Microsoft Store no funciona

Ayuda General
22

Hola @irken_larry

El mensaje que te da es que detecta otro antivirus.

Bitdefender debería desactivar solito al instalarse a Windows Defender.

Por las dudas, ejecuta FRST como lo hiciste la primera vez y nos pegas reporte frescos, así reviso si quedaron restos.

Salu2

23

Agradezco mucho el apoyo que me has brindado @SanMar

El primer reporte FRST Primera parte

Ran by avela (administrator) on DESKTOP-O68ORMB (22-11-2019 23:26:05)
Running from C:\Users\avela\Desktop
Loaded Profiles: avela (Available Profiles: avela & bobal & Usuario & openpgsvc)
Platform: Windows 10 Home Version 1909 18363.476 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\openerp-server.exe
() [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32_service.exe
() [File not signed] F:\DS4Windows.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atiesrxx.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Mega Limited -> Mega Limited) C:\Users\avela\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\avela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.59.13001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Nalpeiron Inc -> Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [HP Deskjet 4640 series (NET)] => C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [uTorrent] => C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe [2005224 2019-10-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [HP Deskjet 4640 series (Red)] => C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36000656 2019-11-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)
Startup: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2019-11-17]
ShortcutTarget: DS4Windows.lnk -> F:\DS4Windows.exe () [File not signed]
Startup: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-05-04]
ShortcutTarget: MEGAsync.lnk -> C:\Users\avela\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023079A7-E4E7-4A29-8B0C-02A51EE45F36} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
Task: {061A344A-ED55-4269-8DC3-3B9A1200FEA5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170168 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {07AE9E08-0E9F-4429-A6C2-6BCB776AEC2A} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {0AD68D47-C4A9-4DEE-9067-600FBE965254} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {12E83305-E7BC-455B-B141-0C925B3C6C21} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe
Task: {1613B7A6-C8F8-4CB9-8C0B-1F56007D7844} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-13] (Google Inc -> Google Inc.)
Task: {22E725B5-6FA1-4D1A-AB2D-7CF3704FE85F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3E90010A-EE91-4BE7-92FF-F5AAC41C669E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367288 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EC841D6-460A-4F85-A1BE-D569623DFB94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-13] (Google Inc -> Google Inc.)
Task: {500ADD51-758B-45E6-B5DD-9C6F793186E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {56652CD1-EDD8-4C95-B86B-C3F761D397BD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2377608 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D479857-AD6B-410F-8636-2D3B0945E2E9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155992 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A60D41A9-7648-464F-AD10-82B5582441D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {AA65D06C-63D0-4E37-961B-6F2DFF1D831F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {AC3BAE6B-4D03-4052-8C9C-E6B1717BF612} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {AD722BDF-EF76-47AD-9804-1DB2F1A3E5BC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C17BC89D-7672-4224-8707-37C0D1889AC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155992 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFF60352-300E-44C5-BCB1-05FAF4DE3181} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170168 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6F14EE4-3227-4785-B2A8-3C01FCDB01C0} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F9757DE9-DDDC-45C6-A145-B6BB5BC36D8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9BCADA5-C95A-4A6B-BFEB-43413DDC791F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367288 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDFEBB8A-920C-41D7-A2BA-0F44A6B84253} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FEB1EBAD-5D2B-4ECF-9CFA-64880DC0A3AB} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.2.9.180 10.2.9.2
Tcpip\..\Interfaces\{134036e7-a115-4950-a000-c38636eef46d}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{134036e7-a115-4950-a000-c38636eef46d}: [DhcpNameServer] 10.2.9.180 10.2.9.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ksu47khx.default
FF ProfilePath: C:\Users\avela\AppData\Roaming\Mozilla\Firefox\Profiles\ksu47khx.default [2019-11-21]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\avela\AppData\Roaming\Mozilla\Firefox\Profiles\ksu47khx.default\Extensions\[email protected] [2019-05-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com.mx/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default [2019-11-22]
CHR Extension: (Presentaciones) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-13]
CHR Extension: (Documentos) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-13]
CHR Extension: (Lucidchart Diagrams) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2019-02-13]
CHR Extension: (Google Drive) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-13]
CHR Extension: (YouTube) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-13]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Zotero Connector) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2019-09-21]
CHR Extension: (Hojas de cálculo) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-14]
CHR Extension: (Flatbook) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2019-09-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-15]
CHR Extension: (Black & White) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhlgkfginnlendpfkhcmldikeepoefa [2019-03-31]
CHR Extension: (TubeBuddy) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2019-11-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]
CHR HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atiesrxx.exe [509144 2019-11-02] (Advanced Micro Devices, Inc. -> AMD)
R2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-08-08] (AMD) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-02] (BattlEye Innovations e.K. -> )
S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2015-09-25] (508 Software, LLC -> CleverFiles)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11650416 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-03-27] (ICEpower a/s -> ICEpower)
R2 odoo-server-8.0; C:\Program Files (x86)\Odoo 8.0-20150411\service\win32_service.exe [23552 2015-04-10] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [2524128 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 AMDHDAudBusService; C:\WINDOWS\System32\drivers\amdhdaudbus.sys [76704 2019-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atikmdag.sys [60655320 2019-11-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atikmpag.sys [598224 2019-11-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103456 2019-08-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31520 2019-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [146304 2019-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_e3f21201adb86c74\gameflt.sys [70704 2019-10-11] (Microsoft Windows -> Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-27] (Martin Malik - REALiX -> REALiX(tm))
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-10-26] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2019-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)````
24

El primer reporte FRST Segunda parte


(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-22 23:26 - 2019-11-22 23:26 - 000034480 _____ C:\Users\avela\Desktop\FRST.txt
2019-11-22 23:25 - 2019-11-22 23:25 - 002261504 _____ (Farbar) C:\Users\avela\Desktop\FRST64.exe
2019-11-22 23:13 - 2019-11-22 23:13 - 000000000 ____D C:\Users\avela\Games
2019-11-22 19:32 - 2019-11-22 19:32 - 000041350 _____ C:\Users\avela\Desktop\TransactionRecord_1574472739558.pdf
2019-11-22 18:29 - 2019-11-22 18:29 - 000062756 _____ C:\ProgramData\agent.uninstall.1574468961.bdinstall.v2.bin
2019-11-22 18:27 - 2019-11-22 18:27 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-11-22 18:19 - 2019-11-22 18:19 - 010527368 _____ C:\Users\avela\Desktop\bitdefender_online.exe
2019-11-22 18:19 - 2019-11-22 18:19 - 000103468 _____ C:\ProgramData\agent.1574468382.bdinstall.v2.bin
2019-11-22 18:19 - 2019-11-22 18:19 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-22 18:14 - 2019-11-22 18:14 - 000019839 _____ C:\ProgramData\uninstalltool.1574468080.4572.bin
2019-11-22 18:14 - 2019-11-22 18:14 - 000001366 _____ C:\ProgramData\uninstalltool.1574468080.1376.bin
2019-11-21 23:19 - 2019-11-21 23:19 - 000000000 ____D C:\UWT
2019-11-21 22:58 - 2019-11-21 22:58 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-11-21 22:56 - 2019-11-21 22:56 - 000000020 ___SH C:\Users\avela\ntuser.ini
2019-11-21 22:55 - 2019-11-22 18:30 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2019-11-21 22:55 - 2019-11-22 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-21 22:55 - 2019-11-22 18:29 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-11-21 22:55 - 2019-11-21 22:55 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-21 22:55 - 2019-11-21 22:55 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-11-21 22:55 - 2019-11-21 22:55 - 000003362 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CA36A466-BCA0-4CFD-B00C-A4EEB499DF84}
2019-11-21 22:55 - 2019-11-21 22:55 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-21 22:55 - 2019-11-21 22:55 - 000003096 _____ C:\WINDOWS\system32\Tasks\updater
2019-11-21 22:55 - 2019-11-21 22:55 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-21 22:55 - 2019-11-21 22:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1003
2019-11-21 22:55 - 2019-11-21 22:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1002
2019-11-21 22:55 - 2019-11-21 22:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1001
2019-11-21 22:55 - 2019-11-21 22:55 - 000002688 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP
2019-11-21 22:55 - 2019-11-21 22:55 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-11-21 22:55 - 2019-11-21 22:55 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2019-11-21 22:55 - 2019-11-21 22:55 - 000002374 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2019-11-21 22:55 - 2019-11-21 22:55 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-21 22:55 - 2019-11-21 22:55 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-11-21 22:55 - 2019-11-21 22:55 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-11-21 22:53 - 2019-11-21 22:55 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2019-11-21 22:53 - 2019-11-21 22:55 - 000019053 _____ C:\WINDOWS\diagerr.xml
2019-11-21 22:50 - 2019-11-22 18:34 - 001767630 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-21 22:45 - 2019-11-22 23:13 - 000000000 ____D C:\Users\avela
2019-11-21 22:45 - 2019-11-21 22:49 - 000000000 ____D C:\Users\openpgsvc
2019-11-21 22:45 - 2019-11-21 22:49 - 000000000 ____D C:\Users\Fam
2019-11-21 22:45 - 2019-11-21 22:48 - 000000000 ____D C:\Users\bobal
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\openpgsvc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\Fam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:42 - 2019-10-06 20:55 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-11-21 22:39 - 2019-11-22 23:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-21 22:39 - 2019-11-21 22:47 - 000549168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-21 21:40 - 2019-11-21 22:56 - 000000000 ___DC C:\WINDOWS\Panther
2019-11-21 20:43 - 2019-11-21 22:55 - 000000000 ___HD C:\$GetCurrent
2019-11-21 19:56 - 2019-11-21 21:07 - 000000000 ____D C:\Users\avela\AppData\Roaming\Discord
2019-11-21 19:27 - 2019-11-21 19:32 - 000000000 ____D C:\Users\avela\AppData\Roaming\Crash Bandicoot(TM) N. Sane Trilogy
2019-11-21 18:35 - 2019-11-22 18:30 - 000000000 ____D C:\Users\avela\AppData\LocalLow\uTorrent
2019-11-21 18:31 - 2019-11-21 18:31 - 000000247 _____ C:\DelFix.txt
2019-11-21 18:31 - 2019-11-21 18:31 - 000000000 ____D C:\WINDOWS\ERUNT
2019-11-21 18:26 - 2019-11-22 18:30 - 000000000 ___HD C:\OneDriveTemp
2019-11-21 15:39 - 2019-11-21 22:55 - 000000000 ____D C:\Windows.old
2019-11-21 15:25 - 2019-11-21 15:39 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-11-21 15:23 - 2019-11-21 15:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-11-21 15:23 - 2019-11-21 15:23 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-11-21 15:20 - 2019-11-21 15:20 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-11-21 15:20 - 2019-11-21 15:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2019-11-21 15:20 - 2019-11-21 15:20 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2019-11-21 15:19 - 2019-11-21 15:20 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007904152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006521768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005763848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002763016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-21 15:19 - 2019-11-21 15:19 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001647064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001413864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000822200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-21 15:19 - 2019-11-21 15:19 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-21 15:19 - 2019-11-21 15:19 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-21 15:19 - 2019-11-21 15:19 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-11-21 15:19 - 2019-11-21 15:19 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-11-21 15:19 - 2019-11-21 15:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000065272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-11-21 15:19 - 2019-11-21 15:19 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-11-21 15:19 - 2019-11-21 15:19 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\Program Files\MSBuild
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-11-21 15:12 - 2019-03-18 12:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-11-21 15:12 - 2019-03-18 12:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-11-21 15:12 - 2019-03-18 12:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-11-21 15:12 - 2019-03-18 11:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-11-21 15:12 - 2019-03-18 11:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-11-21 15:12 - 2019-03-01 10:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-11-21 15:12 - 2019-03-01 10:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-11-21 15:12 - 2019-03-01 10:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-11-21 15:12 - 2019-03-01 10:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-11-21 15:12 - 2019-02-05 11:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-11-21 15:12 - 2019-02-05 11:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-11-21 15:12 - 2019-02-05 11:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-11-21 15:12 - 2018-08-09 07:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-11-21 15:09 - 2019-11-21 15:09 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-21 15:09 - 2019-11-21 15:09 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-11-21 11:29 - 2019-11-21 11:29 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Smac
2019-11-21 10:40 - 2019-11-21 10:40 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\adamgryu
2019-11-21 08:51 - 2019-11-21 08:51 - 000000000 ____D C:\Users\bobal\AppData\Local\mbam
2019-11-20 23:20 - 2019-11-22 23:26 - 000000000 ____D C:\FRST
2019-11-20 22:50 - 2019-11-20 23:04 - 000000000 ____D C:\Users\avela\AppData\Roaming\ZHP
2019-11-20 22:50 - 2019-11-20 22:50 - 000000000 ____D C:\Users\avela\AppData\Local\ZHP
2019-11-20 11:47 - 2019-11-20 11:47 - 000000000 ____D C:\Users\bobal\AppData\Local\inXile entertainment
2019-11-20 11:37 - 2019-11-20 11:37 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Arcen Games, LLC
2019-11-20 11:28 - 2019-11-20 11:28 - 000000000 ____D C:\ProgramData\Ubisoft
2019-11-20 11:14 - 2019-11-20 11:14 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Downloaded Installations
2019-11-20 10:51 - 2019-11-20 10:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Hollow Ponds
2019-11-20 10:07 - 2019-11-20 10:07 - 000000000 ____D C:\Users\bobal\AppData\Local\Woten___Resubmission_Build___v10
2019-11-19 09:55 - 2019-11-19 09:55 - 000000000 ____D C:\Users\bobal\AppData\Roaming\DS4Windows
2019-11-19 08:44 - 2019-11-19 08:45 - 008658304 _____ () C:\Users\bobal\Downloads\XboxInstaller (1).exe
2019-11-19 08:18 - 2019-11-19 08:18 - 000000000 ____D C:\Users\bobal\AppData\Local\mbamtray
2019-11-18 19:11 - 2019-11-18 19:11 - 000000223 _____ C:\Users\avela\Desktop\Destiny 2.url
2019-11-18 17:08 - 2019-11-18 17:09 - 000000000 ____D C:\AdwCleaner
2019-11-18 16:30 - 2019-11-18 16:30 - 000000000 ____D C:\Users\avela\AppData\Local\mbam
2019-11-18 16:29 - 2019-11-18 16:29 - 000000000 ____D C:\Users\avela\AppData\Local\mbamtray
2019-11-18 11:06 - 2019-11-18 11:17 - 000003006 _____ C:\InfoSat.txt
2019-11-18 11:03 - 2019-11-18 11:17 - 000000000 ____D C:\WINDOWS\pss
2019-11-17 23:24 - 2019-11-17 23:24 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Lince Works
2019-11-17 23:09 - 2019-11-17 23:09 - 000000252 _____ C:\Users\avela\Desktop\Hyper Light Drifter.url
2019-11-17 22:47 - 2019-11-22 18:12 - 000000000 ____D C:\Users\avela\AppData\Roaming\DS4Windows
2019-11-17 11:57 - 2019-11-17 11:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-11-17 11:56 - 2019-11-21 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-11-17 11:56 - 2019-11-17 11:56 - 000000000 ____D C:\Program Files\EaseUS
2019-11-17 10:35 - 2019-11-17 10:25 - 872415232 _____ C:\Users\avela\Downloads\bitdefender-rescue-cd.iso
2019-11-16 18:44 - 2019-11-18 15:40 - 000000000 ____D C:\Users\avela\AppData\Local\ElevatedDiagnostics
2019-11-16 18:36 - 2019-11-16 18:36 - 010527368 _____ C:\Users\avela\Downloads\bitdefender_online.exe
2019-11-16 18:25 - 2019-11-16 18:25 - 000399256 _____ C:\ProgramData\cl.uninstall.1573950324.bdinstall.v2.bin
2019-11-16 11:17 - 2019-11-16 11:17 - 000000000 ___HD C:\$SysReset
2019-11-10 22:22 - 2019-11-10 22:22 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Dry Cactus
2019-11-02 15:17 - 2019-11-02 15:17 - 059440856 _____ C:\WINDOWS\system32\amdcomgr64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 049336536 _____ C:\WINDOWS\SysWOW64\amdcomgr.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 003915984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 003517144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001714384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001593048 _____ (AMD) C:\WINDOWS\system32\coinst_19.30.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001073104 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001073104 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000929904 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000929904 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000852176 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000852176 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000769232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000709848 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000709848 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000554912 _____ C:\WINDOWS\system32\amdmiracast.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000480984 _____ C:\WINDOWS\system32\GameManager64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000473304 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000382168 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000382168 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000349400 _____ C:\WINDOWS\system32\clinfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000242904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
25

