No puedo actualizar Windows 10 (versión 1809)

Hola, ya era usuario en el foro y hacía bastante que no andaba por acá. Quisiera saber si me pueden ayudar con un problema de actualización de Windows 10. Desde hace un tiempo me aparece la leyenda que no es posible realizar la actualización (que es la versión 1809 amd64 2019-03). Cuando ingreso a la configuración todo va perfecto, hasta que al llegar al 25 % (tal como se ve en la imagen) me salta el otro aviso ("Algunas aplicaciones se tienen que desinstalar). En efecto, le doy a “Desinstalar y continuar” pero me vuelve a decir lo mismo, que debo eliminar las aplicaciones y después actualizar. Aclaro que tuve instalado el programa que se menciona ahí, el Sandboxie, pero luego lo desinstalé. Incluso usé CCleaner para limpiar registros y el Revo Unistaller para borrar cualquier posible huella del programa, pero nada, siempre que el sistema intenta actualizarse es la misma historia. ¿Algún consejo de lo que estoy haciendo mal?

Muchas gracias de antemano.

problema actualizar windows 10 (1).jpg1920×1080 185 KB

problema actualizar windows 10 (2).jpg798×515 37.9 KB

problema actualizar windows 10 (3).jpg800×527 46.4 KB

Hola @helter_1983 bienvenido a esta nueva etapa del FORO.

Es posible que sigan existiendo restos de ese programa y por eso el proceso de actualización te da problemas.

Imagino que YA habrás revisado desde el panel de “Programas Instalados” de windows y NO tienes ningún resto o componente/parte de ese programa que comentas…??

La version de Windows que tienes instalada actualmente cual es…??

Saludos.

Hola, gracias por la respuesta. Sí, recordaba haber instalado ese programa pero al poco tiempo lo quité, fue una de las primeras cosas que hice revisar el listado de programas instalados y ya no estaba. Luego pasé el CCleaner para limpiar el registro hasta que ya no encontró nada. Tengo Windows 10 Enterprise, versión 1803.

Entendido y ahora realiza estos pasos :

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Descargar en TU ESCRITORIO(y NO en otro lugar )

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los dos informes en tu próxima respuesta.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Saludos.

Hola, gracias, seguí los pasos y abajo empiezo a adjuntar el informe. Primero Frst.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2019
Ran by CDD (administrator) on DESKTOP-5ROB5F9 (21-06-2019 00:41:20)
Running from C:\Users\CDD\Desktop
Loaded Profiles: CDD & MSSQL$SQLEXPRESS (Available Profiles: CDD & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS)
Platform: Windows 10 Enterprise Version 1803 17134.648 (X64) Language: Español (México)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Program Files\NetWorx\networx.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776192 2016-12-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [7640904 2016-12-08] (SOFTPERFECT PTY. LTD. -> SoftPerfect)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250712 2018-05-20] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153808 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe, <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\Run: [ASRock A-Tuning] => [X]
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46956792 2019-05-22] (Google LLC -> )
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2018-05-20]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
Startup: C:\Users\CDD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-02-08]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicyScripts: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13BF709F-F5D9-4516-BFB5-BAE392031F44} - no filepath
Task: {15BB6E05-7106-419E-B08A-2C934252BDF2} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [914896 2018-04-15] (Glarysoft LTD -> Glarysoft Ltd)
Task: {1F9442C8-4E86-4919-AA9A-D2CCF43FAD14} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23A921BB-B718-401A-9AF5-75F2772120CB} - no filepath
Task: {2866D305-0F2D-4256-B08A-BF0B5FB0E913} - System32\Tasks\Core Temp Autostart CDD => C:\Program Files\Core Temp\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)
Task: {2985C7D0-6312-440A-BE64-1153516CEDF8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2B68EE86-22B5-4ECA-B8FB-095246768FDF} - no filepath
Task: {3A6189D8-72B8-445A-ABAC-BF22E56CB97D} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {435DF7D7-283E-4F0D-8DD5-863592AC605A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {47DBD437-54F3-47C2-A1DC-9483B8054D6E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4EE7A662-E170-41DC-A81F-8C4BE82CC731} - no filepath
Task: {6AA0B5CB-07AD-4062-8B03-61122C9468C1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72D14EBA-90E2-4BE2-B5DD-08252827796A} - no filepath
Task: {7478F7DD-6F90-4C07-9E54-EC6E9188EA27} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [135120 2018-04-15] (Glarysoft LTD -> Glarysoft Ltd)
Task: {752A80E0-4BCE-4F49-94A9-4E5C24FC79FB} - no filepath
Task: {8258258A-C353-43F0-8E40-24CAFC9E4483} - no filepath
Task: {8B42721F-2779-456D-B9F0-7E8E46BFE4F4} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {92A78932-0FF8-4310-ADBF-C66BD6802B25} - no filepath
Task: {A0294555-E69A-474F-8F2C-CF8441184F6E} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2952037624-2585293238-3401107817-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [615160 2019-06-05] (Mega Limited -> Mega Limited)
Task: {A76397E7-0A85-41E1-BBB9-3A6D4BE804D6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9D6D296-ED01-4A62-8A71-E07DFE45A145} - no filepath
Task: {ACF0A388-5BB9-43BE-97A8-2F88E23DF59F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ADE24835-A187-4FDE-B04D-A053D2D2405D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-28] (Google Inc -> Google Inc.)
Task: {AE2FC3B5-6E12-4155-A7B0-F7EECA0F1C10} - no filepath
Task: {C45AC2C6-EE48-4794-8D46-E59D160CC458} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {CEB237E3-59E7-4532-A378-9CAB55054D56} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF4FCD54-415C-4F3F-8E54-12135E1A9AFD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D11AED34-BFA1-4538-9B19-4E06D6C08C88} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {E334CEF9-D54E-4B54-85A3-68A6FB8E9ADA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-28] (Google Inc -> Google Inc.)
Task: {F1E2245F-4407-450A-9581-424D0A0BD737} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F4D8F516-7DD4-4A2E-BA61-CAF63B9B51DF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F83E3CA6-CA9B-452A-93B8-D811E0C59DB7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{4900c97d-a878-4001-a7f4-537f2245a136}: [DhcpNameServer] 10.14.0.1
Tcpip\..\Interfaces\{ab1430f0-3209-435c-a171-785ec7d4ebd6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{ab1430f0-3209-435c-a171-785ec7d4ebd6}: [DhcpNameServer] 186.130.128.250 186.130.129.250

Internet Explorer:
==================
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ar.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180531__yaie
SearchScopes: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://ar.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180531__yaie&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2018-05-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2017-03-30] (Visicom Media Inc. -> )
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2018-05-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2017-03-30] (Visicom Media Inc. -> )
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2017-03-30] (Visicom Media Inc. -> )
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2017-03-30] (Visicom Media Inc. -> )

