Microsoft Store no funciona

Hola

Soy nuevo y no se si es correcto que publique aquí mi consulta o debería abrir un tema nuevo. Pero tengo un problema muy similar al planteado por @Nestea,

Hace un par de días, quise instalar la aplicación de Xbox Beta pero durante el proceso de instalación no avanzaba la barra. Intente instalarlo desde Microsoft Store y me percaté que tenía algunas actualizaciones pendientes. Buscando por Internet vi que el problema pudiera ser causado por falta de actualizaciones o bloque por parte del antivirus (también utilizo BitDefender). Llegado a este punto fue cuando me di cuenta que no puedo hacer actualizaciones (me un mensaje como el siguiente: Hubo algunos problemas al instalar las actualizaciones, pero lo volveremos a intentar más tarde. Si sigues viendo este mensaje y quieres buscar en la web o ponerte en contacto con soporte técnico para obtener más información, es posible que este código te sirva de ayuda: (0x80080005)) y que BitDefender había dejado de funcionar, el ejecutador no iniciaba ni tenía el clásico icono de la aplicación. Por lo que se me hizo fácil borrar la aplicación y tratar de volver a instalar, al querer instalar me da un error diciéndome que ya tengo instalada la aplicación.

Así que busqué alternativas para buscar y borrar virus y lo primero que probé fue ESET Online QuickScan, tuvo varios hallazgos pero no solucionó el problema y en mi búsqueda de respuestas fue como llegué a este foro.

Ya hice la Guía de detección y eliminación de Malwares 2019, algunas cosas mas fueron detectadas pero ESET no volvió a tener hallazgo, pero el problema de las actualizaciones y la store aún persisten.

Espero puedan ayudarme.

Saludos

Hola @irken_larry

Bienvenido al Foro!!!

Moví tu tema a un post propio, ya que aquí la ayuda es personalizada.

Podrías colocarnos los reportes de las herramientas que corriste en el orden que las ejecutaste?

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2.

muchas gracias por el apoyo

Empiezo con el reporte de Rkill

http://www.bleepingcomputer.com/
Copyright 2008-2019 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/19/2019 08:01:19 PM in x64 mode.
Windows Version: Windows 10 Home 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 11/19/2019 08:02:12 PM
Execution time: 0 hours(s), 0 minute(s), and 52 seconds(s)

Ahora el de Malwarebytes

www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 19/11/19
Hora del análisis: 20:02
Archivo de registro: e05cbd8e-0b39-11ea-baa0-40b07608c9ae.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15160
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-O68ORMB\avela

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 387022
Amenazas detectadas: 54
Amenazas en cuarentena: 54
Tiempo transcurrido: 4 min, 15 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 26
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Delta, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 317, 455070, , , , 
PUP.Optional.Delta, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 317, 455070, , , , 
PUP.Optional.Iminent, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 88, 455248, , , , 
PUP.Optional.Iminent, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 88, 455248, , , , 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Iminent, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 88, 455248, , , , 
PUP.Optional.Iminent, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 88, 455248, , , , 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Iminent, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 88, 455248, , , , 
PUP.Optional.Iminent, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 88, 455248, , , , 
PUP.Optional.Spigot, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 157, 475078, , , , 
PUP.Optional.Spigot, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 157, 475078, , , , 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Delta, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 317, 455070, , , , 
PUP.Optional.Delta, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 317, 455070, , , , 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 201, 454832, , , , 
PUP.Optional.Delta, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 317, 455070, , , , 
PUP.Optional.Delta, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, En cuarentena, 317, 455070, , , , 

Archivo: 28
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000006.log, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.ldb, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.log, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\Users\bobal\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, En cuarentena, 201, 454832, , , , 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 454832, 1.0.15160, , ame, 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 454832, 1.0.15160, , ame, 
PUP.Optional.Delta, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 317, 455070, 1.0.15160, , ame, 
PUP.Optional.Iminent, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 88, 455248, 1.0.15160, , ame, 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 454832, 1.0.15160, , ame, 
PUP.Optional.Iminent, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 88, 455248, 1.0.15160, , ame, 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 454832, 1.0.15160, , ame, 
PUP.Optional.Iminent, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 88, 455248, 1.0.15160, , ame, 
PUP.Optional.Spigot, C:\USERS\BOBAL\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, 157, 475078, 1.0.15160, , ame, 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 454832, 1.0.15160, , ame, 
PUP.Optional.Delta, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 317, 455070, 1.0.15160, , ame, 
PUP.Optional.Conduit, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 201, 454832, 1.0.15160, , ame, 
PUP.Optional.Delta, C:\USERS\AVELA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, 317, 455070, 1.0.15160, , ame, 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end) ````

Hola @irken_larry

Se ve bastante infectado.

Ahora realiza lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

Luego de reiniciar:

4.- Desactiva nuevamente temporalmente tu antivirus y cualquier programa de seguridad.

5.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

6.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Hola @SanMar muchas gracias por tu apoyo, voy poniendo los informes solicitados

Empiezo con el de AdwCleaner, del cual ya tenia un informe previo, también te lo adjunto aquí

Scan del 18 de Noviembre

# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-18-2019
# Duration: 00:00:38
# OS:       Windows 10 Home
# Scanned:  35182
# Detected: 28


***** [ Services ] *****

PUP.Optional.Legacy             updater

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\bobal\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\bobal\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.DriveTheLife       C:\Program Files (x86)\OSTotoSoft\DriverTalent
PUP.Optional.DriverBooster      C:\Program Files (x86)\IOBIT\Driver Booster
PUP.Optional.DriverBooster      C:\ProgramData\IOBIT\Driver Booster
PUP.Optional.DriverBooster      C:\Users\avela\AppData\Roaming\IOBIT\Driver Booster
PUP.Optional.DriverTalent       C:\Program Files (x86)\OSTotoSoft
PUP.Optional.Legacy             C:\Users\avela\Documents\TotalAV
PUP.Optional.PCProtect          C:\ProgramData\SecuritySuite

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.DriverBooster      C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (AVELA)
PUP.Optional.Legacy             C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\Wow6432Node\IObit\RealTimeProtector
PUP.Optional.DriverBooster      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4BE6CFF-55F2-4463-BC24-9EA18F4BEF24} 
PUP.Optional.DriverBooster      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4BE6CFF-55F2-4463-BC24-9EA18F4BEF24} 
PUP.Optional.DriverBooster      HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (AVELA)
PUP.Optional.DriverBooster      HKLM\Software\Wow6432Node\IObit\Driver Booster
PUP.Optional.DriverBooster      HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1
PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BC39992-A6A2-4031-9FF3-A5826F036B47} 
PUP.Optional.Legacy             HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
PUP.Optional.PCProtect          HKCU\Software\SSProtect
PUP.Optional.TotalAV            HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV            HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             cknghehebaconkajgiobncfleofebcog

***** [ Chromium URLs ] *****

PUP.Optional.SofTonicAssistant  Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [9684 octets] - [18/11/2019 17:08:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Cleanner del 18 de Noviembre

# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-18-2019
# Duration: 00:00:03
# OS:       Windows 10 Home
# Cleaned:  28
# Failed:   0


***** [ Services ] *****

Deleted       updater

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted       C:\Program Files (x86)\IOBIT\Driver Booster
Deleted       C:\Program Files (x86)\OSTotoSoft
Deleted       C:\Program Files (x86)\OSTotoSoft\DriverTalent
Deleted       C:\ProgramData\IOBIT\Driver Booster
Deleted       C:\ProgramData\SecuritySuite
Deleted       C:\Users\avela\AppData\Roaming\IOBIT\Driver Booster
Deleted       C:\Users\avela\Documents\TotalAV
Deleted       C:\Users\bobal\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\bobal\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
Deleted       C:\Windows\System32\Tasks\DRIVER BOOSTER SKIPUAC (AVELA)

***** [ Registry ] *****

Deleted       HKCU\Software\SSProtect
Deleted       HKCU\Software\csastats
Deleted       HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4BE6CFF-55F2-4463-BC24-9EA18F4BEF24} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BC39992-A6A2-4031-9FF3-A5826F036B47} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4BE6CFF-55F2-4463-BC24-9EA18F4BEF24} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DRIVER BOOSTER SKIPUAC (AVELA)
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted       HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted       HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted       HKLM\Software\Wow6432Node\IObit\Driver Booster
Deleted       HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1

***** [ Chromium (and derivatives) ] *****

Deleted       cknghehebaconkajgiobncfleofebcog

***** [ Chromium URLs ] *****

Deleted       Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [44214 octets] - [18/11/2019 17:08:24]
AdwCleaner[S00].txt - [3709 octets] - [18/11/2019 17:09:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Ahora van los siguientes

Scan del 20 de Noviembre

# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-11-20.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-20-2019
# Duration: 00:00:16
# OS:       Windows 10 Home
# Scanned:  35226
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             cknghehebaconkajgiobncfleofebcog

***** [ Chromium URLs ] *****

PUP.Optional.Conduit            Conduit
PUP.Optional.Conduit            Conduit Search
PUP.Optional.Legacy             StartWeb
PUP.Optional.SofTonicAssistant  Softonic ES