El primer reporte FRST Tercera parte

2019-11-02 15:17 - 2019-11-02 15:17 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000179376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000163544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000138968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000135456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000135384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000126168 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000124632 _____ C:\WINDOWS\system32\atidxx64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000122064 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000121560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000108568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000107736 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2019-11-02 15:16 - 2019-11-02 15:16 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2019-11-02 15:16 - 2019-11-02 15:16 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2019-11-02 15:16 - 2019-11-02 15:16 - 000761560 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2019-11-02 15:16 - 2019-11-02 15:16 - 000553456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2019-11-02 15:16 - 2019-11-02 15:16 - 000553456 _____ C:\WINDOWS\system32\atiapfxx.blb
2019-11-02 15:16 - 2019-11-02 15:16 - 000440536 _____ C:\WINDOWS\system32\atieah64.exe
2019-11-02 15:16 - 2019-11-02 15:16 - 000352984 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2019-11-02 15:16 - 2019-11-02 15:16 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000034488 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2019-10-27 11:35 - 2019-11-18 16:14 - 000000000 ____D C:\Users\avela\AppData\Local\Spotify
2019-10-27 11:35 - 2019-10-27 11:35 - 000001836 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-10-27 11:34 - 2019-11-18 16:52 - 000000000 ____D C:\Users\avela\AppData\Roaming\Spotify
2019-10-26 15:17 - 2019-10-26 15:17 - 008543839 _____ C:\Users\avela\Documents\libro-admondecomprasyabastecimientos.pdf
2019-10-26 09:59 - 2019-10-26 09:59 - 000031520 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2019-10-26 09:58 - 2019-10-26 09:58 - 000438792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdtee_api.dll
2019-10-26 09:58 - 2019-10-26 09:58 - 000352776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdtee_api.dll
2019-10-26 09:58 - 2019-10-26 09:58 - 000146304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2019-10-26 09:58 - 2019-10-26 09:58 - 000076704 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdhdaudbus.sys
2019-10-26 09:57 - 2019-10-26 09:57 - 001158944 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-22 23:26 - 2019-02-13 21:37 - 000000000 ____D C:\Users\avela\AppData\Roaming\uTorrent
2019-11-22 23:24 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-22 23:22 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-22 23:14 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-22 23:14 - 2019-02-13 19:42 - 000000000 ____D C:\Users\avela\AppData\Local\Packages
2019-11-22 23:13 - 2019-02-17 00:11 - 000000000 ____D C:\Users\avela\AppData\Local\D3DSCache
2019-11-22 23:13 - 2019-02-17 00:09 - 000000000 ____D C:\ProgramData\Packages
2019-11-22 23:13 - 2019-02-13 20:01 - 000000000 ____D C:\Users\avela\AppData\Local\PlaceholderTileLogoFolder
2019-11-22 20:48 - 2019-02-13 21:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-22 20:45 - 2019-02-13 21:55 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-22 18:55 - 2019-02-13 20:23 - 000000000 ____D C:\Program Files (x86)\Steam
2019-11-22 18:41 - 2019-02-14 00:16 - 000000000 ____D C:\ProgramData\Origin
2019-11-22 18:37 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-11-22 18:35 - 2019-02-13 20:20 - 000000000 ____D C:\Program Files\Microsoft Office
2019-11-22 18:34 - 2019-03-19 05:59 - 000783276 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-22 18:34 - 2019-03-19 05:59 - 000152746 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-22 18:34 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-22 18:31 - 2019-02-17 19:26 - 000000000 ____D C:\ProgramData\Autodesk
2019-11-22 18:30 - 2019-03-25 21:20 - 000000000 ____D C:\Users\avela\AppData\Local\BitTorrentHelper
2019-11-22 18:30 - 2019-02-17 00:19 - 000000000 ___RD C:\Users\avela\OneDrive - 0o0o9i
2019-11-22 18:29 - 2019-03-25 20:39 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-22 18:29 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-11-22 18:18 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-11-21 23:24 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-21 23:21 - 2019-06-14 18:54 - 000000000 ____D C:\Users\avela\AppData\Local\PackageStaging
2019-11-21 23:20 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-21 23:12 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-21 22:56 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Registration
2019-11-21 22:56 - 2019-02-13 19:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-21 22:56 - 2019-02-13 19:42 - 000000000 ___RD C:\Users\avela\3D Objects
2019-11-21 22:55 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-11-21 22:53 - 2019-02-16 11:43 - 000000000 ___RD C:\Users\bobal\OneDrive
2019-11-21 22:50 - 2019-03-18 22:52 - 000000000 __RSD C:\WINDOWS\Media
2019-11-21 22:50 - 2019-02-16 23:55 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-11-21 22:49 - 2019-02-13 19:52 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-21 22:46 - 2019-08-17 18:26 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-11-21 22:46 - 2019-08-17 15:30 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cleverfiles Disk Drill
2019-11-21 22:46 - 2019-06-08 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2019-11-21 22:46 - 2019-05-17 09:18 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videostream
2019-11-21 22:46 - 2019-05-04 17:20 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2019-11-21 22:46 - 2019-03-29 22:30 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-11-21 22:46 - 2019-03-29 22:28 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-11-21 22:46 - 2019-03-29 21:37 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2019-11-21 22:46 - 2019-03-19 20:28 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games
2019-11-21 22:46 - 2019-02-27 20:00 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
2019-11-21 22:46 - 2019-02-14 23:33 - 000000000 ____D C:\Users\Fam\AppData\Local\Packages
2019-11-21 22:46 - 2019-02-14 19:47 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-21 22:46 - 2019-02-13 22:50 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-11-21 22:45 - 2019-06-29 14:21 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gears of War
2019-11-21 22:45 - 2019-06-29 11:43 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2019-11-21 22:45 - 2019-04-22 11:04 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-11-21 22:45 - 2019-02-14 18:26 - 000000000 ____D C:\Users\bobal\AppData\Local\Packages
2019-11-21 22:45 - 2019-02-13 20:52 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-11-21 22:42 - 2019-03-27 23:33 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-11-21 22:42 - 2019-02-13 19:37 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-11-21 22:42 - 2019-02-13 19:37 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-11-21 21:40 - 2019-06-11 09:08 - 000000036 _____ C:\WINDOWS\progress.ini
2019-11-21 20:43 - 2019-06-11 08:23 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2019-11-21 20:43 - 2019-06-11 08:23 - 000000000 ____D C:\Windows10Upgrade
2019-11-21 18:34 - 2019-02-21 12:30 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-21 18:33 - 2019-03-17 12:59 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Temp
2019-11-21 18:28 - 2019-02-13 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Notepad++
2019-11-21 18:26 - 2019-05-23 12:00 - 000000000 ____D C:\Users\bobal\AppData\Local\Videostream
2019-11-21 15:39 - 2019-10-19 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2019-11-21 15:39 - 2019-09-07 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2019 - English
2019-11-21 15:39 - 2019-09-07 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-11-21 15:39 - 2019-08-17 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-11-21 15:39 - 2019-08-17 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleverfiles Disk Drill
2019-11-21 15:39 - 2019-08-13 19:03 - 000000000 ____D C:\WINDOWS\SysWOW64\rufus_files
2019-11-21 15:39 - 2019-08-12 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Enhanced Edition [GOG.com]
2019-11-21 15:39 - 2019-08-12 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Classic Edition [GOG.com]
2019-11-21 15:39 - 2019-07-27 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3 (x86)
2019-11-21 15:39 - 2019-07-13 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2019
2019-11-21 15:39 - 2019-06-29 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-11-21 15:39 - 2019-06-22 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2019-11-21 15:39 - 2019-06-22 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2019-11-21 15:39 - 2019-06-15 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-21 15:39 - 2019-05-19 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2019-11-21 15:39 - 2019-05-10 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2019-11-21 15:39 - 2019-05-01 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-11-21 15:39 - 2019-04-27 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-11-21 15:39 - 2019-04-15 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
2019-11-21 15:39 - 2019-04-11 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2019-11-21 15:39 - 2019-03-31 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekiro Shadows Die Twice
2019-11-21 15:39 - 2019-03-30 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-11-21 15:39 - 2019-03-30 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-11-21 15:39 - 2019-03-28 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2019-11-21 15:39 - 2019-03-27 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-11-21 15:39 - 2019-03-18 22:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-11-21 15:39 - 2019-03-06 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2019-11-21 15:39 - 2019-03-06 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2019-11-21 15:39 - 2019-02-25 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOMA [GOG.com]
2019-11-21 15:39 - 2019-02-25 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxenfree [GOG.com]
2019-11-21 15:39 - 2019-02-23 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Throttle Remastered [GOG.com]
2019-11-21 15:39 - 2019-02-21 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit
2019-11-21 15:39 - 2019-02-20 23:15 - 000000000 ____D C:\WINDOWS\system32\elambkup
2019-11-21 15:39 - 2019-02-17 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2019-11-21 15:39 - 2019-02-14 21:08 - 000000000 ____D C:\ProgramData\regid.1994-02.com.minitab
2019-11-21 15:39 - 2019-02-14 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab
2019-11-21 15:39 - 2019-02-14 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-21 15:39 - 2019-02-14 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-11-21 15:39 - 2019-02-13 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-11-21 15:39 - 2019-02-13 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-21 15:39 - 2019-02-13 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-11-21 15:39 - 2019-02-13 20:12 - 000000000 ____D C:\Program Files\AMD
2019-11-21 15:39 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-11-21 15:39 - 2017-09-29 07:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-11-21 15:38 - 2019-03-18 22:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-11-21 15:25 - 2019-10-22 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2019-11-21 15:25 - 2019-07-02 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association
2019-11-21 15:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-11-21 15:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Resources
2019-11-21 15:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Help
2019-11-21 15:25 - 2019-02-23 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-11-21 15:25 - 2019-02-21 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard Classics
2019-11-21 15:25 - 2019-02-13 20:14 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-11-21 15:25 - 2019-02-13 19:37 - 000000000 ____D C:\Program Files\Realtek
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-21 15:14 - 2019-03-19 06:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-11-21 15:14 - 2019-03-19 06:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-11-21 15:14 - 2019-03-19 05:59 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-11-21 15:14 - 2019-03-19 05:59 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\IME
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-11-21 15:14 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\servicing
2019-11-21 15:13 - 2019-03-19 06:01 - 000000000 ____D C:\WINDOWS\OCR
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-11-21 15:11 - 2019-03-18 22:56 - 000000000 ____D C:\WINDOWS\Setup
2019-11-21 11:29 - 2019-02-20 13:25 - 000000000 ____D C:\Users\bobal\AppData\Local\D3DSCache
2019-11-21 10:34 - 2019-04-22 11:04 - 000000000 ____D C:\Users\bobal\AppData\Local\Ubisoft Game Launcher
2019-11-21 08:51 - 2019-08-19 09:18 - 000000000 ____D C:\Users\bobal\AppData\Local\cache
2019-11-19 21:45 - 2019-06-08 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Telegram Desktop
2019-11-19 19:46 - 2019-03-30 19:26 - 000000000 ____D C:\Users\avela\AppData\Roaming\vlc
2019-11-19 11:55 - 2019-02-15 10:05 - 000000000 ____D C:\Users\bobal\AppData\Local\PlaceholderTileLogoFolder
2019-11-19 09:27 - 2019-05-17 08:38 - 000000000 ____D C:\Users\bobal\AppData\Local\CrashDumps
2019-11-19 09:25 - 2019-02-23 14:21 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-11-19 09:22 - 2019-06-12 09:23 - 000000000 ____D C:\Users\bobal\AppData\Local\ElevatedDiagnostics
2019-11-18 16:30 - 2019-08-17 19:20 - 000000000 ____D C:\Users\avela\AppData\Local\cache
2019-11-18 14:37 - 2019-05-04 20:32 - 000000000 ____D C:\Users\avela\AppData\Local\CrashDumps
2019-11-18 00:43 - 2019-02-13 20:50 - 000000000 ____D C:\Users\avela\AppData\Roaming\Twitch
2019-11-17 20:30 - 2019-02-14 00:16 - 000000000 ____D C:\Users\avela\AppData\Roaming\Origin
2019-11-17 11:28 - 2019-06-29 20:20 - 000000000 ____D C:\Program Files\Recuva
2019-11-16 19:08 - 2019-02-15 09:50 - 000000000 ___RD C:\Users\Fam\OneDrive
2019-11-15 19:29 - 2019-10-03 18:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-15 19:29 - 2019-10-03 18:53 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-11-15 19:28 - 2019-02-13 22:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-12 19:56 - 2019-02-14 00:20 - 000000000 ____D C:\Program Files (x86)\Origin
2019-11-10 21:18 - 2019-04-11 21:31 - 000000000 ____D C:\Program Files\Calibre2
2019-11-09 15:41 - 2019-06-02 08:50 - 000000000 ___RD C:\Users\avela\Documents\Scanned Documents
2019-11-06 12:31 - 2019-02-21 11:25 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Mozilla
2019-11-05 14:23 - 2019-02-13 19:51 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-05 14:21 - 2019-09-19 11:43 - 000000000 ____D C:\Program Files\Rockstar Games
2019-11-05 14:21 - 2019-09-19 11:43 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-11-05 14:17 - 2019-03-28 10:37 - 000000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2019-11-02 15:10 - 2019-03-27 23:19 - 000000000 ____D C:\ProgramData\ProductData
2019-11-02 14:44 - 2019-02-16 19:39 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-10-30 20:11 - 2019-03-28 19:55 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-27 12:38 - 2019-03-28 19:56 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-10-27 11:17 - 2019-10-22 21:29 - 001065984 _____ C:\Users\avela\AppData\Local\file__0.localstorage
2019-10-24 11:36 - 2019-10-15 12:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Crash Bandicoot(TM) N. Sane Trilogy
2019-10-23 11:10 - 2019-10-15 14:44 - 000000000 ____D C:\Users\bobal\AppData\Local\Mozilla Firefox
2019-10-23 11:10 - 2019-05-23 10:58 - 000001277 _____ C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2016-06-12 00:13 - 2016-06-12 00:13 - 000039192 _____ () C:\Program Files (x86)\branding.dll
2016-06-12 00:13 - 2016-06-12 00:13 - 000000080 _____ () C:\Program Files (x86)\recuva.dat
2019-10-22 21:29 - 2019-10-27 11:17 - 001065984 _____ () C:\Users\avela\AppData\Local\file__0.localstorage
2019-06-23 10:40 - 2019-06-23 10:40 - 000000000 _____ () C:\Users\avela\AppData\Local\oobelibMkey.log
2019-03-06 20:17 - 2019-03-14 21:07 - 000075776 _____ () C:\Users\avela\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================````
26

