No se puede borrar adobe gc invoker utility

saludos amigos !!! les cuento que instale el adobe acrobat ultima version(demo), una vez vencida la prueba lo desinstale con revo, pero para mi sorpresa me sigue apareciendo la aplicacion adobe gc invoker al iniciar la maquina, obviamente en desinstalar programas y en el revo no aparece nada de adobe y si busco la ruta donde esta instalada no me permite borrar la carpeta, es el unico producto adobe que tengo ya que desinstale el flash player para ver si eso me permitia borrar el adobe gc invoker, me gustaria me ayuden a eliminar todo rastro de adobe de la pc, desde ya muchas gracias !!!

Hola @jah-gzmn

Desactiva temporalmente tu antivirus.

Descarga Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. :arrow_forward: ¿Cómo saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

hola daniela y muchas gracias por la pronta respuesta, aqui van los reportes :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by GASTON (administrator) on JAHGZMN (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (03-07-2019 18:49:40)
Running from C:\Users\GASTON\Desktop
Loaded Profiles: GASTON (Available Profiles: defaultuser0 & GASTON)
Platform: Windows 10 Pro Version 1809 17763.593 (X64) Language: Español (México)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [152576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F3B9B9-3F67-479D-A25A-20F5503526C1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112376 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {09E1ECA5-EB4D-4AAD-925B-0A5390D16B13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BD38124-BE17-4D68-B888-D7152CEAE013} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {21820515-69BC-4BB0-A8F4-3272CBED4A3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2389F19F-9FEC-46E2-93AE-47430F806B92} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {31CEFF0F-66E5-4F58-A97D-46E6C031A249} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3DF63734-8F99-4733-9059-BC16D9A24F4E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B661A67-30C7-4CB6-ADC1-9EB768F785C5} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {4C723588-F71F-4000-B135-106FC4147A15} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {51E74509-7402-4758-B62D-CBFE862AF09C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112376 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A4EF5B6-8FA6-4039-A6DD-C74DB45F2530} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5B2FA3BC-CE16-4EDF-907D-A1A3D8DD0F6A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {72E1A1E2-8547-4469-AB48-447FFAD8EA71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BDAC881-6811-4B88-8104-045433A02F90} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {86ED81C6-CBF1-4BD0-8A29-B54A1CE03C38} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {8BC3AF51-7740-4369-BDBE-75713733F469} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {94A31D7D-A4B4-435D-98EF-C4E6424784F3} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Motorola Device Manager Initial Update" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Motorola Device Manager Update" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-4053121906-3739663058-3097000640-1001" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1522617166" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{61CFE85B-4B6A-4D81-85CE-A5B2FDF4379E}" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {BF7D1070-A995-47FC-ACE6-D941881EB4B9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {C77B6296-51C4-4F30-BCDA-E29B7A7B4C77} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D9635764-810D-468F-A735-96BCEB528EEE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{f7b7cb9d-f6ec-4d29-aea7-8e0426dce701}: [DhcpNameServer] 186.130.128.250 186.130.129.250

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-04-08]