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [54623 octets] - [18/11/2019 17:08:24]
AdwCleaner[S00].txt - [3709 octets] - [18/11/2019 17:09:08]
AdwCleaner[C00].txt - [3382 octets] - [18/11/2019 17:09:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Clean del 20 de Noviembre

# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-11-20.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-20-2019
# Duration: 00:00:01
# OS:       Windows 10 Home
# Cleaned:  5
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted       cknghehebaconkajgiobncfleofebcog

***** [ Chromium URLs ] *****

Deleted       Conduit
Deleted       Conduit Search
Deleted       Softonic ES
Deleted       StartWeb

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [60094 octets] - [18/11/2019 17:08:24]
AdwCleaner[S00].txt - [3709 octets] - [18/11/2019 17:09:08]
AdwCleaner[C00].txt - [3382 octets] - [18/11/2019 17:09:34]
AdwCleaner[S01].txt - [1680 octets] - [20/11/2019 22:45:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

El siguiente es el informe de ZHPCleaner

Scan

~ Run by avela (Administrator)  (20/11/2019 22:51:06)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\avela\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\avela\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 18362)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Archivo hosts (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (6)
ENCONTRADOS carpeta: C:\Users\avela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk  [Bad : C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
ENCONTRADOS carpeta: C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe [BitTorrent Inc. - µTorrent]  =>BitTorrent (P2P)
ENCONTRADOS carpeta: C:\Users\avela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk    =>BitTorrent (P2P)
ENCONTRADOS carpeta: C:\Users\avela\AppData\Local\MSfree Inc\kmsauto.ini    =>HackTool.WinActivator
ENCONTRADOS archivo: C:\Users\avela\AppData\Local\MSfree Inc  =>HackTool.WinActivator
ENCONTRADOS archivo: C:\ProgramData\IObit\ASCDownloader  =>SUP.Optional.AdvancedSystemCare


---\\  Registro ( Claves, Valores, Datos) (1)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)


---\\  Resumen de elementos en su estación de trabajo (3)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/  =>HackTool.WinActivator
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>SUP.Optional.AdvancedSystemCare


---\\ Resultado de la reparación.
~ ninguna reparación hecha
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK


---\\ STATISTIQUES
~ Items escaneado : 108950
~ Items encontrado : 10
~ artículos cancelados : 0
~ Items opciones : 6/13
~ Ahorro de espacio (bytes) : 0


~ End of search in 00h09mn01s

---\\  Reporte (0)
ZHPCleaner-[S]-20112019-23_00_07.txt

Repair

~ Run by avela (Administrator)  (20/11/2019 23:04:03)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparar
~ Report : C:\Users\avela\Desktop\ZHPCleaner (R).txt
~ Quarantine : C:\Users\avela\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : OK
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 18362)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Archivo hosts (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (3)
MOVIDO carpeta: C:\Users\avela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk  [Bad : C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe](.BitTorrent Inc..)  =>BitTorrent (P2P)
MOVIDO archivo: C:\Users\avela\AppData\Local\MSfree Inc  =>HackTool.WinActivator
MOVIDO archivo: C:\ProgramData\IObit\ASCDownloader  =>SUP.Optional.AdvancedSystemCare


---\\  Registro ( Claves, Valores, Datos) (1)
BORRADOS clave*: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent [BitTorrent Inc.]  =>BitTorrent (P2P)


---\\  Resumen de elementos en su estación de trabajo (3)
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/01/13/hacktool-winactivator/  =>HackTool.WinActivator
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/  =>SUP.Optional.AdvancedSystemCare


---\\ Limpieza adicional. (6)
~ Clave de registro Tracing borrados (6)
~ Quitar los antiguos informes de ZHPCleaner. (0)


---\\ Resultado de la reparación.
~ Reparación llevada a cabo con éxito
~ Google Chrome OK
~ Mozilla Firefox OK
~ Internet Explorer OK


---\\ STATISTIQUES
~ Items escaneado : 1451
~ Items encontrado : 0
~ artículos cancelados : 0
~ Items opciones : 6/13
~ Ahorro de espacio (bytes) : 0


~ End of clean in 00h00mn11s

---\\  Reporte (2)
ZHPCleaner-[S]-20112019-23_00_07.txt
ZHPCleaner-[R]-20112019-23_04_14.txt

Hola @irken_larry

Todos te encontraron algo… :stuck_out_tongue_winking_eye:

Solo faltarían los reportes de FRST.

Salu2

Ay si, ya va saliendo todo el mal

Aquí está el que faltaba

Ran by avela (administrator) on DESKTOP-O68ORMB (20-11-2019 23:23:23)
Running from C:\Users\avela\Desktop
Loaded Profiles: avela & openpgsvc (Available Profiles: avela & bobal & Usuario & openpgsvc)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\openerp-server.exe
() [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32_service.exe
() [File not signed] F:\DS4Windows.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atiesrxx.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\Users\avela\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\avela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Nalpeiron Inc -> Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\postgres.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [HP Deskjet 4640 series (NET)] => C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [uTorrent] => C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe [2005224 2019-10-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [HP Deskjet 4640 series (Red)] => C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35997584 2019-11-15] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\MountPoints2: {2256871f-330b-11e9-9a7b-40b07608c9ae} - "D:\Setup.exe" 
HKU\S-1-5-21-2094261658-3533611375-3775376471-1007\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-11] (Google LLC -> Google LLC)
Startup: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2019-11-17]
ShortcutTarget: DS4Windows.lnk -> F:\DS4Windows.exe () [File not signed]
Startup: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-05-04]
ShortcutTarget: MEGAsync.lnk -> C:\Users\avela\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {018426F8-1BAA-4711-B498-A5D2D88D122E} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {023079A7-E4E7-4A29-8B0C-02A51EE45F36} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
Task: {07AE9E08-0E9F-4429-A6C2-6BCB776AEC2A} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {0AD68D47-C4A9-4DEE-9067-600FBE965254} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {12E83305-E7BC-455B-B141-0C925B3C6C21} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe
Task: {1613B7A6-C8F8-4CB9-8C0B-1F56007D7844} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-13] (Google Inc -> Google Inc.)
Task: {22E725B5-6FA1-4D1A-AB2D-7CF3704FE85F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {238E2738-EFF5-4338-9448-0081DA288C8D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156504 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {321BB10F-0EED-4DFD-A622-E32D0596A1F2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EC841D6-460A-4F85-A1BE-D569623DFB94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-13] (Google Inc -> Google Inc.)
Task: {56652CD1-EDD8-4C95-B86B-C3F761D397BD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2377600 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B79AA18-A3A0-4B54-A3DE-22790C8697AA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170176 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8422A825-595E-4BC8-B71F-B0BA840C05AC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {97C0280A-6230-42D3-98CA-62DA7F380EBB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170176 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D50D071-604F-4E0D-B054-FCDA8BB59F38} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156504 2019-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A60D41A9-7648-464F-AD10-82B5582441D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {AA65D06C-63D0-4E37-961B-6F2DFF1D831F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {AD722BDF-EF76-47AD-9804-1DB2F1A3E5BC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C65CC687-4449-48E5-B2A1-7C3364CD6B16} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367800 2019-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAD9694D-576F-45DD-BCC9-B7D74462C9D8} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {FC9D7A1F-D873-446E-AC4C-3F6E23C0050B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367800 2019-11-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDFEBB8A-920C-41D7-A2BA-0F44A6B84253} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FEB1EBAD-5D2B-4ECF-9CFA-64880DC0A3AB} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.2.9.180 10.2.9.2
Tcpip\..\Interfaces\{134036e7-a115-4950-a000-c38636eef46d}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{134036e7-a115-4950-a000-c38636eef46d}: [DhcpNameServer] 10.2.9.180 10.2.9.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: No Name -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> No File
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> No File
BHO-x32: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ksu47khx.default
FF ProfilePath: C:\Users\avela\AppData\Roaming\Mozilla\Firefox\Profiles\ksu47khx.default [2019-11-20]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\avela\AppData\Roaming\Mozilla\Firefox\Profiles\ksu47khx.default\Extensions\[email protected] [2019-05-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com.mx/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default [2019-11-20]
CHR Extension: (Presentaciones) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-13]
CHR Extension: (Documentos) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-13]
CHR Extension: (Lucidchart Diagrams) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2019-02-13]
CHR Extension: (Google Drive) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-13]
CHR Extension: (YouTube) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-13]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Zotero Connector) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2019-09-21]
CHR Extension: (Hojas de cálculo) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-14]
CHR Extension: (Flatbook) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2019-09-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-15]
CHR Extension: (Black & White) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhlgkfginnlendpfkhcmldikeepoefa [2019-03-31]
CHR Extension: (TubeBuddy) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2019-11-20]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]
CHR HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atiesrxx.exe [509144 2019-11-02] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-08-08] (AMD) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-02] (BattlEye Innovations e.K. -> )
S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2015-09-25] (508 Software, LLC -> CleverFiles)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649912 2019-11-08] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-03-27] (ICEpower a/s -> ICEpower)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-11-18] (Malwarebytes Inc -> Malwarebytes)
R2 odoo-server-8.0; C:\Program Files (x86)\Odoo 8.0-20150411\service\win32_service.exe [23552 2015-04-10] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S2 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 PostgreSQL_For_Odoo; "C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\pg_ctl.exe" runservice -N "PostgreSQL_For_Odoo" -D "C:/Program Files (x86)/Odoo 8.0-20150411/PostgreSQL/data" -w [X] <==== ATTENTION