El reporte Addition primera parte

Ran by avela (22-11-2019 23:27:12)
Running from C:\Users\avela\Desktop
Windows 10 Home Version 1909 18363.476 (X64) (2019-11-22 04:55:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2094261658-3533611375-3775376471-500 - Administrator - Disabled)
avela (S-1-5-21-2094261658-3533611375-3775376471-1001 - Administrator - Enabled) => C:\Users\avela
bobal (S-1-5-21-2094261658-3533611375-3775376471-1002 - Administrator - Enabled) => C:\Users\bobal
DefaultAccount (S-1-5-21-2094261658-3533611375-3775376471-503 - Limited - Disabled)
Invitado (S-1-5-21-2094261658-3533611375-3775376471-501 - Limited - Disabled)
openpgsvc (S-1-5-21-2094261658-3533611375-3775376471-1007 - Limited - Enabled) => C:\Users\openpgsvc
Usuario (S-1-5-21-2094261658-3533611375-3775376471-1003 - Administrator - Enabled) => C:\Users\Fam
WDAGUtilityAccount (S-1-5-21-2094261658-3533611375-3775376471-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.8.1 - Advanced Micro Devices, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.16.29 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team)
AutoCAD 2019 - English (HKLM\...\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack - English (HKLM\...\{28B89EEF-2001-0409-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 - English (HKLM\...\AutoCAD 2019 - English) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Blackthorne (HKLM-x32\...\{C563EEF9-17FF-4563-8B78-82AF0C4577CE}) (Version: 1.0.0 - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{4D4D4686-D99D-4C19-AD38-CE7135518209}) (Version: 4.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk Drill 2.0.0.338 (HKLM-x32\...\{91CF2A75-07FB-4CAF-AE14-2BE4EE77EF00}) (Version: 2.0.338 - CleverFiles)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Epic Games Launcher (HKLM-x32\...\{BB514C00-3DAB-4E6E-8F41-58A61FA35851}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
FileZilla Client 3.41.2 (HKLM-x32\...\FileZilla Client) (Version: 3.41.2 - Tim Kosse)
Gears of War (HKLM-x32\...\{1170D24F-42B7-40CF-AA1B-6395CE562354}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 4640 series Software básico del dispositivo (HKLM\...\{FC0E39B2-B10C-4FC4-9F2D-1A830DC7A71C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyper Light Drifter (HKLM-x32\...\{B515A0C1-B73D-4201-AAE3-1EF8FB1FAF5E}) (Version:  - Heart Machine LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visio Profesional 2016 - es-es (HKLM\...\VisioProRetail - es-es) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09C0A8D5-EEC1-369D-8C7A-2E2DD17DCA5E}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Minitab 18 (HKLM-x32\...\{8D24BFA4-1266-436F-9EBF-F83F5CFADD2E}) (Version: 18.1.0.0 - Minitab, Inc.) Hidden
Minitab 18 (HKLM-x32\...\Minitab 18 18.1.0.0) (Version: 18.1.0.0 - Minitab, Inc.)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Odoo 8.0 (HKLM-x32\...\Odoo 8.0) (Version: 8.0 - OpenERP S.A.)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
PostgreSQL 9.3  (x86) (HKLM-x32\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Python 3.7.2 (32-bit) (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{0f40e78b-67e1-4e0c-a2fd-e9325d9dfc82}) (Version: 3.7.2150.0 - Python Software Foundation)
Python 3.7.2 Add to Path (32-bit) (HKLM-x32\...\{A0253733-D4C4-4964-AB97-C5C80FCD580F}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Core Interpreter (32-bit) (HKLM-x32\...\{3A09B849-4D48-41AA-9461-112E6CEC405D}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Development Libraries (32-bit) (HKLM-x32\...\{A14E7090-5888-460B-9003-1C3DA5AD3D35}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Documentation (32-bit) (HKLM-x32\...\{D2FA452F-4742-4805-BEB1-AC81ED48F4A8}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Executables (32-bit) (HKLM-x32\...\{D6FF50CC-E41E-4FFB-B7B9-72D71BF00C55}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 pip Bootstrap (32-bit) (HKLM-x32\...\{0D2B3674-3B1E-4281-B5FD-37D700602129}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Standard Library (32-bit) (HKLM-x32\...\{667226B8-23CA-47C1-A070-D3B85E8C9292}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{34AD493A-01AA-4D6A-9229-BF0406F22D14}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Test Suite (32-bit) (HKLM-x32\...\{F0B6A6E9-C7E1-4730-A29D-71C02B800028}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Utility Scripts (32-bit) (HKLM-x32\...\{06CE3F8B-A658-462C-AD3D-FA7142297E97}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FA2A3867-8965-4CF7-83E2-C8960652F5AD}) (Version: 3.7.6565.0 - Python Software Foundation)
R for Windows 3.5.2 (HKLM\...\R for Windows 3.5.2_is1) (Version: 3.5.2 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 4.0.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.1 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.3.7 - Rockstar Games)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.463 - RStudio)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SketchUp 2019 (HKLM\...\{E16DD37C-6FBC-F51F-702E-DD6E92D6ED68}) (Version: 19.1.174.20409 - Trimble, Inc.)
Spotify (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Spotify) (Version: 1.1.19.480.g7d17e3ce - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.40309 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
Twitch (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\WinDirStat) (Version:  - )
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XMind 8 Update 4 (v3.7.4) (HKLM-x32\...\XMind_is1) (Version: 3.7.4.201709040350 - XMind Ltd.)

Packages:
=========
ACA NEOGEO METAL SLUG X -> C:\Program Files\WindowsApps\HAMSTERCorporation.ACANEOGEOMETALSLUGX_1.2.2.2_x64__7xd3265gdqs6r [2019-11-21] (HAMSTER Corporation)
Age of Empires Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.Darwin_100.1.28529.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Studios)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.6.0_x86__kc6t79cpj4tp0 [2019-11-21] (AMZN Mobile LLC)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1640.3.0_x86__kgqvnymyfvs32 [2019-11-21] (king.com)
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_20.0.6.0_x64__rsne5bsk8s7tj [2019-06-10] (MAXON Computer GmbH)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [MS Ad]
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-02-13] (Fitbit)
Halo: The Master Chief Collection -> C:\Program Files\WindowsApps\Microsoft.Chelan_1.1000.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (0)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa [2019-11-21] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [MS Ad]
Night Call -> C:\Program Files\WindowsApps\RawFury.NightCallWIN10_1.0.7.0_x64__9s0pnehqffj7t [2019-08-09] (0)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-02-28] (Adobe Systems Incorporated)
Servicios de juegos -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation)
The Gardens Between -> C:\Program Files\WindowsApps\40632TheVoxelAgents.147198BA2FF5B_1.0.10.0_x64__h7sr7gn9kt1nj [2019-06-29] (0)
The Master Chief Collection: REACH -> C:\Program Files\WindowsApps\Microsoft.TheMasterChiefCollectionREACH_1.1.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Studios)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{04271989-C4D2-2DCF-859B-80C8A07FF62E} -> [OneDrive - 0o0o9i] => C:\Users\avela\OneDrive - 0o0o9i [2019-02-17 00:19]
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\avela\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\avela\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-05-30 12:09 - 2019-05-30 12:09 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-05-30 12:09 - 2019-05-30 12:09 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-05-30 12:09 - 2019-05-30 12:09 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 02:32 - 2019-04-21 02:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 02:32 - 2019-04-21 02:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-11-10 07:54 - 2013-11-10 07:54 - 000087552 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_ctypes.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000358400 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_hashlib.pyd
2013-11-25 07:27 - 2013-11-25 07:27 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_psutil_mswindows.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000044544 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_socket.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000899584 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_ssl.pyd
2014-03-04 11:52 - 2014-03-04 11:52 - 000178176 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_yaml.pyd
2014-03-06 07:44 - 2014-03-06 07:44 - 002935296 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\lxml.etree.pyd
2013-05-21 14:28 - 2013-05-21 14:28 - 000008192 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\markupsafe._speedups.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000055808 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.crypto.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.rand.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.SSL.pyd
2014-03-06 22:00 - 2014-03-06 22:00 - 000798720 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\PIL._imaging.pyd
2014-01-08 06:53 - 2014-01-08 06:53 - 001262592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\psycopg2._psycopg.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000127488 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pyexpat.pyd
2014-02-15 16:24 - 2014-02-15 16:24 - 000397312 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pythoncom27.dll
2014-02-15 16:23 - 2014-02-15 16:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pywintypes27.dll
2014-03-06 07:56 - 2014-03-06 07:56 - 000026112 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\reportlab.lib._rl_accel.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\select.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000686080 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\unicodedata.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\win32api.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\win32service.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\pywintypes27.dll
2014-02-15 16:23 - 2014-02-15 16:23 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\servicemanager.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32api.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000036864 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32process.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32service.pyd
2019-09-09 08:29 - 2019-09-09 08:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-08 18:04 - 2019-08-08 18:04 - 000258048 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2014-05-02 06:55 - 2014-05-02 06:55 - 000185344 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 06:05 - 2014-05-02 06:05 - 000173056 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2014-05-02 11:52 - 2014-05-02 11:52 - 000599040 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 000114176 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_ctypes.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000173056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_elementtree.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 001808896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_hashlib.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000032256 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_multiprocessing.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000046080 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_psutil_windows.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000047616 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_socket.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 002241024 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_ssl.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000026112 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\_yappi.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000080896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\bz2.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000016384 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\common.time34.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000007680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\hashobjs_ext.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000301568 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\PIL._imaging.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000169472 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\pyexpat.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 001084416 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\pysqlite2._sqlite.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000548864 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\pythoncom27.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 000137728 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\pywintypes27.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 000010752 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\select.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000020992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\thumbnails_ext.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000689664 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\unicodedata.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000119808 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\usb_ext.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000128512 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32api.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000438784 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32com.shell.shell.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000011776 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32crypt.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000023040 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32event.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000149504 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32file.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000223232 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32gui.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000048128 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32inet.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000029696 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32pdh.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000027648 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32pipe.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000044032 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32process.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32profile.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000136192 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32security.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000026624 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\win32ts.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000034816 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\windows.conditional.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000038400 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\windows.connectivity.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000071680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\windows.device_monitor.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000109056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\windows.volumes.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\windows.winwrap.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 001325056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wx._controls_.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 001489408 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wx._core_.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 001007104 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wx._gdi_.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000103424 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wx._html2.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 000916992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wx._misc_.pyd
2019-11-22 18:30 - 2019-11-22 18:30 - 001039872 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wx._windows_.pyd
2015-08-28 20:16 - 2015-08-28 20:16 - 003496448 _____ (akeo.ie) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\libwdi\amd64\libwdi.dll
2019-02-13 22:55 - 2018-12-30 01:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-11-10 07:54 - 2013-11-10 07:54 - 002449920 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\PYTHON27.DLL
2013-11-10 07:54 - 2013-11-10 07:54 - 002449920 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\PYTHON27.DLL
2019-11-22 18:30 - 2019-11-22 18:30 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\python27.dll
2019-05-30 12:08 - 2019-05-30 12:08 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\LIBEAY32.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\SSLEAY32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-08-08 18:15 - 2019-08-08 18:15 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 11:44 - 2019-01-08 11:44 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wxbase30u_net_vc90_x64.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wxbase30u_vc90_x64.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wxmsw30u_adv_vc90_x64.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wxmsw30u_core_vc90_x64.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wxmsw30u_html_vc90_x64.dll
2019-11-22 18:30 - 2019-11-22 18:30 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107722\wxmsw30u_webview_vc90_x64.dll````
27

El reporte Addition segunda parte


==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 07:46 - 2019-11-21 18:33 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{3B7B1874-21DC-4CEA-B45F-A58D8272C135}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{FBBC02EA-66C1-4E37-BA6A-D530E806080D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{E54DABAA-EC5A-4CB9-886D-300A102110F1}F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [TCP Query User{C82D2152-8515-494E-880B-181D7BFB5F96}F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{0B791B52-B48B-4ABD-A0E1-CE5793EA674A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B55F3A5F-AB6D-4130-9961-28AF7A57F122}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4B8C66B3-4001-482D-9877-85EDF0A250F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2EA2E76A-A1DC-4053-87F7-D03C871F90BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{424D8219-C0D5-46E0-8DFF-E2F5E357E4C8}C:\users\avela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\avela\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{605C216C-C8B1-4D20-B4F9-55D972D4AF92}C:\users\avela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\avela\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{618CE77F-F9CA-44B6-8366-CAA00745BDB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F49C7157-0903-4FFC-88A4-6A9CEF5D5AC0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A07976A-449D-4A6F-8448-DAEF1368572E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB08BA95-6814-4B08-826D-EB17D6CEEE59}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{712EB5EF-F4D6-4AE4-82CD-E80679CCD684}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{384C14AA-4100-43D4-A983-1D0DDE294B1C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{57801674-78DF-43C8-A8CD-753C580FF2E8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6C159D5-E4B5-4AAE-8219-8EAF62D5ADAE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{639FA823-BE63-4673-8691-40B4F894DB0F}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.6.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{09412E1C-CC03-4155-9F4D-3C05AB275116}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.6.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{151FC279-1DA9-4C21-83BB-5DCAAAF8C653}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86FD7446-9A7A-4FED-B618-74D68B79B89C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F9C9780-059C-4603-AEC0-11614822E633}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2BBE786C-D30D-4BDF-9DDB-400DE13E8A6E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A60308A3-AB6C-4D5A-99A9-EB8EAA1130FF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

21-11-2019 23:09:01 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-11-2019 23:19:27 fix

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/22/2019 07:00:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa GameBarFTServer.exe (versión 3.33.1909.18003) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 34f0

Hora de Inicio: 01d5a1954ef4558f

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.33.18003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe

Id. de informe: 2a4805a9-d0e7-4d0c-b068-a902cdaf4dd7

Nombre completo del paquete con errores: Microsoft.XboxGamingOverlay_3.33.18003.0_x64__8wekyb3d8bbwe

Id. de la aplicación relativa al paquete con errores: App

Tipo de bloqueo: Quiesce

Error: (11/22/2019 06:41:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: RevoUninPro.exe, versión: 4.0.1.0, marca de tiempo: 0x5bd7f5db
Nombre del módulo con errores: RevoUninPro.exe, versión: 4.0.1.0, marca de tiempo: 0x5bd7f5db
Código de excepción: 0xc0000409
Desplazamiento de errores: 0x00000000006ecefc
Identificador del proceso con errores: 0x2dcc
Hora de inicio de la aplicación con errores: 0x01d5a195d4424ce4
Ruta de acceso de la aplicación con errores: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
Ruta de acceso del módulo con errores: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
Identificador del informe: 2638e042-0d16-4411-9bc2-bc6cf5085dd4
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (11/22/2019 06:29:45 PM) (Source: odoo-server-8.0) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed

Traceback (most recent call last):
  File "win32serviceutil.pyo", line 835, in SvcRun
  File "win32_service.pyo", line 42, in SvcDoRun
SystemExit: 255

%2: %3

Error: (11/22/2019 06:18:35 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/22/2019 06:14:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (11/22/2019 06:14:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (11/22/2019 12:19:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (11/22/2019 12:19:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]


System errors:
=============
Error: (11/22/2019 06:29:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/22/2019 06:14:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/22/2019 12:24:26 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/22/2019 12:19:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/21/2019 11:57:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/21/2019 11:31:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/21/2019 11:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/21/2019 10:46:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: El servicio AMD User Experience Program Launcher ha sido marcado como servicio interactivo. Sin embargo, el sistema está configurado para no permitir servicios interactivos. Este servicio puede tener un funcionamiento incorrecto.


