRules: [{AEF6CD33-F66E-48D1-BEA1-D7929E57DAB8}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\FontManager.exe No File
FirewallRules: [{E88C38FC-FC10-44E7-92AF-04D3AC5A7CFF}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\Capture.exe No File
FirewallRules: [{70BA2ED6-6131-4777-92B3-EEEBED763E7E}] => (Block) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{4EB99303-C9F2-4ED7-9506-C36FCAEFDF49}] => (Block) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{D604072E-FF8E-4D4B-906B-33E231202C6C}] => (Block) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{A7011E23-A71E-4BB7-A657-0262FCAD3272}] => (Block) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{9FBC4C84-2F7A-4C6E-AAB0-721295256BDE}] => (Block) LPort=20208
FirewallRules: [{2604CFED-60B0-419A-B98D-025818EE7558}] => (Block) LPort=20208
FirewallRules: [{B825334E-42B5-427C-AE09-41012F06344F}] => (Block) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{542B0DB1-5EA6-47CB-959E-11071E6AA88A}] => (Block) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{12ADC012-802A-4A93-AA88-B2C4F1CADEEB}] => (Block) %ProgramFiles%\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\vrlservice_win_4.3.1.exe No File
FirewallRules: [TCP Query User{69CDC00C-3462-4C95-A61B-BFB1EEA75990}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [UDP Query User{4C1E8D89-5E49-44B7-9160-CA0ED1F72111}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [{3E229EDD-F12E-44CF-8505-6A84008A03BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1761CE8A-DD0A-483C-8D07-3D6600259FDF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{2F4D718B-BABC-4BFB-B7B9-AB8D328E466B}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [UDP Query User{E49DBD43-5BB5-4229-95FC-49D7C78F057C}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [TCP Query User{793FCBE0-8F6F-4C0F-B567-38CF8D5761B5}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{27118C23-F8CF-412B-90AA-775EE185B06F}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{97F28F7F-6790-4F77-886E-16DCAD452324}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E7B868C-70C4-4474-B030-D7BCAAD6722E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C5E7166B-0B5C-47F2-9E5C-ABDD06AFB4C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B7A2ABE-4F9A-4DDC-A6D3-01EF64559778}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1ED50EDE-DF7A-48BB-B707-8D4B7EB0DEEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A96F4C4-3245-49E0-8201-FCBFFFC10285}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3558A5B3-E535-428D-AEC1-1C6B540C683E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{03A72C29-3986-4FDA-B540-99650C8CE719}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB718C32-CCCB-40DE-A02E-064E561E0E87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E29ED3DC-6ABC-40C7-9B41-DDFE9B7A5F5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE3CE5DC-D29B-40D5-8966-B57124C4AF5C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5FB4F5E-00CA-4D1B-BB80-065166AB1066}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{036AEAF5-1C46-48D2-9048-A462377277BA}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

02-08-2019 17:55:28 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2019 10:35:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/07/2019 09:17:08 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows no puede cargar el archivo DLL del contador extensible rdyboost. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error de Windows.

Error: (08/07/2019 09:17:07 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Error del procedimiento de apertura para el servicio "BITS" en el archivo DLL "C:\Windows\System32\bitsperf.dll". Los datos de rendimiento para este servicio no estarán disponibles. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de error.

Error: (08/07/2019 07:12:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.1.0.1838, marca de tiempo: 0x5d13b12f
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5cba0161
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0018dc19
Identificador del proceso con errores: 0x1910
Hora de inicio de la aplicación con errores: 0x01d54d6ce225ba6a
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 64b4186a-feb4-438b-a077-7bc7cad9cda1
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2019 06:43:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (08/07/2019 12:32:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: WSCommCntr4.exe, versión: 4.0.3.0, marca de tiempo: 0x52df746e
Nombre del módulo con errores: ntdll.dll, versión: 10.0.17134.799, marca de tiempo: 0x7f828745
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000000000001ee9d
Identificador del proceso con errores: 0x2b20
Hora de inicio de la aplicación con errores: 0x01d54d3543bb1dae
Ruta de acceso de la aplicación con errores: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\SYSTEM32\ntdll.dll
Identificador del informe: e8866c0d-53b9-4864-bd3b-a3687629cf0b
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (08/07/2019 12:30:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (08/07/2019 12:13:13 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (08/08/2019 10:48:33 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:45:48 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:45:34 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:41:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:38:27 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:34:18 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:34:07 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (08/08/2019 10:34:02 AM) (Source: DCOM) (EventID: 10016) (User: PILAR)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario PILAR\mapil con SID (S-1-5-21-1577253813-3313902073-122605203-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2018-06-02 19:55:55.015
Description: 
Antivirus de Windows Defender encontró un error al intentar cargar firmas e intentará revertirlas a un conjunto de firmas conocidas.
Firmas intentadas: Actual
Código de error: 0x80070002
Descripción del error: El sistema no puede encontrar el archivo especificado. 
Versión de firma: 0.0.0.0;0.0.0.0
Versión de motor: 0.0.0.0