FireFox:
========
FF DefaultProfile: rn34qu2q.default
FF DefaultProfile: w9splgl5.default
FF ProfilePath: C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default [2019-06-21]
FF Homepage: Mozilla\Firefox\Profiles\rn34qu2q.default -> www.google.com.ar/
FF NewTab: Mozilla\Firefox\Profiles\rn34qu2q.default -> hxxps://ar.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180531__yaff
FF NetworkProxy: Mozilla\Firefox\Profiles\rn34qu2q.default -> backup.ftp", "181.10.158.203 "
FF Extension: (anonymoX) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\[email protected] [2018-12-15]
FF Extension: (MyJDownloader Browser Extension) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\[email protected] [2019-05-31] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json]
FF Extension: (Saved Password Editor) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\[email protected] [2017-11-02] [Legacy]
FF Extension: (Tile Tabs WE) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\[email protected] [2019-04-20]
FF Extension: (Tile Tabs) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\[email protected] [2017-08-17] [Legacy]
FF Extension: (NoScript) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2019-06-16]
FF Extension: (Foxtrick WebExt (beta)) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}.xpi [2019-06-02] [UpdateUrl:hxxps://www.foxtrick.org/beta/update.json]
FF Extension: (Password Exporter) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2017-07-28] [Legacy]
FF Extension: (Panda Security Toolbar) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}.xpi [2017-02-21] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-05-31]
FF Extension: (No Name) - C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20]
FF SearchPlugin: C:\Users\CDD\AppData\Roaming\Mozilla\Firefox\Profiles\rn34qu2q.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-31]
FF ProfilePath: C:\Users\CDD\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\w9splgl5.default [2019-06-20]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-07-28] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-17] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2018-05-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2018-05-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://pandasecurity.mystart.com/results.php?pr=vmn&id=pandasafeweb&v=1_0_chromeextension_unknown__&searchfeed=web&hsimp=yhs-panda1&ent=ch_ss&q={searchTerms}
CHR DefaultSearchKeyword: Default -> safeWeb
CHR Profile: C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default [2019-06-20]
CHR Extension: (Presentaciones) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-19]
CHR Extension: (Universal Bypass) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-06-12]
CHR Extension: (Documentos) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-19]
CHR Extension: (Google Drive) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-31]
CHR Extension: (YouTube) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-31]
CHR Extension: (Foxtrick) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfbbngccefbbndginomofgpagkjckik [2018-11-14]
CHR Extension: (Adobe Acrobat) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-12]
CHR Extension: (Panda Safe Web) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok [2017-11-19]
CHR Extension: (Lector de Selección (Texto a Voz)) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdffijlhedcdiblbingmagmdnokokgbi [2018-09-12]
CHR Extension: (Hojas de cálculo) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-19]
CHR Extension: (Make it Visible - unBlur Scribd) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggeallcahabcjldebjfmlcjikgdnjfao [2018-05-09]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-04]
CHR Extension: (Unblur Scribd) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipdnchmdifflagbbcdcbgobfedeegbcf [2018-05-09]
CHR Extension: (PictureMate - View tagged FB pics) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2019-05-11]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-02-06]
CHR Extension: (Video DownloadHelper) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2019-06-04]
CHR Extension: (Tus PDF Online) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchieoackcccmehfdooeibhddofbcegh [2018-05-11]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Cortar vídeo) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nodkcjollmmjidmcnhloaoahmciabnai [2018-05-06]
CHR Extension: (Gmail) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\CDD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-04]
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-05-11]
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S4 ABBYY.Licensing.FineReader.Corporate.12.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\12.00\Licensing\CE\NetworkLicenseServer.exe [964848 2015-11-30] (ABBYY Production LLC -> ABBYY Production LLC)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3480768 2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
S3 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [12321360 2018-06-08] (Gramblr -> ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2018-12-18] (Panda Security S.L. -> Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32384 2016-10-03] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2018-02-05] (Even Balance, Inc. -> )
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
S4 PuranDefrag; C:\WINDOWS\SYSTEM32\PuranDefragS.exe [292736 2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737560 2019-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5250712 2018-05-20] (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970240 2018-05-20] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [285696 2019-02-16] (Microsoft Windows -> Microsoft Corporation)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [51224 2016-08-24] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 ALSysIO; C:\Users\CDD\AppData\Local\Temp\ALSysIO64.sys [47240 2019-06-20] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [34704 2016-08-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24424 2016-08-13] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [100752 2016-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31592 2018-04-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [254864 2016-08-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsrAppCharger; C:\WINDOWS\system32\DRIVERS\AsrAppCharger.sys [17192 2011-11-07] (ASROCK Incorporation -> Windows (R) Win 7 DDK provider)
S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2017-08-06] (ASROCK Incorporation -> ASRock Incorporation)
S3 AsrDrv103; C:\WINDOWS\SysWOW64\Drivers\AsrDrv103.sys [34568 2018-12-09] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-09-09] (EldoS Corporation -> /n software, Inc.)
S3 csravrcp; C:\WINDOWS\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\WINDOWS\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\WINDOWS\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\WINDOWS\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\WINDOWS\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\WINDOWS\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-08-01] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-08-01] (Disc Soft Ltd -> Disc Soft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28424 2018-04-27] (Glarysoft LTD -> Glarysoft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2018-01-14] (Martin Malik - REALiX -> REALiX(tm))
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 Neo_VPN; C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [37824 2018-05-20] (SoftEther Corporation -> SoftEther Corporation)
R1 networx; C:\WINDOWS\System32\drivers\networx.sys [72632 2016-10-04] (SOFTPERFECT PTY. LTD. -> NetFilterSDK.com)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [111384 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\WINDOWS\system32\DRIVERS\NNSDNS.sys [104728 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211736 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [124904 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [130536 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [143848 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [95208 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135656 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [344040 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [286184 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123368 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [285672 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [129512 2018-12-14] (Panda Security S.L. -> Panda Security, S.L.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_edcffbdd101bbe5b\nvlddmkm.sys [20726016 2019-02-21] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-01-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [198424 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [160536 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [214104 2018-12-13] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [147224 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159512 2019-01-13] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [128600 2018-12-18] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