CodeIntegrity:
===================================

Date: 2019-11-21 23:05:20.861
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-21 23:05:20.855
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-21 22:57:22.247
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-21 22:57:16.883
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-21 22:57:07.098
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-21 22:56:52.183
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 5222 10/14/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME A320M-K
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics 
Percentage of memory in use: 69%
Total physical RAM: 8126.1 MB
Available physical RAM: 2478.9 MB
Total Virtual: 19902.1 MB
Available Virtual: 8417.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.79 GB) (Free:75.58 GB) NTFS
Drive f: () (Fixed) (Total:930.97 GB) (Free:631.28 GB) NTFS

\\?\Volume{4e65c415-6bfb-4e5d-ad19-babe599345f0}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{fa3eafee-ec65-f2e2-1c79-e73702d345cf}\ () (Fixed) (Total:17.68 GB) (Free:0 GB) NTFS
\\?\Volume{e6cd1cb9-f2cc-fe2b-719d-65ea9c5789a8}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a7537661-921f-ed59-a758-f2ff8a6db369}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{dd34b4e2-0cf6-4bf0-b639-ee45717e233d}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 23371AAE)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 5D58A2BE)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.

==================== End of Addition.txt =======================````
28

Hola @irken_larry

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus. en este caso Windows Defender.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
2019-11-22 18:29 - 2019-11-22 18:29 - 000062756 _____ C:\ProgramData\agent.uninstall.1574468961.bdinstall.v2.bin
2019-11-22 18:27 - 2019-11-22 18:27 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-11-22 18:19 - 2019-11-22 18:19 - 010527368 _____ C:\Users\avela\Desktop\bitdefender_online.exe
2019-11-22 18:19 - 2019-11-22 18:19 - 000103468 _____ C:\ProgramData\agent.1574468382.bdinstall.v2.bin
2019-11-22 18:19 - 2019-11-22 18:19 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-22 18:14 - 2019-11-22 18:14 - 000019839 _____ C:\ProgramData\uninstalltool.1574468080.4572.bin
2019-11-22 18:14 - 2019-11-22 18:14 - 000001366 _____ C:\ProgramData\uninstalltool.1574468080.1376.bin
2019-11-16 18:36 - 2019-11-16 18:36 - 010527368 _____ C:\Users\avela\Downloads\bitdefender_online.exe
2019-11-16 18:25 - 2019-11-16 18:25 - 000399256 _____ C:\ProgramData\cl.uninstall.1573950324.bdinstall.v2.bin
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}


RemoveProxy:
EmptyTemp:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

4.- Luego de reiniciar y para asegurarte que no quede ningún resto, realiza los pasos del siguiente enlace:

5.- Reinicias, descargas un nuevo instalador de Bitdefender desde su pagina oficial o el Free

Desactiva por las dudas manualmente Windows Defender

Lo tratas de instalar y nos comentas .

Salu2.

29

Hola @SanMar adjunto el fixlog

Ran by avela (24-11-2019 10:15:35) Run:2
Running from C:\Users\avela\Desktop
Loaded Profiles: avela (Available Profiles: avela & bobal & Usuario & openpgsvc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
2019-11-22 18:29 - 2019-11-22 18:29 - 000062756 _____ C:\ProgramData\agent.uninstall.1574468961.bdinstall.v2.bin
2019-11-22 18:27 - 2019-11-22 18:27 - 000000000 ____D C:\Program Files\Bitdefender Antivirus Free
2019-11-22 18:19 - 2019-11-22 18:19 - 010527368 _____ C:\Users\avela\Desktop\bitdefender_online.exe
2019-11-22 18:19 - 2019-11-22 18:19 - 000103468 _____ C:\ProgramData\agent.1574468382.bdinstall.v2.bin
2019-11-22 18:19 - 2019-11-22 18:19 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-22 18:14 - 2019-11-22 18:14 - 000019839 _____ C:\ProgramData\uninstalltool.1574468080.4572.bin
2019-11-22 18:14 - 2019-11-22 18:14 - 000001366 _____ C:\ProgramData\uninstalltool.1574468080.1376.bin
2019-11-16 18:36 - 2019-11-16 18:36 - 010527368 _____ C:\Users\avela\Downloads\bitdefender_online.exe
2019-11-16 18:25 - 2019-11-16 18:25 - 000399256 _____ C:\ProgramData\cl.uninstall.1573950324.bdinstall.v2.bin
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}


RemoveProxy:
EmptyTemp:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 => removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 => removed successfully
C:\ProgramData\agent.uninstall.1574468961.bdinstall.v2.bin => moved successfully
C:\Program Files\Bitdefender Antivirus Free => moved successfully
C:\Users\avela\Desktop\bitdefender_online.exe => moved successfully
C:\ProgramData\agent.1574468382.bdinstall.v2.bin => moved successfully
C:\ProgramData\Bitdefender Agent => moved successfully
C:\ProgramData\uninstalltool.1574468080.4572.bin => moved successfully
C:\ProgramData\uninstalltool.1574468080.1376.bin => moved successfully
C:\Users\avela\Downloads\bitdefender_online.exe => moved successfully
C:\ProgramData\cl.uninstall.1573950324.bdinstall.v2.bin => moved successfully
"AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}" => removed successfully
"AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}" => removed successfully
"FW: Bitdefender Cortafuego (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}" => removed successfully

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33877777 B
Java, Flash, Steam htmlcache => 35472129 B
Windows/system/drivers => 1325863050 B
Edge => 5911611 B
Chrome => 462143052 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 37710 B
NetworkService => 37710 B
avela => 1153675354 B
bobal => 1153675354 B
Fam => 1153675354 B
openpgsvc => 1153675354 B

RecycleBin => 4040464 B
EmptyTemp: => 6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:16:15 ====````
30

En la siguiente fase de ¿Como desinstalar un antivirus, que no se termina de desinstalar correctamente?

tengo los siguientes resultados:

  • para root\SecurityCenter no obtengo nada en ninguna de las tres consultas (SELECT * FROM AntiVirusProduct, SELECT * FROM FirewallProduct y SELECT * FROM AntiSpywareProduct)

  • para root\SecurityCenter2 tengo dos resultados en SELECT * FROM AntiVirusProduct (Malwarebytes y Winndows Defender) y uno en SELECT * FROM AntiSpywareProduct (Windows defender)

Al presionar “Eliminar” sobre lo que identifiqué como Malwarebytes me da el siguiente error

Errormalwarebytes2
Errormalwarebytes21366×768 509 KB

Adicional, adjunto imágenes de los resultados obtenidos en las consultas

idewd
idewd1366×768 503 KB
idenmalwarebytes
idenmalwarebytes1366×768 496 KB
antyspw
antyspw1366×768 493 KB

31

Hola @irken_larry

Cuando hable de restos me refería a Bitdefender.

Pero ahora al ver las imágenes cuando instalaste Malwarebytes se te activo la versión Premium de prueba, y tal vez sea ese el escollo por lo cual Bitdefender no se deja re-instalar.

Así que desinstala Malwarebytes con su herramienta especifica reinicias, y ahí si vuelves a intentar la instalación de Bitdefender.

Nos comentas.

Salu2

32

Hola @SanMar

Intente con mb-clean y mb-support para desinstalar y obtengo lo siguiente

mb-suppor

2019-11-24 23:01:46.916   Tool Version: 1.5.3.749
2019-11-24 23:01:46.916   Dll Version: 1.0.0.156
2019-11-24 23:01:46.916   Log Path: C:\Users\avela\AppData\Local\Temp\mwbA30A.tmp\mbst-clean-results.txt
2019-11-24 23:01:46.918   User Account Type: Administrator
2019-11-24 23:01:46.918   Date/Time Log Created: 2019-11-24 23:01:46.918
2019-11-24 23:01:46.919   Operating System: Windows 10 (Build 18362.476) x64
2019-11-24 23:01:46.919   
2019-11-24 23:01:46.919   ======================================================
2019-11-24 23:01:46.922   Pre-Reboot Cleanup
2019-11-24 23:01:46.922   ======================================================
2019-11-24 23:01:46.940   OpenService mbamchameleon failed (1060)
2019-11-24 23:01:47.003   Failed to delete Folder c:\users\avela\appdata\local\mbam\, reason:((error=145)),
2019-11-24 23:01:47.003   Failed to delete Folder c:\users\avela\appdata\local\mbamtray\, reason:((error=145)),
2019-11-24 23:01:47.008   Deleted registry key: (SOFTWARE\Malwarebytes)
2019-11-24 23:01:47.011   Deleted registry key: (SOFTWARE\Wow6432Node\Malwarebytes)
2019-11-24 23:01:48.496   LSP Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\######## Not Found
2019-11-24 23:01:48.508   Post reboot settings were configured successfully
2019-11-24 23:01:51.987   --------END OF LOG FILE----------
2019-11-24 23:02:56.421   --------LOGGING STARTED----------
2019-11-24 23:02:56.422   
2019-11-24 23:02:56.423   ======================================================
2019-11-24 23:02:56.424   Post-Reboot Cleanup
2019-11-24 23:02:56.424   ======================================================
2019-11-24 23:02:56.544   Deleted registry key: (SOFTWARE\Malwarebytes)
2019-11-24 23:02:56.614   Failed to delete Folder c:\users\avela\appdata\local\mbam\, reason:((error=145)),
2019-11-24 23:02:56.616   Failed to delete Folder c:\users\avela\appdata\local\mbamtray\, reason:((error=145)),
2019-11-24 23:03:02.814   
2019-11-24 23:03:02.815   ======================================================
2019-11-24 23:03:02.815   Install Malwarebytes for Windows
2019-11-24 23:03:02.816   ======================================================
2019-11-24 23:03:02.817   User choice for reinstall prompt (No clicked)
2019-11-24 23:03:02.818   --------END OF LOG FILE----------

mb.clean

2019-11-24 23:00:08.042   No Malwarebytes software installed.
2019-11-24 23:00:15.246   HKLM\SYSTEM\CurrentControlSet\Services\ESProtectionDriver does not exist.
2019-11-24 23:00:15.246   HKLM\SYSTEM\CurrentControlSet\Services\MBAMChameleon does not exist.
2019-11-24 23:00:15.247   HKLM\SYSTEM\CurrentControlSet\Services\MBAMFarflt does not exist.
2019-11-24 23:00:15.247   HKLM\SYSTEM\CurrentControlSet\Services\MBAMProtection does not exist.
2019-11-24 23:00:15.247   HKLM\SYSTEM\CurrentControlSet\Services\MBAMService does not exist.
2019-11-24 23:00:15.248   HKLM\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy does not exist.
2019-11-24 23:00:15.248   HKLM\SYSTEM\CurrentControlSet\Services\MBAMWebProtection does not exist.
2019-11-24 23:00:17.092   Trying to delete path C:\ProgramData\Malwarebytes\
2019-11-24 23:00:17.092   Cannot delete path C:\ProgramData\Malwarebytes\, reason:((error=3))
2019-11-24 23:00:17.093   Trying to delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\
2019-11-24 23:00:17.093   Cannot delete path C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\, reason:((error=3))
2019-11-24 23:00:17.093   Trying to delete path C:\Program Files\Malwarebytes\Anti-Malware\
2019-11-24 23:00:17.094   Cannot delete path C:\Program Files\Malwarebytes\Anti-Malware\, reason:((error=3))
2019-11-24 23:00:17.095  
 --------END OF LOG FILE ----------

Y me sigue apareciendo en **root\SecurityCenter2** hasta el momento no he intentado instalar Bitdefender
33

Hola @irken_larry

Aun quedan restos, ejecuta nuevamente FRST como la primera vez y pega los nuevos reportes.