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 AMDHDAudBusService; C:\WINDOWS\System32\drivers\amdhdaudbus.sys [76704 2019-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atikmdag.sys [60655320 2019-11-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atikmpag.sys [598224 2019-11-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103456 2019-08-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31520 2019-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [146304 2019-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-11-18] (Malwarebytes Corporation -> Malwarebytes)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_e3f21201adb86c74\gameflt.sys [70704 2019-10-11] (Microsoft Windows -> Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-27] (Martin Malik - REALiX -> REALiX(tm))
S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2019-02-21] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-11-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-11-20] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-11-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-11-20] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-10-26] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2019-10-11] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-20 23:21 - 2019-11-20 23:22 - 000074610 _____ C:\Users\avela\Desktop\Addition.txt
2019-11-20 23:20 - 2019-11-20 23:24 - 000035501 _____ C:\Users\avela\Desktop\FRST.txt
2019-11-20 23:20 - 2019-11-20 23:23 - 000000000 ____D C:\FRST
2019-11-20 23:19 - 2019-11-20 23:19 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-11-20 23:19 - 2019-11-20 23:19 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-11-20 23:19 - 2019-11-20 23:19 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-11-20 23:19 - 2019-11-20 23:19 - 000000000 ___HD C:\OneDriveTemp
2019-11-20 23:19 - 2019-11-20 23:19 - 000000000 ____D C:\Users\avela\AppData\LocalLow\uTorrent
2019-11-20 23:18 - 2019-11-20 23:18 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-20 23:18 - 2019-11-20 23:18 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-20 23:18 - 2019-11-20 23:18 - 000002256 _____ C:\Users\avela\Desktop\cc_20191120_231757.reg
2019-11-20 23:15 - 2019-11-20 23:15 - 002260480 _____ (Farbar) C:\Users\avela\Desktop\FRST64.exe
2019-11-20 23:04 - 2019-11-20 23:04 - 000002529 _____ C:\Users\avela\Desktop\ZHPCleaner (R).txt
2019-11-20 23:00 - 2019-11-20 23:00 - 000002727 _____ C:\Users\avela\Desktop\ZHPCleaner (S).txt
2019-11-20 22:50 - 2019-11-20 23:04 - 000000000 ____D C:\Users\avela\AppData\Roaming\ZHP
2019-11-20 22:50 - 2019-11-20 22:50 - 000000916 _____ C:\Users\avela\Desktop\ZHPCleaner.lnk
2019-11-20 22:50 - 2019-11-20 22:50 - 000000000 ____D C:\Users\avela\AppData\Local\ZHP
2019-11-20 22:43 - 2019-11-20 22:43 - 003332992 _____ (Nicolas Coolman) C:\Users\avela\Desktop\2_ZHPCleaner.exe
2019-11-20 22:40 - 2019-11-20 22:40 - 007622344 _____ (Malwarebytes) C:\Users\avela\Desktop\1_adwcleaner_7.4.2.exe
2019-11-20 11:47 - 2019-11-20 11:47 - 000000000 ____D C:\Users\bobal\AppData\Local\inXile entertainment
2019-11-20 11:37 - 2019-11-20 11:37 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Arcen Games, LLC
2019-11-20 11:28 - 2019-11-20 11:28 - 000000000 ____D C:\ProgramData\Ubisoft
2019-11-20 11:14 - 2019-11-20 11:14 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Downloaded Installations
2019-11-20 10:51 - 2019-11-20 10:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Hollow Ponds
2019-11-20 10:07 - 2019-11-20 10:07 - 000000000 ____D C:\Users\bobal\AppData\Local\Woten___Resubmission_Build___v10
2019-11-19 20:09 - 2019-11-19 20:09 - 000000646 _____ C:\Users\avela\Desktop\ESET Online Scanner.lnk
2019-11-19 20:08 - 2019-11-19 20:08 - 000009040 _____ C:\Users\avela\Desktop\Malwarebytes.txt
2019-11-19 20:08 - 2019-11-19 20:08 - 000000000 ____D C:\Users\avela\AppData\Local\ESET
2019-11-19 20:01 - 2019-11-19 20:02 - 000002856 _____ C:\Users\avela\Desktop\Rkill.txt
2019-11-19 20:01 - 2019-11-19 20:01 - 008162616 _____ (ESET spol. s r.o.) C:\Users\avela\Desktop\esetonlinescanner_esn.exe
2019-11-19 19:59 - 2019-11-19 19:59 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\avela\Desktop\iExplore.exe
2019-11-19 09:55 - 2019-11-19 09:55 - 000000000 ____D C:\Users\bobal\AppData\Roaming\DS4Windows
2019-11-19 08:44 - 2019-11-19 08:45 - 008658304 _____ () C:\Users\bobal\Downloads\XboxInstaller (1).exe
2019-11-19 08:18 - 2019-11-19 08:18 - 000000000 ____D C:\Users\bobal\AppData\Local\mbamtray
2019-11-18 19:11 - 2019-11-18 19:11 - 000000223 _____ C:\Users\avela\Desktop\Destiny 2.url
2019-11-18 17:08 - 2019-11-18 17:09 - 000000000 ____D C:\AdwCleaner
2019-11-18 16:30 - 2019-11-18 16:30 - 000000000 ____D C:\Users\avela\AppData\Local\mbam
2019-11-18 16:30 - 2019-11-18 16:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-18 16:29 - 2019-11-18 16:29 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-18 16:29 - 2019-11-18 16:29 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-18 16:29 - 2019-11-18 16:29 - 000000000 ____D C:\Users\avela\AppData\Local\mbamtray
2019-11-18 16:29 - 2019-11-18 16:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-18 15:44 - 2019-11-18 15:44 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-18 14:38 - 2019-11-18 14:38 - 000066604 _____ C:\ProgramData\agent.uninstall.1574109465.bdinstall.v2.bin
2019-11-18 14:35 - 2019-11-18 14:35 - 000075228 _____ C:\ProgramData\agent.update.1574109281.bdinstall.v2.bin
2019-11-18 14:17 - 2019-11-18 14:17 - 000103564 _____ C:\ProgramData\agent.1574108229.bdinstall.v2.bin
2019-11-18 11:06 - 2019-11-18 11:17 - 000003006 _____ C:\InfoSat.txt
2019-11-18 11:03 - 2019-11-18 11:17 - 000000000 ____D C:\WINDOWS\pss
2019-11-18 10:57 - 2019-09-16 10:30 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismp6.sys
2019-11-18 10:57 - 2019-09-16 10:30 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb80236.sys
2019-11-17 23:24 - 2019-11-17 23:24 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Lince Works
2019-11-17 23:09 - 2019-11-17 23:09 - 000000252 _____ C:\Users\avela\Desktop\Hyper Light Drifter.url
2019-11-17 22:47 - 2019-11-20 22:48 - 000000000 ____D C:\Users\avela\AppData\Roaming\DS4Windows
2019-11-17 11:57 - 2019-11-17 11:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-11-17 11:56 - 2019-11-17 11:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-11-17 11:56 - 2019-11-17 11:56 - 000000000 ____D C:\Program Files\EaseUS
2019-11-17 10:35 - 2019-11-17 10:25 - 872415232 _____ C:\Users\avela\Downloads\bitdefender-rescue-cd.iso
2019-11-17 08:08 - 2019-11-17 08:08 - 000000763 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-11-16 18:50 - 2019-11-16 18:50 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-16 18:44 - 2019-11-18 15:40 - 000000000 ____D C:\Users\avela\AppData\Local\ElevatedDiagnostics
2019-11-16 18:42 - 2019-11-16 18:42 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-11-16 18:36 - 2019-11-16 18:36 - 010527368 _____ C:\Users\avela\Downloads\bitdefender_online.exe
2019-11-16 18:25 - 2019-11-16 18:25 - 000399256 _____ C:\ProgramData\cl.uninstall.1573950324.bdinstall.v2.bin
2019-11-16 11:17 - 2019-11-16 11:17 - 000000000 ___HD C:\$SysReset
2019-11-10 22:22 - 2019-11-10 22:22 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Dry Cactus
2019-11-02 15:18 - 2019-11-17 11:19 - 000000000 ____D C:\WINDOWS\LastGood
2019-11-02 15:17 - 2019-11-02 15:17 - 001073104 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001073104 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000929904 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000929904 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000852176 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000852176 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000709848 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000709848 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000135384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000122064 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2019-10-27 11:35 - 2019-11-18 16:14 - 000000000 ____D C:\Users\avela\AppData\Local\Spotify
2019-10-27 11:35 - 2019-10-27 11:35 - 000001836 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-10-27 11:34 - 2019-11-18 16:52 - 000000000 ____D C:\Users\avela\AppData\Roaming\Spotify
2019-10-26 15:17 - 2019-10-26 15:17 - 008543839 _____ C:\Users\avela\Documents\libro-admondecomprasyabastecimientos.pdf
2019-10-26 09:58 - 2019-10-26 09:58 - 000438792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdtee_api.dll
2019-10-26 09:58 - 2019-10-26 09:58 - 000352776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdtee_api.dll
2019-10-26 09:58 - 2019-10-26 09:58 - 000146304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2019-10-22 21:29 - 2019-10-27 11:17 - 001065984 _____ C:\Users\avela\AppData\Local\file__0.localstorage
2019-10-22 21:29 - 2019-10-22 21:53 - 000000000 ____D C:\Users\avela\Heaven
2019-10-22 20:27 - 2019-10-22 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2019-10-22 20:27 - 2019-10-22 20:27 - 000000000 ____D C:\Program Files (x86)\Unigine
2019-10-22 18:30 - 2019-10-22 18:30 - 000000024 _____ C:\WINDOWS\system32\WinUpdates105.dat
2019-10-22 18:30 - 2019-10-22 18:30 - 000000003 _____ C:\WINDOWS\system32\wdbcache.tmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-20 23:24 - 2019-02-13 21:37 - 000000000 ____D C:\Users\avela\AppData\Roaming\uTorrent
2019-11-20 23:23 - 2019-06-11 10:53 - 001767626 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-20 23:23 - 2019-03-19 05:59 - 000783108 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-20 23:23 - 2019-03-19 05:59 - 000152578 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-20 23:23 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-20 23:19 - 2019-10-07 22:22 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2019-11-20 23:19 - 2019-03-25 21:20 - 000000000 ____D C:\Users\avela\AppData\Local\BitTorrentHelper
2019-11-20 23:19 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-20 23:19 - 2019-02-17 19:26 - 000000000 ____D C:\ProgramData\Autodesk
2019-11-20 23:19 - 2019-02-17 00:19 - 000000000 ___RD C:\Users\avela\OneDrive - 0o0o9i
2019-11-20 23:19 - 2019-02-14 00:16 - 000000000 ____D C:\ProgramData\Origin
2019-11-20 23:18 - 2019-10-13 12:52 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-11-20 23:18 - 2019-06-11 10:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-20 23:18 - 2019-03-25 20:39 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-20 23:18 - 2019-03-18 22:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-11-20 23:17 - 2019-02-13 20:23 - 000000000 ____D C:\Program Files (x86)\Steam