S4 RsFx0500; C:\WINDOWS\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [946696 2016-11-21] (Realtek Semiconductor Corp. -> Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SeLow; C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [50624 2018-05-20] (SoftEther Corporation -> SoftEther Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-08-16] (AnchorFree Inc -> Anchorfree Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2016-09-09] (EldoS Corporation -> /n software, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-21] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-10-07] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-21 00:41 - 2019-06-21 00:43 - 000043899 _____ C:\Users\CDD\Desktop\FRST.txt
2019-06-21 00:40 - 2019-06-21 00:41 - 000000000 ____D C:\FRST
2019-06-21 00:37 - 2019-06-21 00:37 - 002418688 _____ (Farbar) C:\Users\CDD\Desktop\FRST64.exe
2019-06-20 07:08 - 2019-06-21 00:38 - 000000000 ____D C:\Users\CDD\Desktop\problema actualización Windows 10
2019-06-20 06:39 - 2019-06-20 06:39 - 001233768 _____ (Apowersoft Ltd. ) C:\Users\CDD\Desktop\apowersoft-online-launcher.exe
2019-06-20 04:52 - 2019-06-20 10:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-20 03:49 - 2019-06-20 03:49 - 000000000 ____D C:\Program Files\UNP
2019-06-17 01:39 - 2019-06-17 01:39 - 000000000 ____D C:\Program Files (x86)\ScanSoft
2019-06-17 01:37 - 2019-06-17 01:37 - 000000986 _____ C:\Users\CDD\Desktop\Balabolka.lnk
2019-06-17 01:37 - 2019-06-17 01:37 - 000000000 ____D C:\Users\CDD\Documents\Balabolka
2019-06-17 01:37 - 2019-06-17 01:37 - 000000000 ____D C:\Users\CDD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka
2019-06-17 01:37 - 2019-06-17 01:37 - 000000000 ____D C:\Users\CDD\AppData\Roaming\Balabolka
2019-06-17 01:37 - 2019-06-17 01:37 - 000000000 ____D C:\Program Files (x86)\Balabolka
2019-06-17 01:28 - 2019-06-17 01:38 - 000000000 ____D C:\Users\CDD\Desktop\Texto a voz
2019-06-16 06:09 - 2019-06-16 06:09 - 000000165 ____H C:\Users\CDD\Desktop\~$FilmAffinitty promedio.xlsx
2019-06-12 00:46 - 2019-06-12 00:46 - 020638704 _____ (Piriform Software Ltd) C:\Users\CDD\Desktop\ccsetup558.exe
2019-06-12 00:32 - 2019-02-13 02:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-04 03:13 - 2019-06-04 03:13 - 000000000 ____D C:\Users\CDD\AppData\Roaming\Hard Disk Sentinel
2019-06-02 06:43 - 2019-06-02 06:43 - 000001076 _____ C:\Users\CDD\Desktop\DiskCheckup.lnk
2019-06-02 06:43 - 2019-06-02 06:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
2019-06-02 06:43 - 2019-06-02 06:43 - 000000000 ____D C:\Program Files (x86)\DiskCheckup
2019-06-01 07:20 - 2019-06-01 07:43 - 322138970 _____ C:\Users\CDD\Downloads\Eva Lina DP DAP - Pornhub.com.mp4
2019-05-31 00:11 - 2019-06-21 00:01 - 000000000 ____D C:\Users\CDD\AppData\Local\BitTorrentHelper
2019-05-29 07:41 - 2019-05-29 07:41 - 002985980 _____ C:\Users\CDD\Desktop\0137.pdf
2019-05-23 09:45 - 2019-05-23 09:45 - 000003584 _____ C:\Users\CDD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-21 00:40 - 2019-04-11 01:17 - 000000000 ____D C:\Users\CDD\AppData\LocalLow\uTorrent
2019-06-21 00:40 - 2017-07-31 07:43 - 000000000 ____D C:\Users\CDD\AppData\Roaming\uTorrent
2019-06-21 00:38 - 2018-05-17 08:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-06-21 00:34 - 2017-07-28 06:21 - 000000000 ____D C:\Users\CDD\AppData\LocalLow\Mozilla
2019-06-21 00:31 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-21 00:00 - 2017-07-28 06:20 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 23:58 - 2017-07-28 05:45 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-20 23:57 - 2018-05-17 08:20 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{078627B3-FE56-4826-8B73-31EFF52542DA}
2019-06-20 23:52 - 2017-07-28 06:02 - 000000000 ____D C:\temp
2019-06-20 10:39 - 2018-05-20 07:06 - 000000000 ____D C:\Program Files\SoftEther VPN Client
2019-06-20 10:37 - 2018-05-17 08:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-20 10:37 - 2017-07-28 06:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-20 10:36 - 2018-04-11 18:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-20 10:22 - 2018-05-17 07:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-20 09:18 - 2017-07-28 06:49 - 000000000 ____D C:\Users\CDD\AppData\Roaming\vlc
2019-06-20 08:33 - 2018-02-03 02:59 - 000000000 ____D C:\Program Files\Puran Defrag
2019-06-20 08:00 - 2018-05-17 02:03 - 000000000 ___DC C:\WINDOWS\Panther
2019-06-20 06:58 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-20 05:21 - 2017-07-28 06:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-20 03:53 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-20 03:45 - 2017-07-28 06:30 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2019-06-18 00:01 - 2017-07-28 05:52 - 000000000 ____D C:\Users\CDD\AppData\Local\CrashDumps
2019-06-17 12:24 - 2018-05-17 08:02 - 000000000 ____D C:\Users\CDD
2019-06-17 01:38 - 2017-07-28 05:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-16 01:47 - 2018-06-04 04:31 - 000001103 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-06-15 08:50 - 2019-04-15 08:57 - 000011541 _____ C:\Users\CDD\Desktop\FilmAffinitty promedio.xlsx
2019-06-15 05:09 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-14 06:26 - 2019-01-29 00:31 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2019-06-14 06:26 - 2019-01-29 00:31 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2019-06-14 06:26 - 2019-01-29 00:31 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2019-06-14 06:26 - 2019-01-29 00:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-06-14 00:57 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-12 01:46 - 2017-07-28 07:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 01:39 - 2017-07-28 07:59 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-12 00:46 - 2019-01-25 00:06 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-12 00:46 - 2018-05-17 08:20 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-12 00:34 - 2019-03-13 05:10 - 000000000 ____D C:\Users\CDD\Documents\Activision
2019-06-05 06:02 - 2019-02-08 00:43 - 000000000 ____D C:\ProgramData\MEGAsync
2019-06-04 05:43 - 2017-11-27 00:35 - 000000000 ____D C:\Users\CDD\Desktop\Nueva carpeta (3)
2019-06-04 05:34 - 2017-07-29 01:27 - 000000000 ___RD C:\Users\CDD\Desktop\MIS ARCHIVOS (SINCRO MEGA)
2019-06-04 05:30 - 2017-07-28 05:46 - 000000000 ____D C:\Users\CDD\AppData\Local\NVIDIA
2019-06-04 04:40 - 2019-03-31 10:52 - 000000000 ____D C:\Users\CDD\Desktop\PANDA
2019-06-03 09:47 - 2019-01-23 01:50 - 000000000 ____D C:\Users\SQLTELEMETRY$SQLEXPRESS
2019-06-03 09:47 - 2019-01-23 01:49 - 000000000 ____D C:\Users\MSSQL$SQLEXPRESS
2019-06-02 04:44 - 2019-04-01 02:43 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-02 04:43 - 2019-05-12 05:32 - 000002922 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2952037624-2585293238-3401107817-1001
2019-06-02 04:43 - 2018-05-17 08:20 - 000003544 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-02 04:43 - 2018-05-17 08:20 - 000003320 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-01 02:24 - 2018-05-29 02:25 - 000000000 ____D C:\Users\CDD\AppData\Local\Deployment
2019-05-31 01:35 - 2017-08-06 03:32 - 000000989 _____ C:\Users\CDD\Desktop\Core Temp.lnk
2019-05-31 01:35 - 2017-07-28 06:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2019-05-31 01:35 - 2017-07-28 06:35 - 000000000 ____D C:\Program Files\Core Temp
2019-05-30 22:57 - 2018-07-13 01:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-30 22:57 - 2018-07-13 01:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-28 02:47 - 2017-07-29 08:50 - 000007668 _____ C:\Users\CDD\AppData\Local\Resmon.ResmonCfg
2019-05-27 08:03 - 2019-01-28 00:06 - 000001599 _____ C:\Users\CDD\Desktop\Gmail libros.txt
2019-05-25 01:22 - 2018-09-15 14:41 - 000000000 ___HD C:\$WINDOWS.~BT
2019-05-23 04:50 - 2018-08-13 23:15 - 000002361 _____ C:\Users\CDD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-23 04:50 - 2017-07-28 05:24 - 000000000 ___RD C:\Users\CDD\OneDrive