==================== Memory info =========================== 

BIOS: LENOVO 4VCN33WW(V2.02) 05/23/2017
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 8077.39 MB
Available physical RAM: 3951.51 MB
Total Virtual: 9357.39 MB
Available Virtual: 5306.8 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:105.59 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.64 GB) NTFS

\\?\Volume{145f7fcc-30ae-4782-8f34-7e54661771d6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.52 GB) NTFS
\\?\Volume{3102f1a7-559d-4b27-9082-57ae23612467}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3540C309)

Partition: GPT.

==================== End of Addition.txt ============================

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Run: [strdat] => C:\WINDOWS\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{9b9606d5-d84c-419a-bf03-2a10c9ba51f6}: [DhcpNameServer] 150.100.0.10
SearchScopes: HKU\S-1-5-21-1577253813-3313902073-122605203-1001 -> DefaultScope {9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} URL = 
SearchScopes: HKU\S-1-5-21-1577253813-3313902073-122605203-1001 -> {9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} URL = 
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22]
S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X]
S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
2019-08-08 10:33 - 2019-08-08 10:33 - 000113664 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ctypes.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000173568 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_elementtree.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001800192 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_hashlib.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000032256 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_multiprocessing.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000046080 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_psutil_windows.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000047616 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_socket.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 002230784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ssl.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000026112 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_yappi.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000080896 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\bz2.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 006277632 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\cello.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000014848 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\common.time34.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000007680 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\hashobjs_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000301568 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\PIL._imaging.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000169472 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pyexpat.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001084416 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pysqlite2._sqlite.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000548864 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pythoncom27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000137728 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pywintypes27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000010752 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\select.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020992 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\thumbnails_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000689664 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\unicodedata.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000118784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\usb_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000128512 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32api.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000438784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32com.shell.shell.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000011776 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32crypt.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000023040 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32event.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000149504 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32file.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000223232 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32gui.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000048128 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32inet.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000029696 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pdh.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000027648 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pipe.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000044032 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32process.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020480 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32profile.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000136192 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32security.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000026624 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32ts.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000034304 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.conditional.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000038400 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.connectivity.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000073216 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.device_monitor.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000110592 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.volumes.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020480 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.winwrap.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001325056 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._controls_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001489408 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._core_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001007104 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._gdi_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000103424 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._html2.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000916992 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._misc_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001039872 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._windows_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\python27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_net_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_adv_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_core_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_html_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
FirewallRules: [UDP Query User{9ADBEF39-3FCB-42DF-9EAB-DA859E61EF44}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [TCP Query User{B3BBE46F-E706-4C12-9CFD-CEA30C39DF15}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [UDP Query User{48243770-C16F-489C-B46C-979D58AD1451}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [TCP Query User{E308FD02-4071-4F5A-87B7-051F2698E237}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [{AD753399-DE3E-49F2-81EE-8AAA4FF2C47C}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDRW.exe No File
FirewallRules: [{FA409450-7933-44D3-A2AD-C81B40893CCC}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe No File
FirewallRules: [{AEF6CD33-F66E-48D1-BEA1-D7929E57DAB8}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\FontManager.exe No File
FirewallRules: [{E88C38FC-FC10-44E7-92AF-04D3AC5A7CFF}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\Capture.exe No File
FirewallRules: [{70BA2ED6-6131-4777-92B3-EEEBED763E7E}] => (Block) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{4EB99303-C9F2-4ED7-9506-C36FCAEFDF49}] => (Block) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{D604072E-FF8E-4D4B-906B-33E231202C6C}] => (Block) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{A7011E23-A71E-4BB7-A657-0262FCAD3272}] => (Block) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{B825334E-42B5-427C-AE09-41012F06344F}] => (Block) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{542B0DB1-5EA6-47CB-959E-11071E6AA88A}] => (Block) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{12ADC012-802A-4A93-AA88-B2C4F1CADEEB}] => (Block) %ProgramFiles%\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\vrlservice_win_4.3.1.exe No File
FirewallRules: [TCP Query User{69CDC00C-3462-4C95-A61B-BFB1EEA75990}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [UDP Query User{4C1E8D89-5E49-44B7-9160-CA0ED1F72111}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [TCP Query User{2F4D718B-BABC-4BFB-B7B9-AB8D328E466B}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [UDP Query User{E49DBD43-5BB5-4229-95FC-49D7C78F057C}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [TCP Query User{793FCBE0-8F6F-4C0F-B567-38CF8D5761B5}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{27118C23-F8CF-412B-90AA-775EE185B06F}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola, he reiniciado el equipo y ya no me da el error, gracias. A continuación envío el contenido del fichero FIXLOG.EXE