2019-11-20 23:04 - 2019-03-27 23:18 - 000000000 ____D C:\ProgramData\IObit
2019-11-20 22:38 - 2019-06-11 10:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-20 19:14 - 2019-02-17 00:11 - 000000000 ____D C:\Users\avela\AppData\Local\D3DSCache
2019-11-20 15:16 - 2019-06-11 10:53 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CA36A466-BCA0-4CFD-B00C-A4EEB499DF84}
2019-11-20 11:36 - 2019-04-22 11:04 - 000000000 ____D C:\Users\bobal\AppData\Local\Ubisoft Game Launcher
2019-11-20 08:39 - 2019-05-23 12:00 - 000000000 ____D C:\Users\bobal\AppData\Local\Videostream
2019-11-20 08:39 - 2019-02-16 11:43 - 000000000 ___RD C:\Users\bobal\OneDrive
2019-11-19 22:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-19 21:45 - 2019-06-08 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Telegram Desktop
2019-11-19 19:46 - 2019-03-30 19:26 - 000000000 ____D C:\Users\avela\AppData\Roaming\vlc
2019-11-19 11:55 - 2019-02-15 10:05 - 000000000 ____D C:\Users\bobal\AppData\Local\PlaceholderTileLogoFolder
2019-11-19 11:24 - 2019-02-20 13:25 - 000000000 ____D C:\Users\bobal\AppData\Local\D3DSCache
2019-11-19 09:46 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-11-19 09:45 - 2019-02-13 20:20 - 000000000 ____D C:\Program Files\Microsoft Office
2019-11-19 09:27 - 2019-05-17 08:38 - 000000000 ____D C:\Users\bobal\AppData\Local\CrashDumps
2019-11-19 09:25 - 2019-02-23 14:21 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-11-19 09:22 - 2019-06-12 09:23 - 000000000 ____D C:\Users\bobal\AppData\Local\ElevatedDiagnostics
2019-11-19 08:36 - 2019-02-14 18:26 - 000000000 ____D C:\Users\bobal\AppData\Local\Packages
2019-11-19 08:35 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-18 18:22 - 2019-02-13 22:50 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-11-18 17:09 - 2019-10-19 14:44 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-18 17:09 - 2019-04-22 10:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\IObit
2019-11-18 17:09 - 2019-04-22 10:51 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\IObit
2019-11-18 17:09 - 2019-03-27 23:18 - 000000000 ____D C:\Users\avela\AppData\Roaming\IObit
2019-11-18 16:57 - 2019-06-11 09:49 - 000000000 ____D C:\Users\avela
2019-11-18 16:56 - 2019-07-27 17:30 - 000000000 ____D C:\Users\openpgsvc
2019-11-18 16:30 - 2019-08-17 19:20 - 000000000 ____D C:\Users\avela\AppData\Local\cache
2019-11-18 16:29 - 2019-03-18 22:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-18 15:40 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-18 14:39 - 2019-03-19 20:28 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games
2019-11-18 14:37 - 2019-05-04 20:32 - 000000000 ____D C:\Users\avela\AppData\Local\CrashDumps
2019-11-18 14:34 - 2019-06-11 10:53 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-18 11:04 - 2019-10-19 15:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-11-18 10:54 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-18 00:43 - 2019-02-13 20:50 - 000000000 ____D C:\Users\avela\AppData\Roaming\Twitch
2019-11-17 20:30 - 2019-02-14 00:16 - 000000000 ____D C:\Users\avela\AppData\Roaming\Origin
2019-11-17 11:28 - 2019-06-29 20:20 - 000000000 ____D C:\Program Files\Recuva
2019-11-17 11:26 - 2019-02-13 19:42 - 000000000 ____D C:\Users\avela\AppData\Local\Packages
2019-11-17 11:19 - 2019-02-13 19:37 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-11-17 10:50 - 2019-02-21 12:30 - 000000282 __RSH C:\ProgramData\ntuser.pol
2019-11-17 10:07 - 2019-06-11 10:53 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-17 08:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-16 19:09 - 2019-02-14 23:33 - 000000000 ____D C:\Users\Fam\AppData\Local\Packages
2019-11-16 19:08 - 2019-06-11 10:53 - 000003384 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1003
2019-11-16 19:08 - 2019-06-11 09:49 - 000002395 _____ C:\Users\Fam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-16 19:08 - 2019-02-15 09:50 - 000000000 ___RD C:\Users\Fam\OneDrive
2019-11-16 18:52 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-11-16 18:25 - 2019-02-20 23:14 - 000000000 ____D C:\Users\avela\AppData\Roaming\Bitdefender
2019-11-16 18:25 - 2019-02-13 23:47 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-16 16:46 - 2019-02-13 20:01 - 000000000 ____D C:\Users\avela\AppData\Local\PlaceholderTileLogoFolder
2019-11-16 16:27 - 2019-06-29 14:21 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2019-11-15 19:29 - 2019-10-03 18:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-15 19:29 - 2019-06-15 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-15 19:28 - 2019-02-13 22:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-12 19:56 - 2019-02-14 00:20 - 000000000 ____D C:\Program Files (x86)\Origin
2019-11-11 20:25 - 2019-02-13 19:52 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-10 21:18 - 2019-04-11 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2019-11-10 21:18 - 2019-04-11 21:31 - 000000000 ____D C:\Program Files\Calibre2
2019-11-09 15:41 - 2019-06-02 08:50 - 000000000 ___RD C:\Users\avela\Documents\Scanned Documents
2019-11-06 12:31 - 2019-02-21 11:25 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Mozilla
2019-11-05 16:23 - 2019-06-11 09:49 - 000000000 ____D C:\Users\bobal
2019-11-05 14:23 - 2019-06-11 10:53 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 14:23 - 2019-06-11 10:53 - 000003434 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-05 14:23 - 2019-02-13 19:51 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-05 14:21 - 2019-09-19 11:43 - 000000000 ____D C:\Program Files\Rockstar Games
2019-11-05 14:21 - 2019-09-19 11:43 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-11-05 14:17 - 2019-03-28 10:37 - 000000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2019-11-02 15:17 - 2019-10-19 14:52 - 059440856 _____ C:\WINDOWS\system32\amdcomgr64.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 049336536 _____ C:\WINDOWS\SysWOW64\amdcomgr.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000769232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000382168 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000382168 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000214744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000138968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000108568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000107736 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2019-11-02 15:17 - 2019-10-19 14:52 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2019-11-02 15:17 - 2019-08-12 04:14 - 001593048 _____ (AMD) C:\WINDOWS\system32\coinst_19.30.dll
2019-11-02 15:17 - 2019-08-12 04:14 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 003915984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 003517144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 001714384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
2019-11-02 15:17 - 2019-04-22 10:06 - 000480984 _____ C:\WINDOWS\system32\GameManager64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000349400 _____ C:\WINDOWS\system32\clinfo.exe
2019-11-02 15:17 - 2019-04-22 10:06 - 000242904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000179376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000163544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000126168 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000124632 _____ C:\WINDOWS\system32\atidxx64.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2019-11-02 15:17 - 2019-04-22 10:06 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2019-11-02 15:17 - 2019-04-22 10:05 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2019-11-02 15:17 - 2019-04-22 10:05 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2019-11-02 15:17 - 2019-04-22 10:05 - 000473304 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2019-11-02 15:17 - 2019-04-22 10:05 - 000121560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2019-11-02 15:17 - 2019-04-22 07:05 - 000554912 _____ C:\WINDOWS\system32\amdmiracast.dll
2019-11-02 15:17 - 2019-04-22 07:05 - 000135456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2019-11-02 15:17 - 2019-04-22 07:05 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2019-11-02 15:17 - 2019-04-22 07:05 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2019-11-02 15:16 - 2019-10-19 14:52 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2019-11-02 15:16 - 2019-10-19 14:52 - 000553456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2019-11-02 15:16 - 2019-10-19 14:52 - 000352984 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2019-11-02 15:16 - 2019-04-22 10:06 - 000761560 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2019-11-02 15:16 - 2019-04-22 10:06 - 000440536 _____ C:\WINDOWS\system32\atieah64.exe
2019-11-02 15:16 - 2019-04-15 21:18 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2019-11-02 15:16 - 2019-04-15 21:12 - 000553456 _____ C:\WINDOWS\system32\atiapfxx.blb
2019-11-02 15:10 - 2019-03-27 23:19 - 000000000 ____D C:\ProgramData\ProductData
2019-11-02 14:44 - 2019-02-16 19:39 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-10-30 20:11 - 2019-03-28 19:55 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-27 12:38 - 2019-03-28 19:56 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-10-26 09:59 - 2019-03-27 23:31 - 000031520 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2019-10-26 09:58 - 2019-03-27 23:31 - 000076704 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdhdaudbus.sys
2019-10-26 09:57 - 2019-03-27 23:34 - 001158944 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-10-25 11:36 - 2019-06-11 10:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1002
2019-10-25 11:36 - 2019-06-11 09:49 - 000002401 _____ C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-24 18:40 - 2019-06-11 10:53 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1001
2019-10-24 18:40 - 2019-06-11 09:49 - 000002401 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-24 11:36 - 2019-10-15 12:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Crash Bandicoot(TM) N. Sane Trilogy
2019-10-23 11:10 - 2019-10-15 14:44 - 000000000 ____D C:\Users\bobal\AppData\Local\Mozilla Firefox
2019-10-23 11:10 - 2019-05-23 10:58 - 000001277 _____ C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-22 18:30 - 2019-10-03 18:53 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0