==================== Files in the root of some directories ================

2018-12-20 23:44 - 2018-12-20 23:45 - 007895040 _____ () C:\Program Files (x86)\GUTBAA2.tmp
2019-05-23 09:45 - 2019-05-23 09:45 - 000003584 _____ () C:\Users\CDD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-02 03:00 - 2017-08-02 03:00 - 000000001 _____ () C:\Users\CDD\AppData\Local\llftool.4.30.agreement
2017-08-02 02:58 - 2017-08-02 02:58 - 000000001 _____ () C:\Users\CDD\AppData\Local\llftool.4.40.agreement
2017-08-02 03:00 - 2017-08-02 03:00 - 000000019 _____ () C:\Users\CDD\AppData\Local\llftool.license
2017-12-20 02:40 - 2017-12-20 02:40 - 000000886 _____ () C:\Users\CDD\AppData\Local\recently-used.xbel
2017-07-29 08:50 - 2019-05-28 02:47 - 000007668 _____ () C:\Users\CDD\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2017-07-28 05:21 C:\WINDOWS\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-06-2019
Ran by CDD (21-06-2019 00:44:13)
Running from C:\Users\CDD\Desktop
Windows 10 Enterprise Version 1803 17134.648 (X64) (2018-05-17 11:21:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2952037624-2585293238-3401107817-500 - Administrator - Disabled)
CDD (S-1-5-21-2952037624-2585293238-3401107817-1001 - Administrator - Enabled) => C:\Users\CDD
DefaultAccount (S-1-5-21-2952037624-2585293238-3401107817-503 - Limited - Disabled)
Invitado (S-1-5-21-2952037624-2585293238-3401107817-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2952037624-2585293238-3401107817-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
ABBYY FineReader 12 Corporate (HKLM-x32\...\{F12000CE-0001-0000-0000-074957833700}) (Version: 12.1.609 - ABBYY Production LLC)
Actualización de NVIDIA 35.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 35.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.03 - Adobe Systems)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme v5.95 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.95 - FinalWire Ltd.)
AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AO International Tennis - ElAmigos versión 1.0.1631 (HKLM-x32\...\{B508E849-59DE-4606-9D78-99F1F42841CC}_is1) (Version: 1.0.1631 - Big Ant Studios)
Apowersoft Online Launcher version 1.7.5 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.5 - APOWERSOFT LIMITED)
APP Shop v1.0.31 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.31 - ASRock Inc.)
Argente Utilities 1.0.7.0 (HKLM-x32\...\Argente Utilities_is1) (Version: 1.0.7.0 - Raúl Argente)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
Assassin's Creed Brotherhood versión 1.03 (HKLM-x32\...\{D785301A-D163-4288-9BCB-D795579C318D}_is1) (Version: 1.03 - UBISoft)
Assassins Creed Origins Gold Edition MULTi15 - ElAmigos versión 1.21 (HKLM-x32\...\{5DBEFC11-6A76-404A-AA09-88B65FEEB2D4}_is1) (Version: 1.21 - Ubisoft)
A-Tuning v3.0.241 (HKLM-x32\...\A-Tuning_is1) (Version: 3.0.241 - ASRock Inc.)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 8.0.1.0 - Auslogics Labs Pty Ltd)
AutoMetadata (HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\d7bb04ec04539e56) (Version: 1.0.0.20 - EverMap)
Backup and Sync from Google (HKLM\...\{6E936AE8-D841-4F3C-BE25-496231AF73D9}) (Version: 3.44.4943.6228 - Google, Inc.)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.15.0.703 - Ilya Morozov)
Batman Arkham Knight Complete Edition MULTi8 - ElAmigos versión 1.6.2.0 (HKLM-x32\...\{B629A764-AA08-4BC3-8F31-6C83DB185BD4}_is1) (Version: 1.6.2.0 - Warner Bros. Interactive Entertainment)
Bus Simulator 16 (HKLM\...\YnVzc2ltdWxhdG9yMTY_is1) (Version: 1 - )
calibre 64bit (HKLM\...\{7CA53963-20B2-4EF3-B166-C26852019564}) (Version: 3.30.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version:  - Cheat Engine)
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
CPUID CPU-Z 1.80 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.7.0.0336 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DIR2HTML (remove only) (HKLM-x32\...\DIR2HTML) (Version:  - )
DiskCheckup v3.4 (HKLM-x32\...\DiskCheckup_is1) (Version: 3.4.1003 - PassMark Software)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.17 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.24+4.7c - DjVuZone)
EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies)
eMule (HKLM-x32\...\eMule) (Version:  - )
Fallout 4 MULTi8 - ElAmigos versión 1.10.114 (HKLM-x32\...\{56CEC358-CB9B-4FC3-9ADD-E8C152257F88}_is1) (Version: 1.10.114 - Bethesda Softworks)
FILEminimizer Suite (HKLM-x32\...\FILEminimizer Suite_is1) (Version:  - balesio AG)
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: 2.2.1.1119 - Foxit Corporation)
Free PDF Metadata Editor (remove only) (HKLM\...\Free PDF Metadata Editor) (Version:  - )
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Glary Utilities 5.96 (HKLM-x32\...\Glary Utilities 5) (Version: 5.96.0.118 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.139 - Gramblr Team)
Grand Theft Auto V MULTi12 - ElAmigos versión 1.41 build 1180.1 (HKLM-x32\...\{4959470E-EDAC-4710-A636-276D79A81B94}_is1) (Version: 1.41 build 1180.1 - Rockstar Games)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
HL-2240 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
HWiNFO64 Version 5.70 (HKLM\...\HWiNFO64_is1) (Version: 5.70 - Martin Malík - REALiX)
Icecream Ebook Reader versión 5.07 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.07 - Icecream Apps)
Infinity (HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\Infinity) (Version: 4.0.7 - WeMod)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lowvel Formatter (HKLM\...\{A1DF8D4D-1782-4566-AA29-8BFF5391719C}_is1) (Version:  - Recovridis Ltd)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Machete 4.2 (HKLM-x32\...\{1799612D-556F-4D26-ABB3-3ED6BB98ECE1}) (Version: 4.2.11 - MacheteSoft)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0C0A-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{449EFED6-5F86-4428-8EB2-3DA1F6E67CE4}) (Version: 1.20.146.0 - Microsoft)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Mozilla Firefox 67.0.3 (x64 es-AR) (HKLM\...\Mozilla Firefox 67.0.3 (x64 es-AR)) (Version: 67.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
Mp3tag v2.85 (HKLM-x32\...\Mp3tag) (Version: 2.85 - Florian Heidenreich)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NetWorx 5.5.5 (HKLM\...\NetWorx_is1) (Version:  - Softperfect)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.3.7 - Duodian Technology Co. Ltd.)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.13 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 419.17 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 419.17 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenIV (HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\OpenIV) (Version: 2.9.2.932 - .black/OpenIV Team)
OpenVPN 2.3.12-I602  (HKLM-x32\...\OpenVPN) (Version: 2.3.12-I602 - )
Pale Moon 27.3.0 (x64 en-US) (HKLM\...\Pale Moon 27.3.0 (x64 en-US)) (Version: 27.3.0 - Moonchild Productions)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.10 - Panda Security)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{DB5AA2A4-F953-46D0-A654-D1F2F70623B4}) (Version: 10.07.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.07.00.0000 - Panda Security)
Panda Safe Web (HKLM-x32\...\pandasecuritytb) (Version: 4.3.1.25 - Panda Security and Visicom Media Inc.)
Panel de control de NVIDIA 419.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.17 - NVIDIA Corporation) Hidden
Passware Kit Forensic 12.5 (HKLM-x32\...\{4C22BF4D-D230-46FA-80C4-D4D9B9CA8936}) (Version: 12.5.6875 - Passware)
PDF Password Remover v3.1 (HKLM-x32\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
Pro Evolution Soccer 2019 (HKLM-x32\...\{879B9B7F-6AAF-4686-A7FC-E937EE6BE37B}_is1) (Version:  - KONAMI)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Puran Defrag 7.7.1 (HKLM\...\Puran Defrag_is1) (Version:  - Puran Software)
Railway Empire MULTi6 - ElAmigos versión 1.0 (HKLM-x32\...\{35255169-99C9-495C-86B3-963AFA6EE72B}_is1) (Version: 1.0 - Kalypso Media Digital)