Salu2

34

Hola @SanMar

Reporte FRST Primera parte

Ran by avela (administrator) on DESKTOP-O68ORMB (25-11-2019 19:04:04)
Running from C:\Users\avela\Desktop
Loaded Profiles: avela (Available Profiles: avela & bobal & Usuario & openpgsvc)
Platform: Windows 10 Home Version 1909 18363.476 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\openerp-server.exe
() [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32_service.exe
() [File not signed] F:\DS4Windows.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atiesrxx.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\updates\3.5.5_45395\utorrentie.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Mega Limited -> Mega Limited) C:\Users\avela\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\avela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\Xbox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.35.14003.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Nalpeiron Inc -> Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Scarlet.Crush Productions) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [657704 2019-05-14] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [HP Deskjet 4640 series (NET)] => C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [uTorrent] => C:\Users\avela\AppData\Roaming\uTorrent\uTorrent.exe [2005224 2019-10-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [HP Deskjet 4640 series (Red)] => C:\Program Files\HP\HP Deskjet 4640 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36000656 2019-11-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)
Startup: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DS4Windows.lnk [2019-11-17]
ShortcutTarget: DS4Windows.lnk -> F:\DS4Windows.exe () [File not signed]
Startup: C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-05-04]
ShortcutTarget: MEGAsync.lnk -> C:\Users\avela\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {023079A7-E4E7-4A29-8B0C-02A51EE45F36} - System32\Tasks\updater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [464384 2016-01-10] (Nefarius Software Solutions) [File not signed]
Task: {061A344A-ED55-4269-8DC3-3B9A1200FEA5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170168 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {07AE9E08-0E9F-4429-A6C2-6BCB776AEC2A} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {0AD68D47-C4A9-4DEE-9067-600FBE965254} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {0FDB8001-5C8D-417F-ADF6-A0C65676D296} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-08-08] (Advanced Micro Devices, Inc.) [File not signed]
Task: {12E83305-E7BC-455B-B141-0C925B3C6C21} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe
Task: {1613B7A6-C8F8-4CB9-8C0B-1F56007D7844} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-13] (Google Inc -> Google Inc.)
Task: {22E725B5-6FA1-4D1A-AB2D-7CF3704FE85F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {3E90010A-EE91-4BE7-92FF-F5AAC41C669E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367288 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3EC841D6-460A-4F85-A1BE-D569623DFB94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-13] (Google Inc -> Google Inc.)
Task: {500ADD51-758B-45E6-B5DD-9C6F793186E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {56652CD1-EDD8-4C95-B86B-C3F761D397BD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2377608 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D479857-AD6B-410F-8636-2D3B0945E2E9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155992 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A60D41A9-7648-464F-AD10-82B5582441D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {AA65D06C-63D0-4E37-961B-6F2DFF1D831F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {AD722BDF-EF76-47AD-9804-1DB2F1A3E5BC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C0573E33-AC22-4880-AD4C-5ECBEF74CE8C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {C17BC89D-7672-4224-8707-37C0D1889AC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155992 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFF60352-300E-44C5-BCB1-05FAF4DE3181} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2170168 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9757DE9-DDDC-45C6-A145-B6BB5BC36D8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9BCADA5-C95A-4A6B-BFEB-43413DDC791F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367288 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDFEBB8A-920C-41D7-A2BA-0F44A6B84253} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FEB1EBAD-5D2B-4ECF-9CFA-64880DC0A3AB} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.2.9.180 10.2.9.2
Tcpip\..\Interfaces\{134036e7-a115-4950-a000-c38636eef46d}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{134036e7-a115-4950-a000-c38636eef46d}: [DhcpNameServer] 10.2.9.180 10.2.9.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-11-02] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ksu47khx.default
FF ProfilePath: C:\Users\avela\AppData\Roaming\Mozilla\Firefox\Profiles\ksu47khx.default [2019-11-24]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\avela\AppData\Roaming\Mozilla\Firefox\Profiles\ksu47khx.default\Extensions\[email protected] [2019-05-09]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com.mx/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default [2019-11-25]
CHR Extension: (Presentaciones) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-13]
CHR Extension: (Documentos) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-13]
CHR Extension: (Lucidchart Diagrams) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apboafhkiegglekeafbckfjldecefkhn [2019-02-13]
CHR Extension: (Google Drive) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-13]
CHR Extension: (YouTube) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-13]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22]
CHR Extension: (Zotero Connector) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2019-09-21]
CHR Extension: (Hojas de cálculo) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-13]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-14]
CHR Extension: (Flatbook) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [2019-09-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-15]
CHR Extension: (Black & White) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhhlgkfginnlendpfkhcmldikeepoefa [2019-03-31]
CHR Extension: (TubeBuddy) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2019-11-21]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\avela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-31]
CHR HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atiesrxx.exe [509144 2019-11-02] (Advanced Micro Devices, Inc. -> AMD)
S2 AUEPLauncher; C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe [43008 2019-08-08] (AMD) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8403672 2019-03-02] (BattlEye Innovations e.K. -> )
S3 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2015-09-25] (508 Software, LLC -> CleverFiles)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11650416 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [389632 2016-01-10] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2019-09-23] (GOG Sp. z o.o. -> GOG.com)
R2 GamingServices; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServices.exe [21424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 GamingServicesNet; C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [21424 2019-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-03-27] (ICEpower a/s -> ICEpower)
R2 odoo-server-8.0; C:\Program Files (x86)\Odoo 8.0-20150411\service\win32_service.exe [23552 2015-04-10] () [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-12] (Electronic Arts, Inc. -> Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [2524128 2019-03-18] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================````
35

reporte FRST segunda parte


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 AMDHDAudBusService; C:\WINDOWS\System32\drivers\amdhdaudbus.sys [76704 2019-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atikmdag.sys [60655320 2019-11-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0347338.inf_amd64_ac57ebc90aacc6d7\B347375\atikmpag.sys [598224 2019-11-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103456 2019-08-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31520 2019-10-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [146304 2019-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2019-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_e3f21201adb86c74\gameflt.sys [70704 2019-10-11] (Microsoft Windows -> Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-27] (Martin Malik - REALiX -> REALiX(tm))
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-10-26] (Realtek Semiconductor Corp. -> Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 Xvdd; C:\WINDOWS\System32\DriverStore\FileRepository\xvdd.inf_amd64_4beca0218f643d77\xvdd.sys [478256 2019-10-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-25 19:04 - 2019-11-25 19:04 - 000031076 _____ C:\Users\avela\Desktop\FRST.txt
2019-11-25 19:03 - 2019-11-25 19:03 - 000000000 ___HD C:\OneDriveTemp
2019-11-25 19:03 - 2019-11-25 19:03 - 000000000 ____D C:\Users\avela\Desktop\FRST-OlderVersion
2019-11-25 13:14 - 2019-11-25 13:14 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Popcannibal
2019-11-25 12:43 - 2019-11-25 12:43 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Bennett Foddy
2019-11-25 12:41 - 2019-11-25 12:41 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\AP Thomson
2019-11-25 12:18 - 2019-11-25 12:18 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Nonsense Arts
2019-11-25 12:05 - 2019-11-25 12:05 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Fishing Cactus
2019-11-25 11:42 - 2019-11-25 11:42 - 000000020 ___SH C:\Users\bobal\ntuser.ini
2019-11-24 22:59 - 2019-11-24 22:59 - 000858912 _____ (Malwarebytes) C:\Users\avela\Desktop\mb-clean-3.1.0.1035.exe
2019-11-24 22:56 - 2019-11-24 23:01 - 002262016 _____ (Farbar) C:\Users\avela\Downloads\FRSTEnglish.exe
2019-11-24 22:55 - 2019-11-24 22:55 - 009107552 _____ C:\Users\avela\Desktop\mb-support-1.5.3.749.exe
2019-11-24 10:11 - 2019-11-24 10:11 - 000797760 _____ C:\Users\avela\Desktop\delfix.exe
2019-11-22 23:25 - 2019-11-25 19:03 - 002262016 _____ (Farbar) C:\Users\avela\Desktop\FRST64.exe
2019-11-22 23:13 - 2019-11-22 23:13 - 000000000 ____D C:\Users\avela\Games
2019-11-21 23:19 - 2019-11-21 23:19 - 000000000 ____D C:\UWT
2019-11-21 22:58 - 2019-11-21 22:58 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-11-21 22:56 - 2019-11-21 22:56 - 000000020 ___SH C:\Users\avela\ntuser.ini
2019-11-21 22:55 - 2019-11-25 19:02 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2019-11-21 22:55 - 2019-11-25 19:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-21 22:55 - 2019-11-25 15:36 - 000003142 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2019-11-21 22:55 - 2019-11-25 12:06 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CA36A466-BCA0-4CFD-B00C-A4EEB499DF84}
2019-11-21 22:55 - 2019-11-21 22:55 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-21 22:55 - 2019-11-21 22:55 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-11-21 22:55 - 2019-11-21 22:55 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-21 22:55 - 2019-11-21 22:55 - 000003096 _____ C:\WINDOWS\system32\Tasks\updater
2019-11-21 22:55 - 2019-11-21 22:55 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-21 22:55 - 2019-11-21 22:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1003
2019-11-21 22:55 - 2019-11-21 22:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1002
2019-11-21 22:55 - 2019-11-21 22:55 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2094261658-3533611375-3775376471-1001
2019-11-21 22:55 - 2019-11-21 22:55 - 000002688 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP
2019-11-21 22:55 - 2019-11-21 22:55 - 000002608 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-11-21 22:55 - 2019-11-21 22:55 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2019-11-21 22:55 - 2019-11-21 22:55 - 000002374 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2019-11-21 22:55 - 2019-11-21 22:55 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-21 22:55 - 2019-11-21 22:55 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN
2019-11-21 22:55 - 2019-11-21 22:55 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2019-11-21 22:53 - 2019-11-21 22:55 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2019-11-21 22:53 - 2019-11-21 22:55 - 000019053 _____ C:\WINDOWS\diagerr.xml
2019-11-21 22:50 - 2019-11-25 13:27 - 001767630 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-21 22:45 - 2019-11-25 11:42 - 000000000 ____D C:\Users\bobal
2019-11-21 22:45 - 2019-11-22 23:13 - 000000000 ____D C:\Users\avela
2019-11-21 22:45 - 2019-11-21 22:49 - 000000000 ____D C:\Users\openpgsvc
2019-11-21 22:45 - 2019-11-21 22:49 - 000000000 ____D C:\Users\Fam
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\openpgsvc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\Fam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:45 - 2019-03-18 22:46 - 000001105 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-21 22:42 - 2019-10-06 20:55 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-11-21 22:39 - 2019-11-24 12:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-21 22:39 - 2019-11-21 22:47 - 000549168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-21 21:40 - 2019-11-21 22:56 - 000000000 ___DC C:\WINDOWS\Panther
2019-11-21 20:43 - 2019-11-21 22:55 - 000000000 ___HD C:\$GetCurrent
2019-11-21 19:56 - 2019-11-24 12:24 - 000000000 ____D C:\Users\avela\AppData\Roaming\Discord
2019-11-21 19:27 - 2019-11-24 14:07 - 000000000 ____D C:\Users\avela\AppData\Roaming\Crash Bandicoot(TM) N. Sane Trilogy
2019-11-21 18:35 - 2019-11-25 19:03 - 000000000 ____D C:\Users\avela\AppData\LocalLow\uTorrent
2019-11-21 18:31 - 2019-11-24 10:14 - 000000247 _____ C:\DelFix.txt
2019-11-21 18:31 - 2019-11-21 18:31 - 000000000 ____D C:\WINDOWS\ERUNT
2019-11-21 15:39 - 2019-11-21 22:55 - 000000000 ____D C:\Windows.old
2019-11-21 15:25 - 2019-11-21 15:39 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-11-21 15:23 - 2019-11-21 15:25 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-11-21 15:23 - 2019-11-21 15:23 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-11-21 15:20 - 2019-11-21 15:20 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 006232576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 005501952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 004307968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 004129408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 003487232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 002956472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 002399232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001866272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2019-11-21 15:20 - 2019-11-21 15:20 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2019-11-21 15:20 - 2019-11-21 15:20 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2019-11-21 15:20 - 2019-11-21 15:20 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2019-11-21 15:19 - 2019-11-21 15:20 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 017787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 008011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007904152 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007849424 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006521768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006227104 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006166016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 006082808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005890048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005763848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 005112320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004615616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 004578816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004150272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004140544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004047360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 004005888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003967920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 003791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003752960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003728384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003591208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003371928 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003105792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 003084800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002988344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002772272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002763016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002703872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 002586816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002576384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002562048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002258848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002126112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002120704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001974824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001920512 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001916984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-11-21 15:19 - 2019-11-21 15:19 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001691648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001664688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001647064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 001413912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001413864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001394168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001327064 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001259416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001171704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001069064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001059840 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001017680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000911824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000874936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000874536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000822200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000822072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000768488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000679152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000657424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000638264 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000589592 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000586768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000551736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000517432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000514576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-21 15:19 - 2019-11-21 15:19 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000466928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000461320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000452920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000404904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000380944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000375720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000372752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000322504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000291256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000251512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\accessibilitycpl.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-21 15:19 - 2019-11-21 15:19 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000204816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accessibilitycpl.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000193800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-21 15:19 - 2019-11-21 15:19 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000164776 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll````
36