==================== Files in the root of some directories ========

2016-06-12 00:13 - 2016-06-12 00:13 - 000039192 _____ () C:\Program Files (x86)\branding.dll
2016-06-12 00:13 - 2016-06-12 00:13 - 000000080 _____ () C:\Program Files (x86)\recuva.dat
2019-10-22 21:29 - 2019-10-27 11:17 - 001065984 _____ () C:\Users\avela\AppData\Local\file__0.localstorage
2019-06-23 10:40 - 2019-06-23 10:40 - 000000000 _____ () C:\Users\avela\AppData\Local\oobelibMkey.log
2019-03-06 20:17 - 2019-03-14 21:07 - 000075776 _____ () C:\Users\avela\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================<<<<<<<````

Y lo que viene en Addition

Pt1

Ran by avela (20-11-2019 23:24:50)
Running from C:\Users\avela\Desktop
Windows 10 Home Version 1903 18362.418 (X64) (2019-06-11 16:53:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2094261658-3533611375-3775376471-500 - Administrator - Disabled)
avela (S-1-5-21-2094261658-3533611375-3775376471-1001 - Administrator - Enabled) => C:\Users\avela
bobal (S-1-5-21-2094261658-3533611375-3775376471-1002 - Administrator - Enabled) => C:\Users\bobal
DefaultAccount (S-1-5-21-2094261658-3533611375-3775376471-503 - Limited - Disabled)
Invitado (S-1-5-21-2094261658-3533611375-3775376471-501 - Limited - Disabled)
openpgsvc (S-1-5-21-2094261658-3533611375-3775376471-1007 - Limited - Enabled) => C:\Users\openpgsvc
Usuario (S-1-5-21-2094261658-3533611375-3775376471-1003 - Administrator - Enabled) => C:\Users\Fam
WDAGUtilityAccount (S-1-5-21-2094261658-3533611375-3775376471-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.8.1 - Advanced Micro Devices, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.16.29 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22749 - Microsoft Corporation)
Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team)
AutoCAD 2019 - English (HKLM\...\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack - English (HKLM\...\{28B89EEF-2001-0409-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 - English (HKLM\...\AutoCAD 2019 - English) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Blackthorne (HKLM-x32\...\{C563EEF9-17FF-4563-8B78-82AF0C4577CE}) (Version: 1.0.0 - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{4D4D4686-D99D-4C19-AD38-CE7135518209}) (Version: 4.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk Drill 2.0.0.338 (HKLM-x32\...\{91CF2A75-07FB-4CAF-AE14-2BE4EE77EF00}) (Version: 2.0.338 - CleverFiles)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Epic Games Launcher (HKLM-x32\...\{BB514C00-3DAB-4E6E-8F41-58A61FA35851}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
FileZilla Client 3.41.2 (HKLM-x32\...\FileZilla Client) (Version: 3.41.2 - Tim Kosse)
Gears of War (HKLM-x32\...\{1170D24F-42B7-40CF-AA1B-6395CE562354}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 4640 series Software básico del dispositivo (HKLM\...\{FC0E39B2-B10C-4FC4-9F2D-1A830DC7A71C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyper Light Drifter (HKLM-x32\...\{B515A0C1-B73D-4201-AAE3-1EF8FB1FAF5E}) (Version:  - Heart Machine LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12130.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visio Profesional 2016 - es-es (HKLM\...\VisioProRetail - es-es) (Version: 16.0.12130.20344 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12130.20344 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09C0A8D5-EEC1-369D-8C7A-2E2DD17DCA5E}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Minitab 18 (HKLM-x32\...\{8D24BFA4-1266-436F-9EBF-F83F5CFADD2E}) (Version: 18.1.0.0 - Minitab, Inc.) Hidden
Minitab 18 (HKLM-x32\...\Minitab 18 18.1.0.0) (Version: 18.1.0.0 - Minitab, Inc.)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Odoo 8.0 (HKLM-x32\...\Odoo 8.0) (Version: 8.0 - OpenERP S.A.)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12130.20344 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
PostgreSQL 9.3  (x86) (HKLM-x32\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Python 3.7.2 (32-bit) (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{0f40e78b-67e1-4e0c-a2fd-e9325d9dfc82}) (Version: 3.7.2150.0 - Python Software Foundation)
Python 3.7.2 Add to Path (32-bit) (HKLM-x32\...\{A0253733-D4C4-4964-AB97-C5C80FCD580F}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Core Interpreter (32-bit) (HKLM-x32\...\{3A09B849-4D48-41AA-9461-112E6CEC405D}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Development Libraries (32-bit) (HKLM-x32\...\{A14E7090-5888-460B-9003-1C3DA5AD3D35}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Documentation (32-bit) (HKLM-x32\...\{D2FA452F-4742-4805-BEB1-AC81ED48F4A8}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Executables (32-bit) (HKLM-x32\...\{D6FF50CC-E41E-4FFB-B7B9-72D71BF00C55}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 pip Bootstrap (32-bit) (HKLM-x32\...\{0D2B3674-3B1E-4281-B5FD-37D700602129}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Standard Library (32-bit) (HKLM-x32\...\{667226B8-23CA-47C1-A070-D3B85E8C9292}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{34AD493A-01AA-4D6A-9229-BF0406F22D14}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Test Suite (32-bit) (HKLM-x32\...\{F0B6A6E9-C7E1-4730-A29D-71C02B800028}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Utility Scripts (32-bit) (HKLM-x32\...\{06CE3F8B-A658-462C-AD3D-FA7142297E97}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FA2A3867-8965-4CF7-83E2-C8960652F5AD}) (Version: 3.7.6565.0 - Python Software Foundation)
R for Windows 3.5.2 (HKLM\...\R for Windows 3.5.2_is1) (Version: 3.5.2 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 4.0.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.1 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.3.7 - Rockstar Games)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.463 - RStudio)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SketchUp 2019 (HKLM\...\{E16DD37C-6FBC-F51F-702E-DD6E92D6ED68}) (Version: 19.1.174.20409 - Trimble, Inc.)
Spotify (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Spotify) (Version: 1.1.19.480.g7d17e3ce - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.40309 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
Twitch (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\WinDirStat) (Version:  - )
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XMind 8 Update 4 (v3.7.4) (HKLM-x32\...\XMind_is1) (Version: 3.7.4.201709040350 - XMind Ltd.)