RealSpeak Solo para Castellano, Isabel (HKLM-x32\...\{3D263D43-FFA4-4B03-9663-6868AABC1AFC}) (Version: 4.00.0000 - ScanSoft)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.2.0 (HKLM-x32\...\RTSS) (Version: 7.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Sleeping Dogs Definitive Edition MULTi7 - ElAmigos versión 1.0 u1 (HKLM-x32\...\{A10CCF5B-48C4-4706-8DE3-5228927F3C78}_is1) (Version: 1.0 u1 - Square Enix)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.27.9666 - SoftEther VPN Project)
South Park The Fractured But Whole MULTi9 - ElAmigos versión 1.0 (HKLM-x32\...\{20B35921-1CC1-41AF-BEDC-92F6006DB5A4}_is1) (Version: 1.0 - Ubisoft)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
State of Decay 2 MULTi7 - ElAmigos versión 2.0 (HKLM-x32\...\{328B8269-6FA0-4288-ADED-6FA595C21C8D}_is1) (Version: 2.0 - Microsoft Studios)
Subtítulos 1.0 (HKLM-x32\...\{2554072E-4483-4659-94AF-F70D3075663F}_is1) (Version: 1.0 - Subtítulos Español)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1258 - SUPERAntiSpyware.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Technitium MAC Address Changer v6.0 (HKLM-x32\...\TMACv6.0) (Version: 6.0 - Technitium)
The Witcher 3 Wild Hunt MULTi13 - ElAmigos versión 1.31 (HKLM-x32\...\{BF679CAD-FE6D-4CBE-9E99-D7193809207A}_is1) (Version: 1.31 - CD PROJEKT RED)
This War of Mine MULTi8 - ElAmigos versión 4.0.0 (HKLM-x32\...\{FBEBA84A-2B23-4A74-A9F7-58640363BC02}_is1) (Version: 4.0.0 - 11 bit studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
VSO Image Resizer 4.0.2.5 (HKLM-x32\...\{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1) (Version: 4.0.2.5 - VSO-Software)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
6tin -> C:\Program Files\WindowsApps\18966RudyHuyn.6tin_3.9.2.0_x64__d4rfaqrt0cqt8 [2019-02-02] (Rudy Huyn) [MS Ad]
Adobe Photoshop Express: Editor de imágenes, Ajustes, Filtros, Efectos, Bordes -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x64__ynb6jyjzte8ga [2019-05-25] (Adobe Inc.)
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_4.2.1.0_x86__0pp20fcewvvtj [2019-06-06] (GAMELOFT  SA)
Block Pile -> C:\Program Files\WindowsApps\42090.BlockPile_1.2.0.23_x64__1wqcrzp2thk7g [2017-12-20] (EfmSoft) [MS Ad]
Code Writer -> C:\Program Files\WindowsApps\ActiproSoftwareLLC.562882FEEB491_3.3.29.0_x64__24pqs290vpjk0 [2019-03-23] (Actipro Software LLC)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-31] (Microsoft Corporation) [MS Ad]
Eclipse Manager -> C:\Program Files\WindowsApps\46928bounde.EclipseManager_3.2.18.0_x64__a5h4egax66k6y [2018-05-24] (Ounce Digital)
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2018-08-15] (Microsoft Corporation)
Escritorio remoto de Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-05-22] (Microsoft Corporation)
Forza Motorsport 6: Apex -> C:\Program Files\WindowsApps\Microsoft.ApexPG_2.8.18.1000_x64__8wekyb3d8bbwe [2018-04-07] (Microsoft Studios)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_4.31.1.0_x64__ypmq2qh89vmny [2019-03-29] (Turnipsoft) [MS Ad]
GT Racing 2: The Real Car Experience -> C:\Program Files\WindowsApps\GAMELOFTSA.GTRacing2TheRealCarExperience_1.2.4.14_x86__0pp20fcewvvtj [2018-07-18] (GAMELOFT  SA)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2018-09-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Band -> C:\Program Files\WindowsApps\Microsoft.MSKAPP_2.3.31002.0_x86__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
Mini Golf Club -> C:\Program Files\WindowsApps\2724ZOLTNGUBICS.MINIGOLFCLUB_2.16.5.0_x86__d5xggy273m32g [2019-05-19] (Zoltán Gubics) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2017-07-28] (Microsoft Research)
Pic Collage -> C:\Program Files\WindowsApps\CARDINALBLUE.PICCOLLAGE_2.0.30.0_x64__nyvb5jmhdxy8g [2018-09-18] (Cardinal Blue Software)
Power BI Mobile -> C:\Program Files\WindowsApps\Microsoft.MicrosoftPowerBIForWindows_3219.30603.2042.0_x64__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation)
Simple Radio FM - Listen Live to Online Radio, Music and Talk Stations -> C:\Program Files\WindowsApps\29730Infoside.SimpleRadioFM-ListenLivetoOnlineRadi_1.1.14.0_x64__2zqc40yp5bxm4 [2018-11-20] (Infoside) [MS Ad]
State of Decay 2 -> G:\JUEGOS\Instalados\State of Decay 2\AppFiles [2018-07-08] (Microsoft Studios)
Steam Tile -> C:\Program Files\WindowsApps\43266Element26Software.SteamTile_1.1.2.0_x64__2vng2mrd8a7zg [2018-04-20] (Element26 Software)
World of Tanks Blitz -> C:\Program Files\WindowsApps\7458BE2C.WorldofTanksBlitz_6.0.295.0_x64__x4tje2y229k00 [2019-06-12] (Wargaming Group Limited)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{1227D881-FFDC-4337-BED8-9E273A75374C} -> [biblio1 (A-C)] => G:\TXT\biblio1 (A-C) [2017-03-10 00:45]
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{6ADE1AC3-984A-4542-923E-C97347AD4913} -> [Fallout4] => C:\Users\CDD\Documents\My Games\Fallout4 [2019-01-20 10:04]
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{738E7506-C52B-E3E4-34A7-F4A01CEEF4BE}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{A42CE420-C9AF-4862-9D9D-EFE9466AA9CA} -> [MIS ARCHIVOS (SINCRO MEGA)] => C:\Users\CDD\Desktop\MIS ARCHIVOS (SINCRO MEGA) [2017-07-29 01:27]
CustomCLSID: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001_Classes\CLSID\{E2B4EFD3-AD7F-4679-87DB-4BC9E3EF7D90} -> [KONAMI] => C:\Users\CDD\Documents\KONAMI [2017-08-05 07:11]
SSODL: EldosMountNotificator-cbfs6 - {88F87248-87DF-46E3-A56A-211F4065BD89} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
SSODL-x32: EldosMountNotificator-cbfs6 - {88F87248-87DF-46E3-A56A-211F4065BD89} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects: Virtual Storage Mount Notification -> {88F87248-87DF-46E3-A56A-211F4065BD89} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {88F87248-87DF-46E3-A56A-211F4065BD89} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-05-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-05-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-05-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {E0DD298A-371C-460D-A100-8515F2D046F6} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {E0DD298A-371C-460D-A100-8515F2D046F6} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-09] (EldoS Corporation -> /n software, Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [Balabolka] -> {6CB83A5A-AA68-4895-9F54-175E789AE149} => C:\Program Files (x86)\Balabolka\BFileExt.dll [2019-02-08] (Ilya Morozov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-01-20] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-05-22] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-01-09] (Disc Soft Ltd -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-05-22] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2016-01-20] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PdfPropertiesChanger] -> {2B4E075F-4A59-4bbf-8B7D-C7A578DAE66B} => C:\Windows\system32\FreePDFMetadataEditorShellExt.dll [2014-02-26] (4dots Software) [File not signed]
ContextMenuHandlers6: [PuranDefrag] -> {E23C9C4A-0F55-40e2-A47F-93DCB54DF04D} => C:\WINDOWS\system32\PuranDefrag.dll [2013-08-15] (Vishal Gupta -> Puran Software) [File not signed]
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-04-07 11:31 - 2014-04-07 11:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2017-08-28 00:58 - 2017-05-19 18:18 - 000088576 _____ () [File not signed] C:\Program Files (x86)\Subtitulos-1.0\SubtitulosContextMenu.dll
2017-07-28 06:15 - 2016-12-04 15:04 - 000830464 _____ () [File not signed] C:\Program Files\NetWorx\sqlite.dll
2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2017-10-25 05:42 - 2017-10-25 05:42 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2019-02-08 21:28 - 2019-02-08 21:28 - 000370176 _____ (Ilya Morozov) [File not signed] C:\Program Files (x86)\Balabolka\BFileExt.dll
2018-05-17 08:04 - 2018-05-17 08:04 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2019-01-10 02:45 - 2011-09-02 16:06 - 000065657 _____ (Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
2018-05-20 07:06 - 2018-05-20 07:06 - 005207040 _____ (University of Tsukuba) [File not signed] C:\Program Files\SoftEther VPN Client\VpnGatePlugin_x64.dll
2018-02-03 02:59 - 2013-08-15 16:39 - 000256896 _____ (Vishal Gupta -> Puran Software) [File not signed] C:\WINDOWS\system32\PuranDefrag.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [175]
AlternateDataStreams: C:\ProgramData\TEMP:960C67A0 [129]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\1001movie.com -> 1001movie.com