Teporte FRST tercera parte

2019-11-21 15:19 - 2019-11-21 15:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000136536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationControlCSP.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Utilman.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\EaseOfAccessDialog.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000113160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000105488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sethc.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-11-21 15:19 - 2019-11-21 15:19 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Utilman.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EaseOfAccessDialog.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000093496 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000088568 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AtBroker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000084488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2019-11-21 15:19 - 2019-11-21 15:19 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sethc.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\reg.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AtBroker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000065272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000061240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\reg.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000047208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-11-21 15:19 - 2019-11-21 15:19 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winnsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\posetup.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000028344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winnsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000021304 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2019-11-21 15:19 - 2019-11-21 15:19 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-11-21 15:19 - 2019-11-21 15:19 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dstokenclean.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscadminui.exe
2019-11-21 15:19 - 2019-11-21 15:19 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-21 15:19 - 2019-11-21 15:19 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\Program Files\MSBuild
2019-11-21 15:12 - 2019-11-21 15:12 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-11-21 15:12 - 2019-03-18 12:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-11-21 15:12 - 2019-03-18 12:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-11-21 15:12 - 2019-03-18 12:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-11-21 15:12 - 2019-03-18 11:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-11-21 15:12 - 2019-03-18 11:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-11-21 15:12 - 2019-03-01 10:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-11-21 15:12 - 2019-03-01 10:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-11-21 15:12 - 2019-03-01 10:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-11-21 15:12 - 2019-03-01 10:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-11-21 15:12 - 2019-02-05 11:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-11-21 15:12 - 2019-02-05 11:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-11-21 15:12 - 2019-02-05 11:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-11-21 15:12 - 2018-08-09 07:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-11-21 15:09 - 2019-11-21 15:09 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-21 15:09 - 2019-11-21 15:09 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-11-21 11:29 - 2019-11-21 11:29 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Smac
2019-11-21 10:40 - 2019-11-21 10:40 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\adamgryu
2019-11-21 08:51 - 2019-11-21 08:51 - 000000000 ____D C:\Users\bobal\AppData\Local\mbam
2019-11-20 23:20 - 2019-11-25 19:04 - 000000000 ____D C:\FRST
2019-11-20 22:50 - 2019-11-20 23:04 - 000000000 ____D C:\Users\avela\AppData\Roaming\ZHP
2019-11-20 22:50 - 2019-11-20 22:50 - 000000000 ____D C:\Users\avela\AppData\Local\ZHP
2019-11-20 11:47 - 2019-11-20 11:47 - 000000000 ____D C:\Users\bobal\AppData\Local\inXile entertainment
2019-11-20 11:37 - 2019-11-20 11:37 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Arcen Games, LLC
2019-11-20 11:28 - 2019-11-20 11:28 - 000000000 ____D C:\ProgramData\Ubisoft
2019-11-20 11:14 - 2019-11-20 11:14 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Downloaded Installations
2019-11-20 10:51 - 2019-11-20 10:51 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Hollow Ponds
2019-11-20 10:07 - 2019-11-20 10:07 - 000000000 ____D C:\Users\bobal\AppData\Local\Woten___Resubmission_Build___v10
2019-11-19 09:55 - 2019-11-25 13:24 - 000000000 ____D C:\Users\bobal\AppData\Roaming\DS4Windows
2019-11-19 08:44 - 2019-11-19 08:45 - 008658304 _____ () C:\Users\bobal\Downloads\XboxInstaller (1).exe
2019-11-19 08:18 - 2019-11-19 08:18 - 000000000 ____D C:\Users\bobal\AppData\Local\mbamtray
2019-11-18 19:11 - 2019-11-18 19:11 - 000000223 _____ C:\Users\avela\Desktop\Destiny 2.url
2019-11-18 17:08 - 2019-11-18 17:09 - 000000000 ____D C:\AdwCleaner
2019-11-18 16:30 - 2019-11-18 16:30 - 000000000 ____D C:\Users\avela\AppData\Local\mbam
2019-11-18 16:29 - 2019-11-18 16:29 - 000000000 ____D C:\Users\avela\AppData\Local\mbamtray
2019-11-18 11:06 - 2019-11-18 11:17 - 000003006 _____ C:\InfoSat.txt
2019-11-18 11:03 - 2019-11-18 11:17 - 000000000 ____D C:\WINDOWS\pss
2019-11-17 23:24 - 2019-11-17 23:24 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Lince Works
2019-11-17 23:09 - 2019-11-17 23:09 - 000000252 _____ C:\Users\avela\Desktop\Hyper Light Drifter.url
2019-11-17 22:47 - 2019-11-25 19:03 - 000000000 ____D C:\Users\avela\AppData\Roaming\DS4Windows
2019-11-17 11:57 - 2019-11-17 11:57 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-11-17 11:56 - 2019-11-21 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-11-17 11:56 - 2019-11-17 11:56 - 000000000 ____D C:\Program Files\EaseUS
2019-11-17 10:35 - 2019-11-17 10:25 - 872415232 _____ C:\Users\avela\Downloads\bitdefender-rescue-cd.iso
2019-11-16 18:44 - 2019-11-18 15:40 - 000000000 ____D C:\Users\avela\AppData\Local\ElevatedDiagnostics
2019-11-16 11:17 - 2019-11-16 11:17 - 000000000 ___HD C:\$SysReset
2019-11-10 22:22 - 2019-11-10 22:22 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Dry Cactus
2019-11-02 15:17 - 2019-11-02 15:17 - 059440856 _____ C:\WINDOWS\system32\amdcomgr64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 049336536 _____ C:\WINDOWS\SysWOW64\amdcomgr.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 003915984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 003517144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001714384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001593048 _____ (AMD) C:\WINDOWS\system32\coinst_19.30.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001243352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001073104 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 001073104 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000941784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000929904 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000929904 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000852176 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000852176 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000769232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000709848 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000709848 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000574680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000554912 _____ C:\WINDOWS\system32\amdmiracast.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000554200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000493784 _____ C:\WINDOWS\system32\dgtrayicon.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000485592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000480984 _____ C:\WINDOWS\system32\GameManager64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000473304 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000469208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000384216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000382168 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000382168 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000349400 _____ C:\WINDOWS\system32\clinfo.exe
2019-11-02 15:17 - 2019-11-02 15:17 - 000242904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000214744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000184536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000179376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000163544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000159448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000158216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000153304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000138968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000136408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000135456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000135384 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000128952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000126168 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000124632 _____ C:\WINDOWS\system32\atidxx64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000122064 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000121560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000119856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000108568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000108560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000107736 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000106200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000071080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000047320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000044248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2019-11-02 15:17 - 2019-11-02 15:17 - 000020392 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2019-11-02 15:16 - 2019-11-02 15:16 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2019-11-02 15:16 - 2019-11-02 15:16 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2019-11-02 15:16 - 2019-11-02 15:16 - 000761560 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2019-11-02 15:16 - 2019-11-02 15:16 - 000553456 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2019-11-02 15:16 - 2019-11-02 15:16 - 000553456 _____ C:\WINDOWS\system32\atiapfxx.blb
2019-11-02 15:16 - 2019-11-02 15:16 - 000440536 _____ C:\WINDOWS\system32\atieah64.exe
2019-11-02 15:16 - 2019-11-02 15:16 - 000352984 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2019-11-02 15:16 - 2019-11-02 15:16 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2019-11-02 15:16 - 2019-11-02 15:16 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2019-11-02 15:16 - 2019-11-02 15:16 - 000034488 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2019-10-27 11:35 - 2019-11-18 16:14 - 000000000 ____D C:\Users\avela\AppData\Local\Spotify
2019-10-27 11:35 - 2019-10-27 11:35 - 000001836 _____ C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-10-27 11:34 - 2019-11-18 16:52 - 000000000 ____D C:\Users\avela\AppData\Roaming\Spotify
2019-10-26 15:17 - 2019-10-26 15:17 - 008543839 _____ C:\Users\avela\Documents\libro-admondecomprasyabastecimientos.pdf
2019-10-26 09:59 - 2019-10-26 09:59 - 000031520 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2019-10-26 09:58 - 2019-10-26 09:58 - 000438792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdtee_api.dll
2019-10-26 09:58 - 2019-10-26 09:58 - 000352776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdtee_api.dll
2019-10-26 09:58 - 2019-10-26 09:58 - 000146304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\Drivers\amdpsp.sys
2019-10-26 09:58 - 2019-10-26 09:58 - 000076704 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdhdaudbus.sys
2019-10-26 09:57 - 2019-10-26 09:57 - 001158944 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-25 19:03 - 2019-03-25 21:20 - 000000000 ____D C:\Users\avela\AppData\Local\BitTorrentHelper
2019-11-25 19:03 - 2019-02-17 19:26 - 000000000 ____D C:\ProgramData\Autodesk
2019-11-25 19:03 - 2019-02-17 00:19 - 000000000 ___RD C:\Users\avela\OneDrive - 0o0o9i
2019-11-25 19:03 - 2019-02-14 00:16 - 000000000 ____D C:\ProgramData\Origin
2019-11-25 19:03 - 2019-02-13 21:37 - 000000000 ____D C:\Users\avela\AppData\Roaming\uTorrent
2019-11-25 19:02 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-25 15:36 - 2019-03-25 20:39 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-11-25 15:36 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-25 15:36 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-11-25 13:27 - 2019-03-19 05:59 - 000783276 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-25 13:27 - 2019-03-19 05:59 - 000152746 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-25 13:27 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-25 13:14 - 2019-02-20 13:25 - 000000000 ____D C:\Users\bobal\AppData\Local\D3DSCache
2019-11-25 13:09 - 2019-02-15 10:05 - 000000000 ____D C:\Users\bobal\AppData\Local\PlaceholderTileLogoFolder
2019-11-25 13:09 - 2019-02-14 18:26 - 000000000 ____D C:\Users\bobal\AppData\Local\Packages
2019-11-25 11:44 - 2019-02-16 11:43 - 000000000 ___RD C:\Users\bobal\OneDrive
2019-11-25 11:43 - 2019-05-23 12:00 - 000000000 ____D C:\Users\bobal\AppData\Local\Videostream
2019-11-25 11:43 - 2019-02-14 18:26 - 000000000 ___RD C:\Users\bobal\3D Objects
2019-11-25 11:43 - 2019-02-13 19:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-25 11:42 - 2019-02-13 20:01 - 000000000 ____D C:\Users\avela\AppData\Local\PlaceholderTileLogoFolder
2019-11-24 20:31 - 2019-02-13 20:23 - 000000000 ____D C:\Program Files (x86)\Steam
2019-11-24 12:23 - 2019-02-17 00:11 - 000000000 ____D C:\Users\avela\AppData\Local\D3DSCache
2019-11-24 10:38 - 2019-06-08 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Telegram Desktop
2019-11-24 10:12 - 2019-10-03 18:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-24 10:12 - 2019-10-03 18:53 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-11-22 23:14 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-22 23:14 - 2019-02-13 19:42 - 000000000 ____D C:\Users\avela\AppData\Local\Packages
2019-11-22 23:13 - 2019-02-17 00:09 - 000000000 ____D C:\ProgramData\Packages
2019-11-22 20:48 - 2019-02-13 21:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-22 20:45 - 2019-02-13 21:55 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-22 18:37 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-11-22 18:35 - 2019-02-13 20:20 - 000000000 ____D C:\Program Files\Microsoft Office
2019-11-22 18:18 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-11-21 23:24 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-21 23:21 - 2019-06-14 18:54 - 000000000 ____D C:\Users\avela\AppData\Local\PackageStaging
2019-11-21 23:20 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-21 23:12 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-21 22:56 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Registration
2019-11-21 22:56 - 2019-02-13 19:42 - 000000000 ___RD C:\Users\avela\3D Objects
2019-11-21 22:55 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-11-21 22:50 - 2019-03-18 22:52 - 000000000 __RSD C:\WINDOWS\Media
2019-11-21 22:50 - 2019-02-16 23:55 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-11-21 22:49 - 2019-02-13 19:52 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-21 22:46 - 2019-08-17 18:26 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-11-21 22:46 - 2019-08-17 15:30 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cleverfiles Disk Drill
2019-11-21 22:46 - 2019-06-08 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2019-11-21 22:46 - 2019-05-17 09:18 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videostream
2019-11-21 22:46 - 2019-05-04 17:20 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2019-11-21 22:46 - 2019-03-29 22:30 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2019-11-21 22:46 - 2019-03-29 22:28 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2019-11-21 22:46 - 2019-03-29 21:37 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2019-11-21 22:46 - 2019-03-19 20:28 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch Games
2019-11-21 22:46 - 2019-02-27 20:00 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7
2019-11-21 22:46 - 2019-02-14 23:33 - 000000000 ____D C:\Users\Fam\AppData\Local\Packages
2019-11-21 22:46 - 2019-02-14 19:47 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-21 22:46 - 2019-02-13 22:50 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-11-21 22:45 - 2019-06-29 14:21 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gears of War
2019-11-21 22:45 - 2019-06-29 11:43 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2019-11-21 22:45 - 2019-04-22 11:04 - 000000000 ____D C:\Users\bobal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-11-21 22:45 - 2019-02-13 20:52 - 000000000 ____D C:\Users\avela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-11-21 22:42 - 2019-03-27 23:33 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-11-21 22:42 - 2019-02-13 19:37 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-11-21 22:42 - 2019-02-13 19:37 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-11-21 21:40 - 2019-06-11 09:08 - 000000036 _____ C:\WINDOWS\progress.ini
2019-11-21 20:43 - 2019-06-11 08:23 - 000000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2019-11-21 20:43 - 2019-06-11 08:23 - 000000000 ____D C:\Windows10Upgrade
2019-11-21 18:34 - 2019-02-21 12:30 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-21 18:33 - 2019-03-17 12:59 - 000000000 ____D C:\Users\avela\AppData\LocalLow\Temp
2019-11-21 18:28 - 2019-02-13 21:34 - 000000000 ____D C:\Users\avela\AppData\Roaming\Notepad++
2019-11-21 15:39 - 2019-10-19 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2019-11-21 15:39 - 2019-09-07 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2019 - English
2019-11-21 15:39 - 2019-09-07 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2019-11-21 15:39 - 2019-08-17 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2019-11-21 15:39 - 2019-08-17 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleverfiles Disk Drill
2019-11-21 15:39 - 2019-08-13 19:03 - 000000000 ____D C:\WINDOWS\SysWOW64\rufus_files
2019-11-21 15:39 - 2019-08-12 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Enhanced Edition [GOG.com]
2019-11-21 15:39 - 2019-08-12 11:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Shock - Classic Edition [GOG.com]
2019-11-21 15:39 - 2019-07-27 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3 (x86)
2019-11-21 15:39 - 2019-07-13 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2019
2019-11-21 15:39 - 2019-06-29 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2019-11-21 15:39 - 2019-06-22 20:55 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2019-11-21 15:39 - 2019-06-22 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2019-11-21 15:39 - 2019-06-15 20:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-21 15:39 - 2019-05-19 10:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
2019-11-21 15:39 - 2019-05-10 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2019-11-21 15:39 - 2019-05-01 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-11-21 15:39 - 2019-04-27 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-11-21 15:39 - 2019-04-15 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ComicRack
2019-11-21 15:39 - 2019-04-11 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2019-11-21 15:39 - 2019-03-31 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekiro Shadows Die Twice
2019-11-21 15:39 - 2019-03-30 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-11-21 15:39 - 2019-03-30 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-11-21 15:39 - 2019-03-28 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
2019-11-21 15:39 - 2019-03-27 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-21 15:39 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-11-21 15:39 - 2019-03-18 22:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-11-21 15:39 - 2019-03-06 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2019-11-21 15:39 - 2019-03-06 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2019-11-21 15:39 - 2019-02-25 13:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOMA [GOG.com]
2019-11-21 15:39 - 2019-02-25 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oxenfree [GOG.com]
2019-11-21 15:39 - 2019-02-23 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Throttle Remastered [GOG.com]
2019-11-21 15:39 - 2019-02-21 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit
2019-11-21 15:39 - 2019-02-20 23:15 - 000000000 ____D C:\WINDOWS\system32\elambkup
2019-11-21 15:39 - 2019-02-17 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2019-11-21 15:39 - 2019-02-14 21:08 - 000000000 ____D C:\ProgramData\regid.1994-02.com.minitab
2019-11-21 15:39 - 2019-02-14 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minitab
2019-11-21 15:39 - 2019-02-14 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-21 15:39 - 2019-02-14 00:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-11-21 15:39 - 2019-02-13 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-11-21 15:39 - 2019-02-13 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-21 15:39 - 2019-02-13 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-11-21 15:39 - 2019-02-13 20:12 - 000000000 ____D C:\Program Files\AMD
2019-11-21 15:39 - 2018-04-11 17:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-11-21 15:39 - 2017-09-29 07:46 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-11-21 15:38 - 2019-03-18 22:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-11-21 15:25 - 2019-10-22 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2019-11-21 15:25 - 2019-07-02 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association
2019-11-21 15:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-11-21 15:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Resources
2019-11-21 15:25 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\Help
2019-11-21 15:25 - 2019-02-23 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2019-11-21 15:25 - 2019-02-21 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blizzard Classics
2019-11-21 15:25 - 2019-02-13 20:14 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-11-21 15:25 - 2019-02-13 19:37 - 000000000 ____D C:\Program Files\Realtek
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2019-11-21 15:22 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-21 15:14 - 2019-03-19 06:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-11-21 15:14 - 2019-03-19 06:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-11-21 15:14 - 2019-03-19 05:59 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-11-21 15:14 - 2019-03-19 05:59 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\IME
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-11-21 15:14 - 2019-03-18 22:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-11-21 15:14 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\servicing
2019-11-21 15:13 - 2019-03-19 06:01 - 000000000 ____D C:\WINDOWS\OCR
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-11-21 15:12 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-11-21 15:11 - 2019-03-18 22:56 - 000000000 ____D C:\WINDOWS\Setup
2019-11-21 10:34 - 2019-04-22 11:04 - 000000000 ____D C:\Users\bobal\AppData\Local\Ubisoft Game Launcher
2019-11-21 08:51 - 2019-08-19 09:18 - 000000000 ____D C:\Users\bobal\AppData\Local\cache
2019-11-19 19:46 - 2019-03-30 19:26 - 000000000 ____D C:\Users\avela\AppData\Roaming\vlc
2019-11-19 09:27 - 2019-05-17 08:38 - 000000000 ____D C:\Users\bobal\AppData\Local\CrashDumps
2019-11-19 09:25 - 2019-02-23 14:21 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-11-19 09:22 - 2019-06-12 09:23 - 000000000 ____D C:\Users\bobal\AppData\Local\ElevatedDiagnostics
2019-11-18 16:30 - 2019-08-17 19:20 - 000000000 ____D C:\Users\avela\AppData\Local\cache
2019-11-18 14:37 - 2019-05-04 20:32 - 000000000 ____D C:\Users\avela\AppData\Local\CrashDumps
2019-11-18 00:43 - 2019-02-13 20:50 - 000000000 ____D C:\Users\avela\AppData\Roaming\Twitch
2019-11-17 20:30 - 2019-02-14 00:16 - 000000000 ____D C:\Users\avela\AppData\Roaming\Origin
2019-11-17 11:28 - 2019-06-29 20:20 - 000000000 ____D C:\Program Files\Recuva
2019-11-16 19:08 - 2019-02-15 09:50 - 000000000 ___RD C:\Users\Fam\OneDrive
2019-11-15 19:28 - 2019-02-13 22:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-12 19:56 - 2019-02-14 00:20 - 000000000 ____D C:\Program Files (x86)\Origin
2019-11-10 21:18 - 2019-04-11 21:31 - 000000000 ____D C:\Program Files\Calibre2
2019-11-09 15:41 - 2019-06-02 08:50 - 000000000 ___RD C:\Users\avela\Documents\Scanned Documents
2019-11-06 12:31 - 2019-02-21 11:25 - 000000000 ____D C:\Users\bobal\AppData\LocalLow\Mozilla
2019-11-05 14:23 - 2019-02-13 19:51 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-05 14:21 - 2019-09-19 11:43 - 000000000 ____D C:\Program Files\Rockstar Games
2019-11-05 14:21 - 2019-09-19 11:43 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-11-05 14:17 - 2019-03-28 10:37 - 000000000 ____D C:\Program Files (x86)\Bethesda.net Launcher
2019-11-02 15:10 - 2019-03-27 23:19 - 000000000 ____D C:\ProgramData\ProductData
2019-11-02 14:44 - 2019-02-16 19:39 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-10-30 20:11 - 2019-03-28 19:55 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2019-10-27 12:38 - 2019-03-28 19:56 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-10-27 11:17 - 2019-10-22 21:29 - 001065984 _____ C:\Users\avela\AppData\Local\file__0.localstorage