FireFox:
========
FF DefaultProfile: lrl4hbac.default-1552172405406
FF ProfilePath: C:\Users\GASTON\AppData\Roaming\Mozilla\Firefox\Profiles\lrl4hbac.default-1552172405406 [2019-07-03]
FF Extension: (VPN Unlimited: la mejor extensión para tu navegador Chrome Protege tus valiosos datos privados y desbloquea cualquier web Gratuita) - C:\Users\GASTON\AppData\Roaming\Mozilla\Firefox\Profiles\lrl4hbac.default-1552172405406\Extensions\@vpn-unlimited-secure-proxy.xpi [2019-06-21]
FF Extension: (NoSquint Plus) - C:\Users\GASTON\AppData\Roaming\Mozilla\Firefox\Profiles\lrl4hbac.default-1552172405406\Extensions\[email protected] [2019-03-09]
FF Extension: (Malwarebytes Browser Extension) - C:\Users\GASTON\AppData\Roaming\Mozilla\Firefox\Profiles\lrl4hbac.default-1552172405406\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2019-04-12]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4053121906-3739663058-3097000640-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4053121906-3739663058-3097000640-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4053121906-3739663058-3097000640-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-04-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-04-17] <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe [481656 2018-05-22] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082536 2019-04-16] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5383176 2019-06-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmdag.sys [44682104 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmpag.sys [552824 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mt7612US; C:\WINDOWS\System32\drivers\mt7612US.sys [377864 2015-12-09] (Windows Central Build Account - X -> MediaTek Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-03 18:49 - 2019-07-03 18:50 - 000022578 _____ C:\Users\GASTON\Desktop\FRST.txt
2019-07-03 18:49 - 2019-07-03 18:49 - 000000000 ____D C:\FRST
2019-07-03 18:48 - 2019-07-03 18:48 - 002420224 _____ (Farbar) C:\Users\GASTON\Desktop\FRST64.exe
2019-07-03 14:20 - 2019-07-03 14:30 - 000111428 _____ C:\WINDOWS\ntbtlog.txt
2019-07-03 11:50 - 2019-07-03 11:50 - 000000000 ____D C:\ProgramData\Adobe
2019-07-02 16:04 - 2019-07-03 14:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-07-01 13:18 - 2019-07-01 14:08 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\Tracker Software
2019-07-01 13:14 - 2019-07-01 13:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
2019-07-01 13:14 - 2019-07-01 13:14 - 000000000 ____D C:\ProgramData\FileOpen
2019-07-01 13:14 - 2019-07-01 13:14 - 000000000 ____D C:\Program Files\Tracker Software
2019-07-01 13:14 - 2019-04-04 18:29 - 002187008 _____ (Tracker Software Products (Canada) Ltd.) C:\WINDOWS\system32\pxcpm.dll
2019-06-28 19:05 - 2019-06-28 19:05 - 009683256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-28 19:05 - 2019-06-28 19:05 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-28 19:05 - 2019-06-28 19:05 - 006544248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-28 19:05 - 2019-06-28 19:05 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-28 19:05 - 2019-06-28 19:05 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-28 19:05 - 2019-06-28 19:05 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-28 19:05 - 2019-06-28 19:05 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-28 19:05 - 2019-06-28 19:05 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-28 19:05 - 2019-06-28 19:05 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-28 19:05 - 2019-06-28 19:05 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-27 13:41 - 2019-06-27 13:41 - 000109785 _____ C:\Users\GASTON\Downloads\PAGO_DE_TARJETA2019-6-27.pdf
2019-06-26 19:15 - 2019-06-26 19:15 - 000000000 ____D C:\Users\GASTON\Downloads\gzmn japi
2019-06-24 22:11 - 2019-06-26 19:10 - 000000000 ____D C:\Users\GASTON\Downloads\gzmn cv
2019-06-24 16:52 - 2019-06-27 05:38 - 000003702 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-06-24 16:43 - 2019-06-24 18:59 - 000000000 ___RD C:\Users\GASTON\Creative Cloud Files
2019-06-24 15:32 - 2019-06-24 17:03 - 000036472 _____ C:\Users\GASTON\Downloads\CV_Gaston_Guzman(2).pdf
2019-06-20 17:15 - 2019-06-20 17:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-19 20:22 - 2019-06-19 20:22 - 026807808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 007727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-19 20:22 - 2019-06-19 20:22 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-19 20:22 - 2019-06-19 20:22 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-19 20:22 - 2019-06-19 20:22 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-06-19 20:22 - 2019-06-19 20:22 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-06-19 20:22 - 2019-06-19 20:22 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000747568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-06-19 20:22 - 2019-06-19 20:22 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-06-19 20:22 - 2019-06-19 20:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-06-19 20:22 - 2019-06-19 20:22 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-06-19 20:22 - 2019-06-19 20:22 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-06-19 20:22 - 2019-06-19 20:22 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-06-19 20:22 - 2019-06-19 20:22 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-06-19 20:22 - 2019-06-19 20:22 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-19 20:22 - 2019-06-19 20:22 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-06-19 20:22 - 2019-06-19 20:22 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-06-19 20:22 - 2019-06-19 20:22 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-06-19 20:22 - 2019-06-19 20:22 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-06-19 20:22 - 2019-06-19 20:22 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-06-19 20:22 - 2019-06-19 20:22 - 000000000 ____D C:\Users\GASTON\AppData\Local\OneDrive
2019-06-19 20:21 - 2019-06-19 20:21 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-19 20:21 - 2019-06-19 20:21 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 002073232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-06-19 20:21 - 2019-06-19 20:21 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-19 20:21 - 2019-06-19 20:21 - 001669304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001472568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 001465776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001344952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-19 20:21 - 2019-06-19 20:21 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-19 20:21 - 2019-06-19 20:21 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-06-19 20:21 - 2019-06-19 20:21 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-19 20:21 - 2019-06-19 20:21 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-06-19 20:21 - 2019-06-19 20:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-06-19 20:21 - 2019-06-19 20:21 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-06-19 20:21 - 2019-06-19 20:21 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-19 20:21 - 2019-06-19 20:21 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-06-19 20:20 - 2019-06-19 20:21 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 007687568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 005561312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 005528064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 005297664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 