There are 7519 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 18:03 - 2018-06-01 09:09 - 000001188 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.0 anchorfree.net
0.0.0.0 rss2search.com
0.0.0.0 techbrowsing.com
0.0.0.0 box.anchorfree.net
0.0.0.0 www.mefeedia.com
0.0.0.0 www.anchorfree.net
0.0.0.0 www.mefeedia.com
0.0.0.0 anchorfree.us
0.0.0.0 a433.com
0.0.0.0 anchorfree.net
0.0.0.0 rpt.anchorfree.net
0.0.0.0 delivery.anchorfree.us/land.php
0.0.0.0 hsselite.com
0.0.0.0 www.hsselite.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\OpenVPN\bin;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Calibre2\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: !SASCORE => 2
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "PWRISOVM.EXE"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Bonus.SSR.FR12"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\StartupFolder: => "Recorte de pantalla y Selector de OneNote 2010.lnk"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "OfficeSyncProcess"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2952037624-2585293238-3401107817-1001\...\StartupApproved\Run: => "GoogleDriveSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2E963CF5-B7CF-46B9-848A-6A0263585578}] => (Allow) G:\JUEGOS\Instalados\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{4B683BBE-BCAC-4C88-B032-1E2864344EB1}] => (Allow) G:\JUEGOS\Instalados\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{79619F7E-5870-4268-A193-96EE03AB2461}G:\juegos\instalados\railway empire\railwayempire.exe] => (Block) G:\juegos\instalados\railway empire\railwayempire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)
FirewallRules: [TCP Query User{FEC22C87-3290-49A5-A4FB-2388A2734EFB}G:\juegos\instalados\railway empire\railwayempire.exe] => (Block) G:\juegos\instalados\railway empire\railwayempire.exe (Kalypso Media Group -> Gaming Minds Studios GmbH)
FirewallRules: [{8BA4FC29-DF6F-44F9-B544-7F27D8052C83}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> ) [File not signed]
FirewallRules: [{07E96273-638F-439A-BF0D-288BCFCCE63B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Massive -> ) [File not signed]
FirewallRules: [{03C6ECA2-4429-460A-A092-18871A8B8EF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{060D0146-EEA4-4C70-9014-F149798D77F5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{3605E789-6A4D-4048-ADA4-D82E682E3C36}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{805FAF68-78FB-40E9-BC31-F04D952D5C46}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [UDP Query User{2D2668E7-0E2A-43A5-BE56-3E4D5ABBB1AF}G:\juegos\instalados\assassin's creed brotherhood\acbsp.exe] => (Block) G:\juegos\instalados\assassin's creed brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> ) [File not signed]
FirewallRules: [TCP Query User{EF140996-4A0F-41CF-8053-65466C0C2E37}G:\juegos\instalados\assassin's creed brotherhood\acbsp.exe] => (Block) G:\juegos\instalados\assassin's creed brotherhood\acbsp.exe (UBISOFT ENTERTAINMENT INC. -> ) [File not signed]
FirewallRules: [{AFBA2A50-BD03-49AD-A6A0-9588B9D4F52E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Disc Soft Ltd -> Disc Soft Ltd)
FirewallRules: [TCP Query User{6A464F98-5283-49CB-935D-4AC82ED5CAA4}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B0DDBE24-2805-405F-B5C6-221A1100B858}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80509E4B-675E-4905-AC13-A1B372FCAE06}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{072BFD3C-023F-43B9-9B54-CBA53C3EFF72}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{89595F02-9C09-402E-B08C-B8EE35A8D822}] => (Allow) C:\Program Files\NetWorx\networx.exe (SOFTPERFECT PTY. LTD. -> SoftPerfect)
FirewallRules: [{00A62217-645F-45A6-BDF2-89113E10759E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F0D1D414-E6CF-45FA-A7AE-716A1A7E1342}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{977F7999-42E5-4E00-9EB7-1FBF76ED4C66}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe (Visicom Media Inc. -> Visicom Media Inc)
FirewallRules: [{06777738-4411-4C7D-A28E-893011811F4E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe (Visicom Media Inc. -> Visicom Media Inc)
FirewallRules: [{581A0F86-6E3B-400C-8D67-3E6F0C236A1A}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe (Visicom Media Inc. -> Visicom Media Inc.)
FirewallRules: [{9E9A71B7-A094-413C-95B4-EFEE0C89B494}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe (Visicom Media Inc. -> Visicom Media Inc.)
FirewallRules: [TCP Query User{FE1550A8-EDFD-4A8F-8BC8-ADB8BA23255E}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [UDP Query User{7E7F8777-93CA-4A68-9D72-1B0DA36FD7F5}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [{E7AF9D22-11B7-4699-84F4-942B26246688}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C136396F-3DD8-4860-A57E-CC2CC8B9F304}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{1B61A199-F827-446F-9730-01EAB9BCD550}] => (Allow) LPort=10777
FirewallRules: [{8CD907AC-4FA0-48E4-8876-0BEE978C1119}] => (Allow) LPort=11555
FirewallRules: [{8A7F9FB1-488B-4CB9-8649-0BDEB568A26F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B962318-66E8-45F1-B791-53E93D78418C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FE7A2091-5BE7-45F6-B4F7-03BCFF8A4211}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C1F29A0-C51F-49B0-AFBC-9D307FA7AA35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8047D75B-2215-43AD-A5F3-EB6CE1E7F526}] => (Allow) C:\Users\CDD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{CAF6BAC7-C924-40EF-A83B-4B69590642E0}] => (Allow) C:\Users\CDD\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{011135F8-1691-4532-8572-3898D3C796E4}F:\emule (morphxt)\emuleportable\app\emulemorphxt\emule.exe] => (Allow) F:\emule (morphxt)\emuleportable\app\emulemorphxt\emule.exe (hxxp://emulemorph.sourceforge.net) [File not signed]