==================== Files in the root of some directories ========

2016-06-12 00:13 - 2016-06-12 00:13 - 000039192 _____ () C:\Program Files (x86)\branding.dll
2016-06-12 00:13 - 2016-06-12 00:13 - 000000080 _____ () C:\Program Files (x86)\recuva.dat
2019-10-22 21:29 - 2019-10-27 11:17 - 001065984 _____ () C:\Users\avela\AppData\Local\file__0.localstorage
2019-06-23 10:40 - 2019-06-23 10:40 - 000000000 _____ () C:\Users\avela\AppData\Local\oobelibMkey.log
2019-03-06 20:17 - 2019-03-14 21:07 - 000075776 _____ () C:\Users\avela\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================````
37

Reporte Addition primera parte

Ran by avela (25-11-2019 19:05:14)
Running from C:\Users\avela\Desktop
Windows 10 Home Version 1909 18363.476 (X64) (2019-11-22 04:55:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2094261658-3533611375-3775376471-500 - Administrator - Disabled)
avela (S-1-5-21-2094261658-3533611375-3775376471-1001 - Administrator - Enabled) => C:\Users\avela
bobal (S-1-5-21-2094261658-3533611375-3775376471-1002 - Administrator - Enabled) => C:\Users\bobal
DefaultAccount (S-1-5-21-2094261658-3533611375-3775376471-503 - Limited - Disabled)
Invitado (S-1-5-21-2094261658-3533611375-3775376471-501 - Limited - Disabled)
openpgsvc (S-1-5-21-2094261658-3533611375-3775376471-1007 - Limited - Enabled) => C:\Users\openpgsvc
Usuario (S-1-5-21-2094261658-3533611375-3775376471-1003 - Administrator - Enabled) => C:\Users\Fam
WDAGUtilityAccount (S-1-5-21-2094261658-3533611375-3775376471-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.06 (x64) (HKLM\...\7-Zip) (Version: 18.06 - Igor Pavlov)
ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.8.1 - Advanced Micro Devices, Inc.)
Aplicación de escritorio de Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.16.29 - Autodesk)
Aplicaciones destacadas de Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Audacity 2.3.1 (HKLM-x32\...\Audacity_is1) (Version: 2.3.1 - Audacity Team)
AutoCAD 2019 - English (HKLM\...\{28B89EEF-2001-0409-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack - English (HKLM\...\{28B89EEF-2001-0409-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 - English (HKLM\...\AutoCAD 2019 - English) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Nombre de su organización) Hidden
Blackthorne (HKLM-x32\...\{C563EEF9-17FF-4563-8B78-82AF0C4577CE}) (Version: 1.0.0 - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{4D4D4686-D99D-4C19-AD38-CE7135518209}) (Version: 4.3.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Disk Drill 2.0.0.338 (HKLM-x32\...\{91CF2A75-07FB-4CAF-AE14-2BE4EE77EF00}) (Version: 2.0.338 - CleverFiles)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Epic Games Launcher (HKLM-x32\...\{BB514C00-3DAB-4E6E-8F41-58A61FA35851}) (Version: 1.1.206.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
FileZilla Client 3.41.2 (HKLM-x32\...\FileZilla Client) (Version: 3.41.2 - Tim Kosse)
Gears of War (HKLM-x32\...\{1170D24F-42B7-40CF-AA1B-6395CE562354}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Deskjet 4640 series Software básico del dispositivo (HKLM\...\{FC0E39B2-B10C-4FC4-9F2D-1A830DC7A71C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hyper Light Drifter (HKLM-x32\...\{B515A0C1-B73D-4201-AAE3-1EF8FB1FAF5E}) (Version:  - Heart Machine LLC)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visio Profesional 2016 - es-es (HKLM\...\VisioProRetail - es-es) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09C0A8D5-EEC1-369D-8C7A-2E2DD17DCA5E}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Minitab 18 (HKLM-x32\...\{8D24BFA4-1266-436F-9EBF-F83F5CFADD2E}) (Version: 18.1.0.0 - Minitab, Inc.) Hidden
Minitab 18 (HKLM-x32\...\Minitab 18 18.1.0.0) (Version: 18.1.0.0 - Minitab, Inc.)
MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Odoo 8.0 (HKLM-x32\...\Odoo 8.0) (Version: 8.0 - OpenERP S.A.)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nombre de su organización)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.55.33574 - Electronic Arts, Inc.)
PostgreSQL 9.3  (x86) (HKLM-x32\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
Python 3.7.2 (32-bit) (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{0f40e78b-67e1-4e0c-a2fd-e9325d9dfc82}) (Version: 3.7.2150.0 - Python Software Foundation)
Python 3.7.2 Add to Path (32-bit) (HKLM-x32\...\{A0253733-D4C4-4964-AB97-C5C80FCD580F}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Core Interpreter (32-bit) (HKLM-x32\...\{3A09B849-4D48-41AA-9461-112E6CEC405D}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Development Libraries (32-bit) (HKLM-x32\...\{A14E7090-5888-460B-9003-1C3DA5AD3D35}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Documentation (32-bit) (HKLM-x32\...\{D2FA452F-4742-4805-BEB1-AC81ED48F4A8}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Executables (32-bit) (HKLM-x32\...\{D6FF50CC-E41E-4FFB-B7B9-72D71BF00C55}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 pip Bootstrap (32-bit) (HKLM-x32\...\{0D2B3674-3B1E-4281-B5FD-37D700602129}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Standard Library (32-bit) (HKLM-x32\...\{667226B8-23CA-47C1-A070-D3B85E8C9292}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{34AD493A-01AA-4D6A-9229-BF0406F22D14}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Test Suite (32-bit) (HKLM-x32\...\{F0B6A6E9-C7E1-4730-A29D-71C02B800028}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python 3.7.2 Utility Scripts (32-bit) (HKLM-x32\...\{06CE3F8B-A658-462C-AD3D-FA7142297E97}) (Version: 3.7.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FA2A3867-8965-4CF7-83E2-C8960652F5AD}) (Version: 3.7.6565.0 - Python Software Foundation)
R for Windows 3.5.2 (HKLM\...\R for Windows 3.5.2_is1) (Version: 3.5.2 - R Core Team)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 4.0.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.1 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.3.7 - Rockstar Games)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RStudio (HKLM-x32\...\RStudio) (Version: 1.1.463 - RStudio)
ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
SketchUp 2019 (HKLM\...\{E16DD37C-6FBC-F51F-702E-DD6E92D6ED68}) (Version: 19.1.174.20409 - Trimble, Inc.)
Spotify (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\Spotify) (Version: 1.1.19.480.g7d17e3ce - Spotify AB)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.7.40309 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
Telegram Desktop version 1.8.15 (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC)
Twitch (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\...\WinDirStat) (Version:  - )
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
XMind 8 Update 4 (v3.7.4) (HKLM-x32\...\XMind_is1) (Version: 3.7.4.201709040350 - XMind Ltd.)

Packages:
=========
ACA NEOGEO METAL SLUG X -> C:\Program Files\WindowsApps\HAMSTERCorporation.ACANEOGEOMETALSLUGX_1.2.2.2_x64__7xd3265gdqs6r [2019-11-21] (HAMSTER Corporation)
Age of Empires Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.Darwin_100.1.28529.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Studios)
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.6.0_x86__kc6t79cpj4tp0 [2019-11-21] (AMZN Mobile LLC)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1640.3.0_x86__kgqvnymyfvs32 [2019-11-21] (king.com)
Cinebench -> C:\Program Files\WindowsApps\MAXONComputerGmbH.Cinebench_20.0.6.0_x64__rsne5bsk8s7tj [2019-06-10] (MAXON Computer GmbH)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [MS Ad]
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x64__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
DirectX -> C:\Program Files\WindowsApps\Microsoft.DirectXRuntime_9.29.952.0_x86__8wekyb3d8bbwe [2019-06-12] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-02-13] (Fitbit)
Halo: The Master Chief Collection -> C:\Program Files\WindowsApps\Microsoft.Chelan_1.1000.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-16] (0)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa [2019-11-21] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [MS Ad]
Night Call -> C:\Program Files\WindowsApps\RawFury.NightCallWIN10_1.0.7.0_x64__9s0pnehqffj7t [2019-08-09] (0)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-02-28] (Adobe Systems Incorporated)
Servicios de juegos -> C:\Program Files\WindowsApps\Microsoft.GamingServices_1.34.7001.0_x64__8wekyb3d8bbwe [2019-10-11] (Microsoft Corporation)
The Gardens Between -> C:\Program Files\WindowsApps\40632TheVoxelAgents.147198BA2FF5B_1.0.10.0_x64__h7sr7gn9kt1nj [2019-06-29] (0)
The Master Chief Collection: REACH -> C:\Program Files\WindowsApps\Microsoft.TheMasterChiefCollectionREACH_1.1.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Studios)
Xbox (Beta) -> C:\Program Files\WindowsApps\Microsoft.GamingApp_1911.1001.8.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Corporation) [Startup Task]
38