Packages:
=========
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0 [2019-09-26] (AMZN Mobile LLC)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1610.2.0_x86__kgqvnymyfvs32 [2019-10-11] (king.com)
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_20.0.6.0_x64__rsne5bsk8s7tj [2019-06-10] (MAXON Computer GmbH)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation) [MS Ad]
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-02-13] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (0)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa [2019-10-10] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad]
Night Call -> C:\Program Files\WindowsApps\RawFury.NightCallWIN10_1.0.7.0_x64__9s0pnehqffj7t [2019-08-09] (0)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-02-28] (Adobe Systems Incorporated)
Servicios de juegos -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation)
The Gardens Between -> C:\Program Files\WindowsApps\40632TheVoxelAgents.147198BA2FF5B_1.0.10.0_x64__h7sr7gn9kt1nj [2019-06-29] (0)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{04271989-C4D2-2DCF-859B-80C8A07FF62E} -> [OneDrive - 0o0o9i] => C:\Users\avela\OneDrive - 0o0o9i [2019-02-17 00:19]
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\avela\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\avela\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]````

Segunda parte


(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gears of War\Opciones.lnk -> F:\Games\Gears of War\options.bat (No File)

==================== Loaded Modules (Whitelisted) =============

2019-05-30 12:09 - 2019-05-30 12:09 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-05-30 12:09 - 2019-05-30 12:09 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-05-30 12:09 - 2019-05-30 12:09 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 02:32 - 2019-04-21 02:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 02:32 - 2019-04-21 02:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-07-27 17:29 - 2014-07-22 00:51 - 000138752 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\LIBPQ.dll
2019-07-27 17:30 - 2014-02-05 00:56 - 001036800 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\libxml2.dll
2013-11-10 07:54 - 2013-11-10 07:54 - 000087552 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_ctypes.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000358400 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_hashlib.pyd
2013-11-25 07:27 - 2013-11-25 07:27 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_psutil_mswindows.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000044544 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_socket.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000899584 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_ssl.pyd
2014-03-04 11:52 - 2014-03-04 11:52 - 000178176 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_yaml.pyd
2014-03-06 07:44 - 2014-03-06 07:44 - 002935296 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\lxml.etree.pyd
2013-05-21 14:28 - 2013-05-21 14:28 - 000008192 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\markupsafe._speedups.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000055808 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.crypto.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.rand.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.SSL.pyd
2014-03-06 22:00 - 2014-03-06 22:00 - 000798720 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\PIL._imaging.pyd
2014-01-08 06:53 - 2014-01-08 06:53 - 001262592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\psycopg2._psycopg.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000127488 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pyexpat.pyd
2014-02-15 16:24 - 2014-02-15 16:24 - 000397312 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pythoncom27.dll
2014-02-15 16:23 - 2014-02-15 16:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pywintypes27.dll
2014-03-06 07:56 - 2014-03-06 07:56 - 000026112 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\reportlab.lib._rl_accel.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\select.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000686080 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\unicodedata.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\win32api.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\win32service.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\pywintypes27.dll
2014-02-15 16:23 - 2014-02-15 16:23 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\servicemanager.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32api.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000036864 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32process.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32service.pyd
2019-02-14 00:20 - 2019-11-12 19:56 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-02-14 00:20 - 2019-11-12 19:56 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-09-09 08:29 - 2019-09-09 08:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-08 18:04 - 2019-08-08 18:04 - 000258048 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2014-05-02 06:55 - 2014-05-02 06:55 - 000185344 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 06:05 - 2014-05-02 06:05 - 000173056 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2014-05-02 11:52 - 2014-05-02 11:52 - 000599040 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000114176 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_ctypes.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000173056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_elementtree.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001808896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_hashlib.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000032256 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_multiprocessing.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000046080 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_psutil_windows.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000047616 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_socket.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 002241024 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_ssl.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000026112 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_yappi.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000080896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\bz2.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000016384 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\common.time34.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000007680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\hashobjs_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000301568 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\PIL._imaging.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000169472 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pyexpat.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001084416 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pysqlite2._sqlite.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000548864 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pythoncom27.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000137728 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pywintypes27.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000010752 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\select.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\thumbnails_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000689664 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\unicodedata.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000119808 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\usb_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000128512 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32api.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000438784 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32com.shell.shell.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000011776 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32crypt.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000023040 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32event.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000149504 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32file.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000223232 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32gui.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000048128 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32inet.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000029696 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pdh.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000027648 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pipe.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000044032 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32process.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32profile.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000136192 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32security.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000026624 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32ts.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000034816 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.conditional.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000038400 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.connectivity.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000071680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.device_monitor.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000109056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.volumes.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.winwrap.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001325056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._controls_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001489408 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._core_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001007104 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._gdi_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000103424 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._html2.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000916992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._misc_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001039872 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._windows_.pyd
2019-10-10 20:26 - 2019-10-10 20:26 - 000315392 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\7a7be2000ab371d028461021a1c00376\ReactiveSockets.ni.dll
2015-08-28 20:16 - 2015-08-28 20:16 - 003496448 _____ (akeo.ie) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\libwdi\amd64\libwdi.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000356864 _____ (Benjamin Höglinger) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Libarius\c1ad45a93032af4bcdd93661aa0d33a2\Libarius.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 001546240 _____ (dbreeze.tiesky.com) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DBreeze\6f86a3de4591f7e486e55e803b426441\DBreeze.ni.dll
2019-07-27 17:30 - 2012-07-10 04:17 - 000919040 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\libiconv.dll
2019-07-27 17:29 - 2012-05-30 05:48 - 000163292 _____ (Free Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\libintl.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000760320 _____ (Galos) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CSScriptLibrary\c9b36ddc41f883b1aa2a6fed0c7c37e1\CSScriptLibrary.ni.dll
2019-02-13 22:55 - 2018-12-30 01:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000629760 _____ (Illusory Studios LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\HidSharp\611b926b8fc9a4436e3cc2079d902789\HidSharp.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000284160 _____ (MadMilkman) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MadMilkman.Ini\0cc4b098b9d319afa760ef93fb38ca82\MadMilkman.Ini.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000150016 _____ (michaelnoonan) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WindowsInput\8ebd1a6d35dc9d209bd0bde4a4d65287\WindowsInput.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 005551616 _____ (Mono development team) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Mono.CSharp\f76a21b04acefece61f9fb41b454b733\Mono.CSharp.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 002822144 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\9c8c5cf766910e250956d013b83f74cf\Newtonsoft.Json.ni.dll
2013-11-10 07:54 - 2013-11-10 07:54 - 002449920 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\PYTHON27.DLL
2013-11-10 07:54 - 2013-11-10 07:54 - 002449920 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\PYTHON27.DLL
2019-11-20 23:19 - 2019-11-20 23:19 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\python27.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000159744 _____ (Richard Deeming) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Trinet.Core.IO.Ntfs\e3411834149f1f64081694829236a2b1\Trinet.Core.IO.Ntfs.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000164352 _____ (Scarlet.Crush Productions) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ScpControl.Shared\9ac1b9ed4aac2a83425e95d25268bcda\ScpControl.Shared.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 001137664 _____ (Scarlet.Crush Productions) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ScpControl\59be32f30e23a3c39bbcb0bb3dc59c21\ScpControl.ni.dll
2019-10-10 20:26 - 2019-10-10 20:26 - 000978432 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\f08a4b053e03795cea47c5fcf13ecb81\log4net.ni.dll
2019-05-30 12:08 - 2019-05-30 12:08 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2019-07-27 17:30 - 2014-06-06 08:30 - 001158144 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\LIBEAY32.dll
2019-07-27 17:30 - 2014-06-06 08:30 - 000270848 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\SSLEAY32.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\LIBEAY32.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\SSLEAY32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-08 18:15 - 2019-08-08 18:15 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_net_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_adv_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_core_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_html_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\avela\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\bobal\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 07:46 - 2019-10-19 14:39 - 000000000 ____N C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
HKU\S-1-5-21-2094261658-3533611375-3775376471-1007\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E7069B04-BF3F-4B7D-B4B8-A678DF37BF51}] => (Allow) LPort=5557
FirewallRules: [{7887827C-B1B2-455A-969E-C7FE720E5BDD}] => (Allow) LPort=5556
FirewallRules: [{89BE752E-E213-4807-B1EB-C48499EF55F5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3D2204B-AF07-45EC-A2C1-52365790B1F3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{774D1175-6921-4C39-BF8C-4201B6EAB2E4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F45F6004-A868-407B-ABC9-CEB300D6D7D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{321AD595-47AE-4D8E-91BE-6E661213795E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{52753706-4BEB-4AF0-85F9-85BEA55A99B6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{652D1640-87D5-42C5-837B-5CFC2F4CC403}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5D326607-F5F8-4EE6-BFF1-CB8E3A9D0ECF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1697D057-22CF-4AAB-BC01-101C4B6F581B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9DF625EA-945E-4096-83D6-357EDA2704D1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0592CC17-59A5-4841-8374-062BFD7A7F24}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{212763C0-B371-4079-8296-0482731A786F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{07D8F031-C06B-401B-BE11-25255F58592C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{54F770D1-147F-4EEE-9375-EB07829D3BF8}] => (Allow) C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{51F2B81A-7655-444A-AFA6-8468BA04DC3B}] => (Allow) C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2B779AF2-0E0D-4055-BBE7-9101AECA4661}] => (Allow) C:\Program Files\HP\HP Deskjet 4640 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{32A28097-381D-4170-9A50-BAF3950F4CE9}] => (Allow) C:\Program Files\HP\HP Deskjet 4640 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{886C61C5-F000-4D92-9A01-02E0E295BDA0}] => (Allow) C:\Program Files\HP\HP Deskjet 4640 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{98681D1E-2303-427D-A73F-81E7021BF9DC}] => (Allow) C:\Program Files\HP\HP Deskjet 4640 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{195EA049-0534-4609-8F82-A2A38C5EEA06}] => (Allow) LPort=5357
FirewallRules: [{7C43F07D-9B0F-4C35-97B6-A8D6E45AD448}] => (Allow) C:\Program Files\HP\HP Deskjet 4640 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{701D4D32-B8D1-4A87-96E3-652AAECB60B4}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{AAE35993-894C-40B0-9D84-96379CB06316}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.2.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{E97A6AA4-1699-41F0-B942-9018E00BDFA3}] => (Allow) F:\SteamLibrary\steamapps\common\Aragami\Aragami.exe () [File not signed]
FirewallRules: [{B9257DD3-E10F-44AD-A532-A85BDA41D1AC}] => (Allow) F:\SteamLibrary\steamapps\common\Aragami\Aragami.exe () [File not signed]
FirewallRules: [{E854D0CA-A2BD-45D3-A40E-50E5BB3B283B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF0CE0D2-2639-4AE7-AE6A-8DC0BFB45A2D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4E91B6A2-D80F-4425-996A-3DA512D9036C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7B934D97-E489-4CF4-B084-72947C6E3B53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7E55872F-2F14-4BCD-BF74-A84B2ABEFD7D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53FE55E6-6115-4AF3-A28A-31AE5DE510B0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EEC1A33D-3A5E-474D-BB26-6169C5DA8B24}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4ACF4301-0A96-4159-8F43-5052AFD644B3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12101.4.43017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{D134FBEB-21CB-4099-9A60-F686777D1268}C:\users\avela\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\avela\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{D8E002F9-C080-4244-BDAC-FCE60B065782}C:\users\avela\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\avela\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{48EAED7F-351B-4113-A40E-EAC95C78DEBD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75BA4D07-8AE9-4C22-B62D-F446AED9FB27}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0E45B16E-FA1D-47C7-8154-FB7CFD2CDCE8}] => (Allow) F:\SteamLibrary\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{6133990A-DEC5-4590-8052-F3EAAB8F1CF6}] => (Allow) F:\SteamLibrary\steamapps\common\Braid\braid.exe () [File not signed]
FirewallRules: [{F9E51EE5-5AA3-41BD-B1FA-7B93E8EDCC8F}] => (Allow) F:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{FDEECB99-53AF-4EDE-9FF9-44C2BA6D869E}] => (Allow) F:\SteamLibrary\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{A075A232-75FB-4905-81A1-8CED38E73E87}] => (Allow) F:\SteamLibrary\steamapps\common\DuckTales Remastered\executable\DuckTales.exe () [File not signed]
FirewallRules: [{FC6EF509-E9F7-415B-882B-7DF12FC597B1}] => (Allow) F:\SteamLibrary\steamapps\common\DuckTales Remastered\executable\DuckTales.exe () [File not signed]
FirewallRules: [{44C322E1-ADA3-4327-B0C3-A181F67C72FC}] => (Allow) F:\SteamLibrary\steamapps\common\Crash Bandicoot - N Sane Trilogy\CrashBandicootNSaneTrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{F3C51D0A-4F33-4AC6-872E-87535E24795F}] => (Allow) F:\SteamLibrary\steamapps\common\Crash Bandicoot - N Sane Trilogy\CrashBandicootNSaneTrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{771DB522-C420-4B01-BB0D-D770DF8DA94A}] => (Allow) F:\SteamLibrary\steamapps\common\Spyro Reignited Trilogy\Spyro.exe (Activision Publishing Inc -> Epic Games, Inc.)
FirewallRules: [{52051093-54F3-4DC8-99E8-90C5023AC1CA}] => (Allow) F:\SteamLibrary\steamapps\common\Spyro Reignited Trilogy\Spyro.exe (Activision Publishing Inc -> Epic Games, Inc.)