FirewallRules: [UDP Query User{113FB218-477F-4179-8AB0-85350DE6FBF6}F:\emule (morphxt)\emuleportable\app\emulemorphxt\emule.exe] => (Allow) F:\emule (morphxt)\emuleportable\app\emulemorphxt\emule.exe (hxxp://emulemorph.sourceforge.net) [File not signed]
FirewallRules: [TCP Query User{8CCC26DD-C09E-403D-9479-96D0D824C1A3}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{92D40298-B7D2-484E-8879-E0695C986A74}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [TCP Query User{5A1D225E-6DDE-48BA-A88A-A9BFE8D2F4D3}G:\juegos\instalados\train simulator 2017 pioneers edition\railworks.exe] => (Block) G:\juegos\instalados\train simulator 2017 pioneers edition\railworks.exe () [File not signed]
FirewallRules: [UDP Query User{6A995093-139F-4267-97FE-6C69D5B76C75}G:\juegos\instalados\train simulator 2017 pioneers edition\railworks.exe] => (Block) G:\juegos\instalados\train simulator 2017 pioneers edition\railworks.exe () [File not signed]
FirewallRules: [{4C725119-8AF5-4D80-9FFE-70B8D568B5B8}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{45E1F0EA-0E67-4BC9-B778-5EE4BF6B3CAF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{388C57BB-D499-48D6-AAD7-B9EDAB55F8FC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{ED9FE329-BB19-4EDF-AD78-418C56069EEB}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{163EB585-A8AE-4F4C-BDB8-AAD1AA41363A}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [{7B52CEA1-A5BC-44A4-94ED-8B316BD35856}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe (SoftEther Corporation -> SoftEther VPN Project at University of Tsukuba, Japan.)
FirewallRules: [TCP Query User{9B1461C0-336B-4AB4-8460-5454183C3598}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [UDP Query User{721E36AD-580C-46B3-8BAD-2D5137E14864}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe
FirewallRules: [TCP Query User{468258F3-4E25-48D0-B6AD-1DA0402C21F0}C:\programdata\oracle\java\javapath_target_266171390\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_266171390\javaw.exe
FirewallRules: [UDP Query User{B1D79223-6DCC-4715-8904-A242EAB6856C}C:\programdata\oracle\java\javapath_target_266171390\javaw.exe] => (Allow) C:\programdata\oracle\java\javapath_target_266171390\javaw.exe
FirewallRules: [{D28F7A38-CFA3-4E7A-990F-5A861E412772}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7B64DC06-1700-4B7F-8E2B-520BBFB78200}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe (Microsoft Windows -> )
FirewallRules: [TCP Query User{C9B1F5C8-9B8E-4F77-81E6-B27FEB2EC712}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B4B33E6D-8609-4D4D-A2F8-C265E1F08395}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A6C3A879-23FC-4EAC-BA07-222214FAD39A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9E718AD8-80C6-4BC3-AFB7-B52DE3DB5677}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{63CC33D4-69BE-4CA2-B3EA-7A3CF940D8E8}] => (Allow) C:\Users\CDD\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{4E43D56C-8409-4109-89D6-DF9FD09B47D8}] => (Allow) C:\Users\CDD\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6479916D-F17D-4702-8F52-ACA5AD2E039C}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> Duodian Technology Co. Ltd.)
FirewallRules: [{51487D4B-D70A-46B4-BB98-6728677AD535}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
FirewallRules: [TCP Query User{183CAF97-400F-445F-8E57-325C7B320485}G:\juegos\instalados\ao international tennis\tennis.exe] => (Block) G:\juegos\instalados\ao international tennis\tennis.exe () [File not signed]
FirewallRules: [UDP Query User{C244A26B-8879-4062-884E-8405BB7B30F3}G:\juegos\instalados\ao international tennis\tennis.exe] => (Block) G:\juegos\instalados\ao international tennis\tennis.exe () [File not signed]
FirewallRules: [{A0E6554D-9F4B-4A20-A2C0-1A6D8C7C1BC5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C44A0D11-7B24-4E5F-867D-097CFAA7F109}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{5D012A07-3F97-4B9C-B21B-D53A380A4953}G:\juegos\instalados\fallout 4\creationkit.exe] => (Block) G:\juegos\instalados\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [UDP Query User{713C6689-989C-4EB8-A434-C43DB78A685F}G:\juegos\instalados\fallout 4\creationkit.exe] => (Block) G:\juegos\instalados\fallout 4\creationkit.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{0F6208C5-DD65-4219-813A-52271934CD3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5E5B489F-83A7-4642-A0D5-65DEF2E7113E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{08D94B3A-E03A-4B57-91A3-F45D5B07AC3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E38E368-81DD-499B-8CD2-8AB6F4A0179C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{6E3B8C2F-42D3-42A7-8C0A-7FCA64D3644F}C:\users\cdd\desktop\panda\ultra surf\ultrasurf by www.programaspc.org\ultrasurf_pro.exe] => (Allow) C:\users\cdd\desktop\panda\ultra surf\ultrasurf by www.programaspc.org\ultrasurf_pro.exe (Ultrareach Internet Corp. -> )
FirewallRules: [UDP Query User{437D0695-EB28-4155-BC37-0EA90C37BB5A}C:\users\cdd\desktop\panda\ultra surf\ultrasurf by www.programaspc.org\ultrasurf_pro.exe] => (Allow) C:\users\cdd\desktop\panda\ultra surf\ultrasurf by www.programaspc.org\ultrasurf_pro.exe (Ultrareach Internet Corp. -> )
FirewallRules: [{C5AF382D-3D22-4AFB-AB42-4E0162D33619}] => (Allow) C:\Users\CDD\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{17E01F24-06E6-40A5-8128-971EB7619CEF}] => (Allow) C:\Users\CDD\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{917EA413-F271-4483-9465-65A1632D5017}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