Reporte Addition segunda parte


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{04271989-C4D2-2DCF-859B-80C8A07FF62E} -> [OneDrive - 0o0o9i] => C:\Users\avela\OneDrive - 0o0o9i [2019-02-17 00:19]
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\avela\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\avela\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2094261658-3533611375-3775376471-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2018-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-02-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\avela\AppData\Local\MEGAsync\ShellExtX64.dll [2019-09-21] (Mega Limited -> )
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-12-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-05-30 12:09 - 2019-05-30 12:09 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-05-30 12:09 - 2019-05-30 12:09 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-05-30 12:09 - 2019-05-30 12:09 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-04-21 02:32 - 2019-04-21 02:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-04-21 02:32 - 2019-04-21 02:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-04-21 02:33 - 2019-04-21 02:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2013-11-10 07:54 - 2013-11-10 07:54 - 000087552 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_ctypes.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000358400 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_hashlib.pyd
2013-11-25 07:27 - 2013-11-25 07:27 - 000036352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_psutil_mswindows.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000044544 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_socket.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000899584 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_ssl.pyd
2014-03-04 11:52 - 2014-03-04 11:52 - 000178176 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\_yaml.pyd
2014-03-06 07:44 - 2014-03-06 07:44 - 002935296 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\lxml.etree.pyd
2013-05-21 14:28 - 2013-05-21 14:28 - 000008192 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\markupsafe._speedups.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000055808 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.crypto.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.rand.pyd
2013-09-04 07:30 - 2013-09-04 07:30 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\OpenSSL.SSL.pyd
2014-03-06 22:00 - 2014-03-06 22:00 - 000798720 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\PIL._imaging.pyd
2014-01-08 06:53 - 2014-01-08 06:53 - 001262592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\psycopg2._psycopg.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000127488 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pyexpat.pyd
2014-02-15 16:24 - 2014-02-15 16:24 - 000397312 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pythoncom27.dll
2014-02-15 16:23 - 2014-02-15 16:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\pywintypes27.dll
2014-03-06 07:56 - 2014-03-06 07:56 - 000026112 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\reportlab.lib._rl_accel.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\select.pyd
2013-11-10 07:54 - 2013-11-10 07:54 - 000686080 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\unicodedata.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\win32api.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\win32service.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\pywintypes27.dll
2014-02-15 16:23 - 2014-02-15 16:23 - 000027648 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\servicemanager.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000100352 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32api.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000036864 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32process.pyd
2014-02-15 16:23 - 2014-02-15 16:23 - 000042496 _____ () [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\win32service.pyd
2019-02-14 00:20 - 2019-11-12 19:56 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2019-02-14 00:20 - 2019-11-12 19:56 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2019-09-09 08:29 - 2019-09-09 08:29 - 000057344 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000074240 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2019-09-09 08:30 - 2019-09-09 08:30 - 000368640 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-08-08 18:04 - 2019-08-08 18:04 - 000258048 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 03:47 - 2018-03-13 03:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2015-02-19 00:13 - 2015-02-19 00:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2014-05-02 06:55 - 2014-05-02 06:55 - 000185344 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpflac.dll
2014-05-02 06:05 - 2014-05-02 06:05 - 000173056 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\ikpmp3.dll
2014-05-02 11:52 - 2014-05-02 11:52 - 000599040 _____ () [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\irrKlang\amd64\irrKlang.NET4.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 000114176 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_ctypes.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000173056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_elementtree.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 001808896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_hashlib.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000032256 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_multiprocessing.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000046080 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_psutil_windows.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000047616 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_socket.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 002241024 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_ssl.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000026112 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\_yappi.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000080896 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\bz2.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000016384 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\common.time34.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000007680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\hashobjs_ext.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000301568 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\PIL._imaging.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000169472 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\pyexpat.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 001084416 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\pysqlite2._sqlite.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000548864 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\pythoncom27.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 000137728 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\pywintypes27.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 000010752 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\select.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000020992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\thumbnails_ext.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000689664 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\unicodedata.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000119808 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\usb_ext.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000128512 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32api.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000438784 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32com.shell.shell.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000011776 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32crypt.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000023040 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32event.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000149504 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32file.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000223232 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32gui.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000048128 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32inet.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000029696 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32pdh.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000027648 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32pipe.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000044032 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32process.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32profile.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000136192 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32security.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000026624 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\win32ts.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000034816 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\windows.conditional.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000038400 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\windows.connectivity.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000071680 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\windows.device_monitor.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000109056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\windows.volumes.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000020480 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\windows.winwrap.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 001325056 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wx._controls_.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 001489408 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wx._core_.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 001007104 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wx._gdi_.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000103424 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wx._html2.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 000916992 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wx._misc_.pyd
2019-11-25 19:03 - 2019-11-25 19:03 - 001039872 _____ () [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wx._windows_.pyd
2019-11-24 11:03 - 2019-11-24 11:03 - 000315392 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ReactiveSockets\7a7be2000ab371d028461021a1c00376\ReactiveSockets.ni.dll
2015-08-28 20:16 - 2015-08-28 20:16 - 003496448 _____ (akeo.ie) [File not signed] C:\Program Files\Nefarius Software Solutions\ScpToolkit\libwdi\amd64\libwdi.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000356864 _____ (Benjamin Höglinger) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Libarius\c1ad45a93032af4bcdd93661aa0d33a2\Libarius.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 001546240 _____ (dbreeze.tiesky.com) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DBreeze\6f86a3de4591f7e486e55e803b426441\DBreeze.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000760320 _____ (Galos) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CSScriptLibrary\c9b36ddc41f883b1aa2a6fed0c7c37e1\CSScriptLibrary.ni.dll
2019-02-13 22:55 - 2018-12-30 01:00 - 000077824 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000629760 _____ (Illusory Studios LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\HidSharp\611b926b8fc9a4436e3cc2079d902789\HidSharp.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000284160 _____ (MadMilkman) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MadMilkman.Ini\0cc4b098b9d319afa760ef93fb38ca82\MadMilkman.Ini.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000150016 _____ (michaelnoonan) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WindowsInput\8ebd1a6d35dc9d209bd0bde4a4d65287\WindowsInput.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 005551616 _____ (Mono development team) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Mono.CSharp\f76a21b04acefece61f9fb41b454b733\Mono.CSharp.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 002822144 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\9c8c5cf766910e250956d013b83f74cf\Newtonsoft.Json.ni.dll
2013-11-10 07:54 - 2013-11-10 07:54 - 002449920 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\PYTHON27.DLL
2013-11-10 07:54 - 2013-11-10 07:54 - 002449920 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\service\PYTHON27.DLL
2019-11-25 19:03 - 2019-11-25 19:03 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\python27.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000159744 _____ (Richard Deeming) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Trinet.Core.IO.Ntfs\e3411834149f1f64081694829236a2b1\Trinet.Core.IO.Ntfs.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000164352 _____ (Scarlet.Crush Productions) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ScpControl.Shared\9ac1b9ed4aac2a83425e95d25268bcda\ScpControl.Shared.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 001137664 _____ (Scarlet.Crush Productions) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ScpControl\59be32f30e23a3c39bbcb0bb3dc59c21\ScpControl.ni.dll
2019-11-24 11:03 - 2019-11-24 11:03 - 000978432 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\log4net\f08a4b053e03795cea47c5fcf13ecb81\log4net.ni.dll
2019-05-30 12:08 - 2019-05-30 12:08 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\LIBEAY32.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Odoo 8.0-20150411\server\SSLEAY32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2019-02-14 00:20 - 2019-11-12 19:56 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-11-12 19:56 - 2019-11-12 19:56 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 00:42 - 2017-09-14 00:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 00:37 - 2017-09-14 00:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\avela\AppData\Local\MEGAsync\platforms\qwindows.dll
2019-08-08 18:15 - 2019-08-08 18:15 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 11:43 - 2019-01-08 11:43 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wxbase30u_net_vc90_x64.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wxbase30u_vc90_x64.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wxmsw30u_adv_vc90_x64.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wxmsw30u_core_vc90_x64.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wxmsw30u_html_vc90_x64.dll
2019-11-25 19:03 - 2019-11-25 19:03 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\avela\AppData\Local\Temp\_MEI107762\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\avela\AppData\Local\Temp:$DATA​ [16]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Software\Classes\.scr: AutoCADScriptFile => 

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 07:46 - 2019-11-21 18:33 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Calibre2\
HKU\S-1-5-21-2094261658-3533611375-3775376471-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{3B7B1874-21DC-4CEA-B45F-A58D8272C135}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{FBBC02EA-66C1-4E37-BA6A-D530E806080D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{E54DABAA-EC5A-4CB9-886D-300A102110F1}F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [TCP Query User{C82D2152-8515-494E-880B-181D7BFB5F96}F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) F:\steamlibrary\steamapps\common\crash bandicoot - n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> )
FirewallRules: [{0B791B52-B48B-4ABD-A0E1-CE5793EA674A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B55F3A5F-AB6D-4130-9961-28AF7A57F122}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4B8C66B3-4001-482D-9877-85EDF0A250F5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2EA2E76A-A1DC-4053-87F7-D03C871F90BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{424D8219-C0D5-46E0-8DFF-E2F5E357E4C8}C:\users\avela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\avela\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{605C216C-C8B1-4D20-B4F9-55D972D4AF92}C:\users\avela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\avela\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{618CE77F-F9CA-44B6-8366-CAA00745BDB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F49C7157-0903-4FFC-88A4-6A9CEF5D5AC0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A07976A-449D-4A6F-8448-DAEF1368572E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB08BA95-6814-4B08-826D-EB17D6CEEE59}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{712EB5EF-F4D6-4AE4-82CD-E80679CCD684}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{384C14AA-4100-43D4-A983-1D0DDE294B1C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{57801674-78DF-43C8-A8CD-753C580FF2E8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6C159D5-E4B5-4AAE-8219-8EAF62D5ADAE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12102.3.43028.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{639FA823-BE63-4673-8691-40B4F894DB0F}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.6.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{09412E1C-CC03-4155-9F4D-3C05AB275116}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_7.8.6.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon Services LLC) [File not signed]
FirewallRules: [{151FC279-1DA9-4C21-83BB-5DCAAAF8C653}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86FD7446-9A7A-4FED-B618-74D68B79B89C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F9C9780-059C-4603-AEC0-11614822E633}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2BBE786C-D30D-4BDF-9DDB-400DE13E8A6E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A60308A3-AB6C-4D5A-99A9-EB8EAA1130FF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{40CB2953-BE32-44B5-B5EC-77317C94A741}F:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) F:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{716E68BC-47C2-4A7C-B898-2E1E196BBDB2}F:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) F:\steamlibrary\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{E494F104-5FCD-4517-B397-35EF0265A8A7}C:\users\bobal\appdata\local\videostream\app-0.3.6\videostream-native\videostream-native.exe] => (Block) C:\users\bobal\appdata\local\videostream\app-0.3.6\videostream-native\videostream-native.exe (RouteThis Inc. -> )
FirewallRules: [UDP Query User{4A68E562-697D-4484-B3D5-B4A5B9952127}C:\users\bobal\appdata\local\videostream\app-0.3.6\videostream-native\videostream-native.exe] => (Block) C:\users\bobal\appdata\local\videostream\app-0.3.6\videostream-native\videostream-native.exe (RouteThis Inc. -> )

==================== Restore Points =========================

21-11-2019 23:09:01 Revo Uninstaller Pro's restore point - Malwarebytes version 4.0.4.49
21-11-2019 23:19:27 fix

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/25/2019 03:36:19 PM) (Source: odoo-server-8.0) (EventID: 3) (User: )
Description: The instance's SvcRun() method failed

Traceback (most recent call last):
  File "win32serviceutil.pyo", line 835, in SvcRun
  File "win32_service.pyo", line 42, in SvcDoRun
SystemExit: 255

%2: %3

Error: (11/25/2019 03:36:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (11/25/2019 03:36:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (11/25/2019 03:36:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.

Error: (11/25/2019 03:36:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (11/25/2019 01:06:47 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: El tamaño del búfer necesario es mayor que el tamaño del búfer que se llevó a la función Collect del archivo DLL del contador extensible "C:\Windows\System32\perfts.dll" del servicio "LSM". El tamaño del búfer indicado era 24704 y el tamaño necesario es 49784.

Error: (11/24/2019 11:09:43 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]

Error: (11/24/2019 11:02:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Información del Servicio de instantáneas de volumen: el servidor COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} y el nombre CEventSystem no puede iniciarse. [0x8007045b, Se está cerrando el sistema.
]


System errors:
=============
Error: (11/25/2019 03:36:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/24/2019 11:09:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/24/2019 11:02:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/24/2019 10:56:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/24/2019 02:30:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/24/2019 10:15:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Adaptador de rendimiento de WMI terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/24/2019 10:15:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD User Experience Program Launcher se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/24/2019 10:15:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Disc Soft Lite Bus Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===================================

Date: 2019-11-21 23:05:20.861
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-21 23:05:20.855
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\FileZilla FTP Client\fzshellext_64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-21 22:57:22.247
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-21 22:57:16.883
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-21 22:57:07.098
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-21 22:56:52.183
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 5222 10/14/2019
Motherboard: ASUSTeK COMPUTER INC. PRIME A320M-K
Processor: AMD Ryzen 5 2400G with Radeon Vega Graphics 
Percentage of memory in use: 63%
Total physical RAM: 8126.1 MB
Available physical RAM: 2947.65 MB
Total Virtual: 19902.1 MB
Available Virtual: 11301.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.79 GB) (Free:75.95 GB) NTFS
Drive f: () (Fixed) (Total:930.97 GB) (Free:586.73 GB) NTFS

\\?\Volume{4e65c415-6bfb-4e5d-ad19-babe599345f0}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{e6cd1cb9-f2cc-fe2b-719d-65ea9c5789a8}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{fa3eafee-ec65-f2e2-1c79-e73702d345cf}\ () (Fixed) (Total:17.68 GB) (Free:0 GB) NTFS
\\?\Volume{a7537661-921f-ed59-a758-f2ff8a6db369}\ () (Fixed) (Total:0 GB) (Free:0 GB) NTFS
\\?\Volume{dd34b4e2-0cf6-4bf0-b639-ee45717e233d}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 23371AAE)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 5D58A2BE)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 4.
39

Hola @irken_larry

Vamos por los restos de Malwarebytes:

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus. en tu caso revisa si se activo Windows Defender, si es así lo desactivas siguiendo los pasos del enlace.

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:


Start
CloseProcesses:
CreateRestorePoint:
C:\Program Files\Malwarebytes\Anti-Malware
C:\Program Files\Malwarebytes
C:\ProgramData\Malwarebytes
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-18 16:29 - 2019-11-18 16:29 - 000000000 ____D C:\Users\avela\AppData\Local\mbamtray
2019-11-18 16:30 - 2019-11-18 16:30 - 000000000 ____D C:\Users\avela\AppData\Local\mbam
2019-11-24 22:59 - 2019-11-24 22:59 - 000858912 _____ (Malwarebytes) C:\Users\avela\Desktop\mb-clean-3.1.0.1035.exe
2019-11-24 22:55 - 2019-11-24 22:55 - 009107552 _____ C:\Users\avela\Desktop\mb-support-1.5.3.749.exe
2019-11-21 08:51 - 2019-11-21 08:51 - 000000000 ____D C:\Users\bobal\AppData\Local\mbam
2019-11-19 08:18 - 2019-11-19 08:18 - 000000000 ____D C:\Users\bobal\AppData\Local\mbamtray
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

EmptyTemp:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

40

Hola @SanMar

anexo el fixlog

Ran by avela (26-11-2019 19:30:53) Run:3
Running from C:\Users\avela\Desktop
Loaded Profiles: avela (Available Profiles: avela & bobal & Usuario & openpgsvc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
C:\Program Files\Malwarebytes\Anti-Malware
C:\Program Files\Malwarebytes
C:\ProgramData\Malwarebytes
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-18 16:29 - 2019-11-18 16:29 - 000000000 ____D C:\Users\avela\AppData\Local\mbamtray
2019-11-18 16:30 - 2019-11-18 16:30 - 000000000 ____D C:\Users\avela\AppData\Local\mbam
2019-11-24 22:59 - 2019-11-24 22:59 - 000858912 _____ (Malwarebytes) C:\Users\avela\Desktop\mb-clean-3.1.0.1035.exe
2019-11-24 22:55 - 2019-11-24 22:55 - 009107552 _____ C:\Users\avela\Desktop\mb-support-1.5.3.749.exe
2019-11-21 08:51 - 2019-11-21 08:51 - 000000000 ____D C:\Users\bobal\AppData\Local\mbam
2019-11-19 08:18 - 2019-11-19 08:18 - 000000000 ____D C:\Users\bobal\AppData\Local\mbamtray
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

EmptyTemp:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"C:\Program Files\Malwarebytes\Anti-Malware" => not found
"C:\Program Files\Malwarebytes" => not found
"C:\ProgramData\Malwarebytes" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes" => not found
C:\Users\avela\AppData\Local\mbamtray => moved successfully
C:\Users\avela\AppData\Local\mbam => moved successfully
C:\Users\avela\Desktop\mb-clean-3.1.0.1035.exe => moved successfully
C:\Users\avela\Desktop\mb-support-1.5.3.749.exe => moved successfully
C:\Users\bobal\AppData\Local\mbam => moved successfully
C:\Users\bobal\AppData\Local\mbamtray => moved successfully
"AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11695365 B
Java, Flash, Steam htmlcache => 19204463 B
Windows/system/drivers => 72886575 B
Edge => 0 B
Chrome => 88615156 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 29542 B
NetworkService => 29542 B
avela => 173442825 B
bobal => 179975604 B
Fam => 179975604 B
openpgsvc => 179975604 B

RecycleBin => 8313356 B
EmptyTemp: => 879.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:31:57 ====

Ahora al hacer la búsqueda con root\SecurityCenter2 solo me sale un resultado y es Windows Defender, ahora procederé a probar la instalación de Bitdefender

41

Hola @irken_larry

Perfecto, ese era el siguiente paso instalar tu AV.

Nos comentas si funcionó.

Salu2