==================== Restore Points =========================

09-11-2019 17:34:17 Punto de control programado
16-11-2019 18:24:06 Revo Uninstaller Pro's restore point - Bitdefender Agent
16-11-2019 18:46:31 Revo Uninstaller Pro's restore point - Bitdefender Agent
17-11-2019 09:28:19 Revo Uninstaller Pro's restore point - ESET OnlineScanner
17-11-2019 10:02:54 Revo Uninstaller Pro's restore point - TotalAV
18-11-2019 14:50:38 Revo Uninstaller Pro's restore point - Fallout
20-11-2019 23:03:34 ZHPcleaner

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/20/2019 11:18:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (11/20/2019 11:18:14 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (11/20/2019 11:18:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (11/20/2019 11:18:14 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (11/20/2019 11:10:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2224,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/20/2019 11:03:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary WinQuic.

System Error:
Error del cargador de recursos al buscar un archivo MUI.
.

Error: (11/20/2019 10:57:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6860,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/20/2019 10:46:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


System errors:
=============
Error: (11/20/2019 11:24:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/20/2019 11:24:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O68ORMB)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/20/2019 11:22:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/20/2019 11:22:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/20/2019 11:21:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/20/2019 11:20:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/20/2019 11:20:59 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O68ORMB)
Description: El servidor {E60687F7-01A1-40AA-86AC-DB1CBF673334} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (11/20/2019 11:18:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio wuauserv se cerró con el siguiente error: 
El sistema no puede encontrar el archivo especificado.


CodeIntegrity:
===================================

Date: 2019-11-20 22:48:16.254
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-20 22:48:16.247
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-20 19:07:18.415
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-20 19:07:18.407
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-20 11:22:07.062
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-20 11:22:07.061
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-19 21:44:07.799
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-19 21:44:07.790
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 5222 10/14/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME A320M-K
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics 
Percentage of memory in use: 68%
Total physical RAM: 8126.1 MB
Available physical RAM: 2592.07 MB
Total Virtual: 19902.1 MB
Available Virtual: 10066.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.87 GB) (Free:71.92 GB) NTFS
Drive f: () (Fixed) (Total:930.97 GB) (Free:674.77 GB) NTFS

\\?\Volume{1564ef9e-466b-4363-9346-ab7d03daaa93}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{dd34b4e2-0cf6-4bf0-b639-ee45717e233d}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 23371AAE)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)

Hola @irken_larry

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\MountPoints2: {2256871f-330b-11e9-9a7b-40b07608c9ae} - "D:\Setup.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: No Name -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> No File
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
BHO-x32: No Name -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> No File
BHO-x32: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 PostgreSQL_For_Odoo; "C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\pg_ctl.exe" runservice -N "PostgreSQL_For_Odoo" -D "C:/Program Files (x86)/Odoo 8.0-20150411/PostgreSQL/data" -w [X] <==== ATTENTION
U3 aswbdisk; no ImagePath
2019-11-19 20:09 - 2019-11-19 20:09 - 000000646 _____ C:\Users\avela\Desktop\ESET Online Scanner.lnk
2019-11-19 20:08 - 2019-11-19 20:08 - 000000000 ____D C:\Users\avela\AppData\Local\ESET
2019-11-19 20:01 - 2019-11-19 20:01 - 008162616 _____ (ESET spol. s r.o.) C:\Users\avela\Desktop\esetonlinescanner_esn.exe
2019-11-17 08:08 - 2019-11-17 08:08 - 000000763 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-11-20 23:04 - 2019-03-27 23:18 - 000000000 ____D C:\ProgramData\IObit
2019-11-18 17:09 - 2019-10-19 14:44 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-18 17:09 - 2019-04-22 10:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\IObit
2019-11-18 17:09 - 2019-04-22 10:51 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\IObit
2019-11-18 17:09 - 2019-03-27 23:18 - 000000000 ____D C:\Users\avela\AppData\Roaming\IObit
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
2019-11-20 23:19 - 2019-11-20 23:19 - 000114176 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_ctypes.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000173056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_elementtree.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001808896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_hashlib.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000032256 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_multiprocessing.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000046080 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_psutil_windows.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000047616 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_socket.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 002241024 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_ssl.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000026112 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_yappi.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000080896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\bz2.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000016384 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\common.time34.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000007680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\hashobjs_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000301568 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\PIL._imaging.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000169472 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pyexpat.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001084416 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pysqlite2._sqlite.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000548864 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pythoncom27.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000137728 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pywintypes27.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000010752 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\select.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\thumbnails_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000689664 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\unicodedata.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000119808 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\usb_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000128512 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32api.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000438784 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32com.shell.shell.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000011776 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32crypt.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000023040 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32event.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000149504 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32file.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000223232 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32gui.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000048128 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32inet.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000029696 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pdh.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000027648 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pipe.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000044032 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32process.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32profile.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000136192 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32security.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000026624 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32ts.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000034816 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.conditional.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000038400 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.connectivity.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000071680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.device_monitor.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000109056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.volumes.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.winwrap.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001325056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._controls_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001489408 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._core_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001007104 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._gdi_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000103424 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._html2.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000916992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._misc_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001039872 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._windows_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_net_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_adv_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_core_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_html_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\avela\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\bobal\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Hola @SanMar