20-06-2019 10:46:43 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/20/2019 11:56:58 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (06/20/2019 11:56:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/20/2019 11:56:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (06/20/2019 10:41:02 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/20/2019 10:41:02 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/20/2019 03:51:08 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (06/20/2019 03:51:08 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/20/2019 03:51:06 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent


System errors:
=============
Error: (06/20/2019 11:57:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Error de instalación: error de Windows al instalar la siguiente actualización, error 0x80070002: Actualización de características a Windows 10, versión 1809 amd64 2019-03.

Error: (06/20/2019 11:56:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5ROB5F9)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-5ROB5F9\CDD con SID (S-1-5-21-2952037624-2585293238-3401107817-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/20/2019 11:56:45 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5ROB5F9)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario DESKTOP-5ROB5F9\CDD con SID (S-1-5-21-2952037624-2585293238-3401107817-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/20/2019 10:48:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/20/2019 10:48:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/20/2019 10:48:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/20/2019 10:48:34 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (06/20/2019 10:39:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio SQLTELEMETRY$SQLEXPRESS no pudo iniciarse debido al siguiente error: 
El servicio no respondió a tiempo a la solicitud de inicio o de control.


Windows Defender:
===================================
Date: 2019-03-31 10:39:01.240
Description: 
El examen de Antivirus de Windows Defender se detuvo antes de completarse.
Id. de examen: {5B392ABE-C384-4067-9402-8CB563470FB4}
Tipo de examen: Antimalware
Parámetros de examen: Examen rápido
Usuario: NT AUTHORITY\SYSTEM

Date: 2019-03-31 10:20:03.221
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0
Nombre: Trojan:Win32/Zpevdo.A
Id.: 2147727143
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Panda Security\Panda Security Protection\Perdidos\server.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-5ROB5F9\CDD
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de firma: AV: 1.291.819.0, AS: 1.291.819.0, NIS: 1.291.819.0
Versión de motor: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-03-31 10:19:22.757
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0
Nombre: Trojan:Win32/Zpevdo.A
Id.: 2147727143
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Panda Security\Panda Security Protection\Perdidos\server.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-5ROB5F9\CDD
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de firma: AV: 1.291.819.0, AS: 1.291.819.0, NIS: 1.291.819.0
Versión de motor: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-03-31 10:18:28.496
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Zpevdo.A&threatid=2147727143&enterprise=0
Nombre: Trojan:Win32/Zpevdo.A
Id.: 2147727143
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Panda Security\Panda Security Protection\Perdidos\server.dll
Origen de detección: Equipo local
Tipo de detección: FastPath
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-5ROB5F9\CDD
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de firma: AV: 1.291.819.0, AS: 1.291.819.0, NIS: 1.291.819.0
Versión de motor: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-03-31 10:18:25.511
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/CryptInject&threatid=2147725859&enterprise=0
Nombre: Trojan:Win32/CryptInject
Id.: 2147725859
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: file:_C:\Program Files (x86)\Panda Security\Panda Security Protection\Perdidos\fix.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: DESKTOP-5ROB5F9\CDD
Nombre de proceso: C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe
Versión de firma: AV: 1.291.819.0, AS: 1.291.819.0, NIS: 1.291.819.0
Versión de motor: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-03-30 03:23:30.424
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.1261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

Date: 2019-03-30 03:23:30.423
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.1261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

Date: 2019-03-30 03:23:30.423
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.273.1261.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 1.1.15100.1
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

Date: 2019-03-30 03:23:26.017
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 
Origen de actualización: Usuario
Tipo de firma: 
Tipo de actualización: 
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

Date: 2019-03-30 03:23:26.015
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 
Origen de actualización: Usuario
Tipo de firma: 
Tipo de actualización: 
Usuario: NT AUTHORITY\NETWORK SERVICE
Versión de motor actual: 
Versión de motor anterior: 
Código de error: 0x80070652
Descripción del error: Existe otra instalación en curso. Complete dicha instalación antes de continuar con ésta. 

CodeIntegrity:
===================================

Date: 2018-07-02 20:19:36.009
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume8\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. P1.00 03/03/2017
Motherboard: ASRock AB350M Pro4
Processor: AMD Ryzen 5 1600 Six-Core Processor 
Percentage of memory in use: 26%
Total physical RAM: 16336.85 MB
Available physical RAM: 11978.98 MB
Total Virtual: 32720.85 MB
Available Virtual: 26313.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.58 GB) (Free:34.17 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (NUEVO ITUZA I) (Fixed) (Total:655.36 GB) (Free:303.95 GB) NTFS
Drive e: (NUEVO ITUZA II) (Fixed) (Total:1024 GB) (Free:102.37 GB) NTFS
Drive f: (NUEVO ITUZA III) (Fixed) (Total:1024 GB) (Free:237.35 GB) NTFS
Drive g: (NUEVO ITUZA IV) (Fixed) (Total:1022.66 GB) (Free:161.97 GB) NTFS
Drive h: (VIEJO ITUZA I) (Fixed) (Total:601 GB) (Free:245.43 GB) NTFS
Drive i: (VIEJO ITUZA II) (Fixed) (Total:601 GB) (Free:210.68 GB) NTFS
Drive j: (VIEJO ITUZA III) (Fixed) (Total:661.01 GB) (Free:114.15 GB) NTFS

\\?\Volume{4f6c4f6b-0000-0000-0000-202525000000}\ () (Fixed) (Total:0.46 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 3726 GB) (Disk ID: 6C7B6C7B)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 02895863)
Partition 1: (Not Active) - (Size=601 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=601 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=661 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 4F6C4F6B)
Partition 1: (Active) - (Size=148.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=471 MB) - (Type=27)

==================== End of Addition.txt ============================

Hola @helter_1983

Una consulta…mientras reviso toda la información, que version de Sandboxie tuviste instalada…??

Hola, la verdad no recuerdo la versión exacta, fue como hace un año más o menos que instalé el programa. Gracias.

Hola @helter_1983

SI tenias una version anterior a la v5.27.1 y superior a la v5.10, éstas NO son compatibles con la actualizacion a W10 v1809 o superiores, así se indica en la pagina oficial :

Algo debe quedar en tu sistema relativo a la version anterior que tuviste(aunque en los informes NO veo nada ) podrías probar a realizar una instalación de la ultima version de Sandboxie https://www.sandboxie.com/DownloadSandboxie

Con ello se debería sobreescribir los restos de la antigua :

Y después de instalar y REINICIAR el equipo pruebas de nuevo la actualizacion de W10 v1809.

Y nos comentas resultados.

Saludos.

Hola. He seguido tal cual los pasos que decís y nada, me vuelven a salir exactamente los mismos mensajes que antes: le doy a “Desinstalar y continuar” y de inmediato me aparece el siguiente mensaje. Pruebo desinstalando el Sandboxie (tal como lo hice la primera vez), pruebo actualizar nuevamente y el proceso se repite. Al momento de instalar la última versión de Sandboxie no me salió en ningún momento que existiera una versión previa para sobrescribir. Gracias.

problema actualizar windows 10 (2).jpg798×515 37.9 KB

problema actualizar windows 10 (3).jpg800×527 46.4 KB

Bien… pues veamos si encontramos algún proceso o resto de ese programa por algún “rincón” escondido.

Descarga SystemLook en tu escritorio SystemLook_x64.

Hacer doble clic al archivo SystemLook.exe para ejecutarlo.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas Ejecutar como Administrador).

Copia y pega el texto del interior del recuadro de aquí abajo, en la ventana del programa y pulsa en Look.

:filefind
*sandboxie*
:folderfind
*sandboxie*
:service
sandboxie
:regfind
sandboxie

• Espera unos segundos hasta que finalice la búsqueda.
• Al acabar se abrirá en el bloc de notas un reporte que debes copiar y pegar en este tema.

Nota: Ese reporte también quedará en el archivo SystemLook.txt del escritorio.

Saludos.

Hola. Ayer me daba el mismo problema tal como comentaba en el mensaje anterior, pero hoy cuando encendí la pc e iba a seguir los pasos que me indicabas, la descarga de la actualización superó el 25 %, se completó y finalmente pude instalarla sin problemas. Muchas gracias por tu ayuda!

Excelente nos alegra ver que YA quedo el problema resuelto, seguro que la ultima vez que desinstalaste NO hiciste REINICIO o APAGADO del equipo y por eso te lo seguía detectando.,

Saludos, Javier.