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by mapil (09-08-2019 21:28:57) Run:1
Running from C:\Users\mapil\Desktop
Loaded Profiles: mapil (Available Profiles: mapil)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\...\Run: [strdat] => C:\WINDOWS\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript  "C:\streamer\stream.txt" & exit
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Tcpip\..\Interfaces\{9b9606d5-d84c-419a-bf03-2a10c9ba51f6}: [DhcpNameServer] 150.100.0.10
SearchScopes: HKU\S-1-5-21-1577253813-3313902073-122605203-1001 -> DefaultScope {9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} URL = 
SearchScopes: HKU\S-1-5-21-1577253813-3313902073-122605203-1001 -> {9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} URL = 
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22]
S3 WacHidRouterPro; \SystemRoot\System32\drivers\wachidrouter.sys [X]
S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
2019-08-08 10:33 - 2019-08-08 10:33 - 000113664 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ctypes.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000173568 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_elementtree.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001800192 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_hashlib.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000032256 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_multiprocessing.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000046080 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_psutil_windows.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000047616 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_socket.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 002230784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ssl.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000026112 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\_yappi.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000080896 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\bz2.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 006277632 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\cello.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000014848 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\common.time34.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000007680 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\hashobjs_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000301568 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\PIL._imaging.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000169472 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pyexpat.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001084416 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pysqlite2._sqlite.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000548864 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pythoncom27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000137728 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\pywintypes27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000010752 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\select.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020992 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\thumbnails_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000689664 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\unicodedata.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000118784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\usb_ext.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000128512 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32api.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000438784 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32com.shell.shell.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000011776 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32crypt.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000023040 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32event.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000149504 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32file.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000223232 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32gui.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000048128 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32inet.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000029696 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pdh.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000027648 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pipe.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000044032 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32process.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020480 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32profile.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000136192 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32security.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000026624 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32ts.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000034304 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.conditional.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000038400 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.connectivity.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000073216 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.device_monitor.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000110592 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.volumes.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000020480 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.winwrap.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001325056 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._controls_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001489408 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._core_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001007104 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._gdi_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000103424 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._html2.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 000916992 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._misc_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 001039872 _____ () [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._windows_.pyd
2019-08-08 10:33 - 2019-08-08 10:33 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\python27.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_net_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_adv_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_core_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_html_vc90_x64.dll
2019-08-08 10:33 - 2019-08-08 10:33 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
FirewallRules: [UDP Query User{9ADBEF39-3FCB-42DF-9EAB-DA859E61EF44}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [TCP Query User{B3BBE46F-E706-4C12-9CFD-CEA30C39DF15}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [UDP Query User{48243770-C16F-489C-B46C-979D58AD1451}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [TCP Query User{E308FD02-4071-4F5A-87B7-051F2698E237}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Block) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe () [File not signed]
FirewallRules: [{AD753399-DE3E-49F2-81EE-8AAA4FF2C47C}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDRW.exe No File
FirewallRules: [{FA409450-7933-44D3-A2AD-C81B40893CCC}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe No File
FirewallRules: [{AEF6CD33-F66E-48D1-BEA1-D7929E57DAB8}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\FontManager.exe No File
FirewallRules: [{E88C38FC-FC10-44E7-92AF-04D3AC5A7CFF}] => (Block) %ProgramFiles%\Corel\CorelDRAW Graphics Suite 2018\Programs64\Capture.exe No File
FirewallRules: [{70BA2ED6-6131-4777-92B3-EEEBED763E7E}] => (Block) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{4EB99303-C9F2-4ED7-9506-C36FCAEFDF49}] => (Block) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [{D604072E-FF8E-4D4B-906B-33E231202C6C}] => (Block) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{A7011E23-A71E-4BB7-A657-0262FCAD3272}] => (Block) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{B825334E-42B5-427C-AE09-41012F06344F}] => (Block) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{542B0DB1-5EA6-47CB-959E-11071E6AA88A}] => (Block) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe (Chaos Software Ltd.) [File not signed]
FirewallRules: [{12ADC012-802A-4A93-AA88-B2C4F1CADEEB}] => (Block) %ProgramFiles%\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\vrlservice_win_4.3.1.exe No File
FirewallRules: [TCP Query User{69CDC00C-3462-4C95-A61B-BFB1EEA75990}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [UDP Query User{4C1E8D89-5E49-44B7-9160-CA0ED1F72111}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Block) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [TCP Query User{2F4D718B-BABC-4BFB-B7B9-AB8D328E466B}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [UDP Query User{E49DBD43-5BB5-4229-95FC-49D7C78F057C}C:\program files\sketchup\sketchup 2017\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2017\sketchup.exe (Trimble Navigation -> Trimble Navigation Limited) [File not signed]
FirewallRules: [TCP Query User{793FCBE0-8F6F-4C0F-B567-38CF8D5761B5}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{27118C23-F8CF-412B-90AA-775EE185B06F}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe] => (Allow) C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe (GitHub, Inc.) [File not signed]


HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKU\S-1-5-21-1577253813-3313902073-122605203-1001\Software\Microsoft\Windows\CurrentVersion\Run\\strdat" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{9b9606d5-d84c-419a-bf03-2a10c9ba51f6}\\DhcpNameServer" => removed successfully
"HKU\S-1-5-21-1577253813-3313902073-122605203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1577253813-3313902073-122605203-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} => removed successfully
HKLM\Software\Classes\CLSID\{9D0F1D42-334A-4B2A-B87D-0E9B6AEF6991} => not found
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
CHR Extension: (Chrome Media Router) - C:\Users\mapil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\WacHidRouterPro => removed successfully
WacHidRouterPro => service removed successfully
HKLM\System\CurrentControlSet\Services\wacomrouterfilter => removed successfully
wacomrouterfilter => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ctypes.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_elementtree.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_hashlib.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_multiprocessing.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_psutil_windows.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_socket.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_ssl.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\_yappi.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\bz2.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\cello.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\common.time34.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\hashobjs_ext.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\PIL._imaging.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\pyexpat.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\pysqlite2._sqlite.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\pythoncom27.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\pywintypes27.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\select.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\thumbnails_ext.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\unicodedata.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\usb_ext.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32api.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32com.shell.shell.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32crypt.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32event.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32file.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32gui.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32inet.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pdh.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32pipe.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32process.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32profile.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32security.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\win32ts.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.conditional.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.connectivity.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.device_monitor.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.volumes.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\windows.winwrap.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._controls_.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._core_.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._gdi_.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._html2.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._misc_.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wx._windows_.pyd" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\python27.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxbase30u_vc90_x64.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\mapil\AppData\Local\Temp\_MEI77922\wxmsw30u_webview_vc90_x64.dll" => not found
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9ADBEF39-3FCB-42DF-9EAB-DA859E61EF44}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B3BBE46F-E706-4C12-9CFD-CEA30C39DF15}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{48243770-C16F-489C-B46C-979D58AD1451}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E308FD02-4071-4F5A-87B7-051F2698E237}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD753399-DE3E-49F2-81EE-8AAA4FF2C47C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA409450-7933-44D3-A2AD-C81B40893CCC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AEF6CD33-F66E-48D1-BEA1-D7929E57DAB8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E88C38FC-FC10-44E7-92AF-04D3AC5A7CFF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70BA2ED6-6131-4777-92B3-EEEBED763E7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4EB99303-C9F2-4ED7-9506-C36FCAEFDF49}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D604072E-FF8E-4D4B-906B-33E231202C6C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A7011E23-A71E-4BB7-A657-0262FCAD3272}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B825334E-42B5-427C-AE09-41012F06344F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{542B0DB1-5EA6-47CB-959E-11071E6AA88A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12ADC012-802A-4A93-AA88-B2C4F1CADEEB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{69CDC00C-3462-4C95-A61B-BFB1EEA75990}C:\program files\sketchup\sketchup 2017\sketchup.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4C1E8D89-5E49-44B7-9160-CA0ED1F72111}C:\program files\sketchup\sketchup 2017\sketchup.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F4D718B-BABC-4BFB-B7B9-AB8D328E466B}C:\program files\sketchup\sketchup 2017\sketchup.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E49DBD43-5BB5-4229-95FC-49D7C78F057C}C:\program files\sketchup\sketchup 2017\sketchup.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{793FCBE0-8F6F-4C0F-B567-38CF8D5761B5}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{27118C23-F8CF-412B-90AA-775EE185B06F}C:\program files\chaos group\v-ray\v-ray 3.4 for sketchup\extension\vrayneui-win32-x64\vrayneui.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1577253813-3313902073-122605203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1577253813-3313902073-122605203-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49851457 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 11420038 B
Edge => 5238 B
Chrome => 35143734 B
Firefox => 17168178 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1822 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
mapil => 252960770 B

RecycleBin => 0 B
EmptyTemp: => 359.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:29:21 ====

El error era causado por algún tipo de infección?

Hola @MentePodrida

Si, tenía infección tu equipo.

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :+1: Damos el tema por solucionado.

Solucionado

Un saludo