He seguido los pasos como me indicaste

Ran by avela (21-11-2019 18:32:50) Run:1
Running from C:\Users\avela\Desktop
Loaded Profiles: avela & bobal & openpgsvc (Available Profiles: avela & bobal & Usuario & openpgsvc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\MountPoints2: {2256871f-330b-11e9-9a7b-40b07608c9ae} - "D:\Setup.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: No Name -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> No File
BHO: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
BHO-x32: No Name -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> No File
BHO-x32: No Name -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> No File
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 PostgreSQL_For_Odoo; "C:\Program Files (x86)\Odoo 8.0-20150411\PostgreSQL\bin\pg_ctl.exe" runservice -N "PostgreSQL_For_Odoo" -D "C:/Program Files (x86)/Odoo 8.0-20150411/PostgreSQL/data" -w [X] <==== ATTENTION
U3 aswbdisk; no ImagePath
2019-11-19 20:09 - 2019-11-19 20:09 - 000000646 _____ C:\Users\avela\Desktop\ESET Online Scanner.lnk
2019-11-19 20:08 - 2019-11-19 20:08 - 000000000 ____D C:\Users\avela\AppData\Local\ESET
2019-11-19 20:01 - 2019-11-19 20:01 - 008162616 _____ (ESET spol. s r.o.) C:\Users\avela\Desktop\esetonlinescanner_esn.exe
2019-11-17 08:08 - 2019-11-17 08:08 - 000000763 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-11-20 23:04 - 2019-03-27 23:18 - 000000000 ____D C:\ProgramData\IObit
2019-11-18 17:09 - 2019-10-19 14:44 - 000000000 ____D C:\Program Files (x86)\IObit
2019-11-18 17:09 - 2019-04-22 10:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\IObit
2019-11-18 17:09 - 2019-04-22 10:51 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\IObit
2019-11-18 17:09 - 2019-03-27 23:18 - 000000000 ____D C:\Users\avela\AppData\Roaming\IObit
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
2019-11-20 23:19 - 2019-11-20 23:19 - 000114176 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_ctypes.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000173056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_elementtree.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001808896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_hashlib.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000032256 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_multiprocessing.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000046080 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_psutil_windows.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000047616 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_socket.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 002241024 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_ssl.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000026112 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\_yappi.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000080896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\bz2.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000016384 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\common.time34.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000007680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\hashobjs_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000301568 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\PIL._imaging.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000169472 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pyexpat.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001084416 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pysqlite2._sqlite.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000548864 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pythoncom27.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000137728 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\pywintypes27.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000010752 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\select.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\thumbnails_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000689664 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\unicodedata.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000119808 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\usb_ext.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000128512 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32api.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000438784 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32com.shell.shell.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000011776 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32crypt.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000023040 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32event.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000149504 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32file.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000223232 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32gui.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000048128 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32inet.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000029696 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pdh.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000027648 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pipe.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000044032 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32process.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32profile.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000136192 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32security.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000026624 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\win32ts.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000034816 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.conditional.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000038400 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.connectivity.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000071680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.device_monitor.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000109056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.volumes.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.winwrap.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001325056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._controls_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001489408 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._core_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001007104 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._gdi_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000103424 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._html2.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000916992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._misc_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 001039872 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._windows_.pyd
2019-11-20 23:19 - 2019-11-20 23:19 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_net_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_adv_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_core_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_html_vc90_x64.dll
2019-11-20 23:19 - 2019-11-20 23:19 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0]
AlternateDataStreams: C:\Users\avela\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\bobal\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [464]

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2256871f-330b-11e9-9a7b-40b07608c9ae} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{159ff5d5-55f1-4d2f-b706-767a55f77abb} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN" => not found
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\System\CurrentControlSet\Services\wuauserv => removed successfully
wuauserv => service removed successfully
HKLM\System\CurrentControlSet\Services\PostgreSQL_For_Odoo => removed successfully
PostgreSQL_For_Odoo => service removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully
aswbdisk => service removed successfully
C:\Users\avela\Desktop\ESET Online Scanner.lnk => moved successfully
C:\Users\avela\AppData\Local\ESET => moved successfully
C:\Users\avela\Desktop\esetonlinescanner_esn.exe => moved successfully
C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\Users\bobal\AppData\Roaming\IObit => moved successfully
C:\Users\bobal\AppData\LocalLow\IObit => moved successfully
C:\Users\avela\AppData\Roaming\IObit => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.RTV1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.RTV1" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_ctypes.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_elementtree.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_hashlib.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_multiprocessing.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_psutil_windows.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_socket.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_ssl.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\_yappi.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\bz2.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\common.time34.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\hashobjs_ext.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\PIL._imaging.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\pyexpat.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\pysqlite2._sqlite.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\pythoncom27.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\pywintypes27.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\select.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\thumbnails_ext.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\unicodedata.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\usb_ext.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32api.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32com.shell.shell.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32crypt.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32event.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32file.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32gui.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32inet.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pdh.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32pipe.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32process.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32profile.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32security.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\win32ts.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.conditional.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.connectivity.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.device_monitor.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.volumes.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\windows.winwrap.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._controls_.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._core_.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._gdi_.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._html2.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._misc_.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wx._windows_.pyd" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wxbase30u_vc90_x64.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\avela\AppData\Local\Temp\_MEI17242\wxmsw30u_webview_vc90_x64.dll" => not found
C:\Windows => ":nlsPreferences" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`20hfm" ADS removed successfully
C:\Users\avela\AppData\Local\Temp => ":$DATA​" ADS removed successfully
C:\Users\bobal\AppData\Local\Temp => ":$DATA​" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8c4:b1ec:3bab:9803%3
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.6
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9526670 B
Java, Flash, Steam htmlcache => 96584439 B
Windows/system/drivers => 5562327 B
Edge => 31744 B
Chrome => 139992369 B
Firefox => 15884198 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 27542 B
NetworkService => 27542 B
avela => 146132844 B
bobal => 189097577 B
Fam => 191508561 B
openpgsvc => 191508561 B

RecycleBin => 0 B
EmptyTemp: => 947.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:33:35 ====````

Si ha habido un cambio, antes de quedada en iniciando las descargas y no hacía nada mas, ahora pasa lo siguiente

Buenas. Con permiso @irken_larry y @SanMar.

Cuando tu equipo ya este limpio de malware con la ayuda de @SanMar. Y sigue sin funcionar Microsoft Store.

Prueba con esto.

Después click en restablecer.

A mi me funciono con la aplicación de Fotos. Saludos. Y disculpen la intromisión.

1 me gusta

Hola @jrac muchas gracias por tu repuesta :smiley:

Desafortunadamente sigo con el mismo problema :frowning:

2 Me gusta

Hola @irken_larry

Probemos lo siguiente:

1.- Desinstala por completo tu antivirus con su herramienta especifica:

Luego de Reiniciar:

2.- Descargas >>> FixWin10.

  • Lo extraes, das doble clic sobre el Icono del programa.

No lleva Instalación. Eso si esta en Ingles.

  • En su Ventana Welcome, ejecutas uno a uno presionando en Fix los puntos 1, 2, 3, y 4 tal como esta en su Manual.

Posteriormente vas a su Ventana: Windows 10:

Ejecutas uno a uno presionando en Fix en los puntos 1, 2, 6, 7, 8, y 9, luego de cada uno presionas Aceptar

Luego en su Pestaña Solucionador de Problemas de Windows (Troubleshooters):

Ejecutas el numero 9 y descargaras el numero 4 >>> Windows 10 Store apps troubleshooter for those who upgraded - (Solucionador para los problemas de aplicaciones de la Tienda de Windows 10 para aquellos que actualizaron).

Lo ejecutas.

En Herramientas del Sistema:

8) Reparar Windows Defender. Restablecer todas las configuraciones de Windows Defender a las predeterminadas.

En todos los casos, deberás seleccionar la corrección presionando en “Fix” (Ir uno a la vez), una ventana se abrirá informándote “Has aplicado con éxito esta solución. Un reinicio es requerido para ver los cambios”

Al finalizar todos los Fix reinicias el equipo.

Tendrás activo como AV Windows Defender por el momento.


Posteriormente vas a ir a la Pagina de Microsoft presionas en Actualizar Ahora y sigue los pasos del asistente para ver si puedes actualizar a la ultima versión que es la 1909.

Si esto funcionó, prueba la tienda (Microsoft Store) y nos comentas como va el equipo.

Cualquier duda o problema u error tomas capturas y nos subes la imagen:

Salu2

Hola @SanMar he de decir con mucha satisfacción que el resultado ha sido favorable y el equipo me está funcionando nuevamente sin ningún inconveniente hasta el momento.

¿Ya puedo reinstalar el antivirus que venía manejando? Estaba con Bitdefender

Agradezco mucho tu apoyo

1 me gusta

Hola @irken_larry

Que bueno!!

Instala Bitdefender desde su página oficial.

Automáticamente se desactivará Windows Defender.

Prueba como funciona todo, vuelves y comentas.

Salu2

Hola @SanMar tengo un problema al querer instalar Bitdefender.

Inicia bien el proceso de instalación y al llegar al 100% sale lo siguiente

Me pide reiniciar el equipo y al volver sale lo siguiente

Cierro esa pantalla y ya no pasa nada, busqué en las aplicaciones y no me sale nada de Bitdefender. Ya también utilicé los desinstaladores descargados desde la página oficial y sigue igual, solo en la carpeta de archivos de programa tengo una de Bitdefender

Ya intenté eliminando esa carpeta e intentar instalar, pero me da el mismo resultado