004351448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-06-19 20:20 - 2019-06-19 20:20 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 003987456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 003636736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 003630592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 002707456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 002406928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 002200080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 002050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001751352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001713976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001406992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 001199616 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-06-19 20:20 - 2019-06-19 20:20 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000987736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000871784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000850976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000768224 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-19 20:20 - 2019-06-19 20:20 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-06-19 20:20 - 2019-06-19 20:20 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-19 20:20 - 2019-06-19 20:20 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000511504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-06-19 20:20 - 2019-06-19 20:20 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-19 20:20 - 2019-06-19 20:20 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-06-19 20:20 - 2019-06-19 20:20 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000141216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000117720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-06-19 20:20 - 2019-06-19 20:20 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-06-19 20:20 - 2019-06-19 20:20 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-06-19 20:20 - 2019-06-19 20:20 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-19 20:20 - 2019-06-19 20:20 - 000036360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-06-16 16:56 - 2019-06-16 16:56 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-15 07:44 - 2019-06-15 07:44 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-15 07:44 - 2019-06-15 07:44 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-15 07:44 - 2019-06-15 07:44 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-15 07:44 - 2019-06-15 07:44 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-15 07:44 - 2019-06-15 07:44 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-15 07:44 - 2019-06-15 07:44 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-15 07:44 - 2019-06-15 07:44 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-15 07:44 - 2019-06-15 07:44 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-15 07:44 - 2019-06-15 07:44 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-15 07:44 - 2019-06-15 07:44 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-15 07:44 - 2019-06-15 07:44 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-04 19:44 - 2019-06-04 19:44 - 000711968 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-03 18:49 - 2018-12-12 08:04 - 001767626 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-03 18:49 - 2018-09-15 13:39 - 000783108 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-03 18:49 - 2018-09-15 13:39 - 000152578 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-03 18:49 - 2018-09-15 04:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-03 18:46 - 2019-01-20 22:13 - 000000000 ____D C:\Users\GASTON\AppData\LocalLow\Mozilla
2019-07-03 18:43 - 2018-12-12 08:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-03 18:43 - 2017-01-03 05:07 - 000000000 ____D C:\Temp
2019-07-03 18:42 - 2018-09-15 03:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-03 18:41 - 2018-12-12 07:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-03 14:18 - 2017-05-10 16:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-07-03 11:51 - 2018-12-12 08:07 - 000004222 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CFE85B-4B6A-4D81-85CE-A5B2FDF4379E}
2019-07-03 00:23 - 2018-09-15 04:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-03 00:09 - 2019-01-08 21:41 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-03 00:09 - 2019-01-08 21:41 - 000002238 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-02 20:11 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-02 20:10 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-02 20:09 - 2017-03-28 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-07-02 16:55 - 2018-12-12 07:51 - 000303536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-02 16:52 - 2017-02-23 03:16 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\MPC-HC
2019-07-02 16:52 - 2016-11-09 13:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-02 00:23 - 2018-09-15 04:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-02 00:23 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-01 19:38 - 2017-03-23 18:42 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\AIMP
2019-06-29 14:03 - 2016-11-09 11:30 - 000000000 ____D C:\Users\GASTON\AppData\Local\ElevatedDiagnostics
2019-06-28 19:11 - 2018-12-12 07:54 - 000000000 ____D C:\Users\GASTON
2019-06-28 19:09 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-28 19:07 - 2018-09-15 04:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-28 18:42 - 2017-11-09 08:19 - 000000000 ____D C:\Users\GASTON\AppData\Local\Packages
2019-06-27 05:35 - 2018-05-10 04:24 - 000000000 ____D C:\Users\GASTON\AppData\Local\D3DSCache
2019-06-24 18:05 - 2018-07-19 18:49 - 000000000 ____D C:\Users\GASTON\Downloads\gzmn nesta
2019-06-24 17:39 - 2019-04-27 23:38 - 000000000 ____D C:\Users\GASTON\Documents\cv gzmn
2019-06-24 16:54 - 2018-06-19 20:01 - 000000000 ____D C:\ProgramData\Packages
2019-06-24 16:37 - 2016-11-09 12:14 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-23 21:43 - 2017-05-20 15:28 - 000000000 ____D C:\Users\GASTON\Documents\comprobantes de pago
2019-06-20 17:56 - 2019-01-20 22:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-20 17:21 - 2019-01-20 22:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-20 00:27 - 2016-11-01 21:35 - 000000000 ___RD C:\Users\GASTON\OneDrive
2019-06-19 20:32 - 2016-11-01 22:42 - 000000000 ___RD C:\Users\GASTON\3D Objects
2019-06-19 20:32 - 2016-11-01 21:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-19 20:28 - 2018-09-15 13:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-06-19 20:28 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-19 20:28 - 2018-09-15 03:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-06-19 20:21 - 2018-12-12 08:07 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4053121906-3739663058-3097000640-1001
2019-06-19 20:21 - 2018-12-12 07:54 - 000002370 _____ C:\Users\GASTON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-19 19:36 - 2017-03-23 18:42 - 000000000 ____D C:\Program Files (x86)\AIMP
2019-06-17 23:18 - 2017-05-09 20:55 - 000000000 ____D C:\Program Files\UNP
2019-06-16 16:30 - 2018-09-15 04:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-15 07:35 - 2018-09-15 04:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-15 07:35 - 2018-09-15 04:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-15 07:35 - 2016-11-09 13:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-15 07:33 - 2016-11-09 13:07 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-15 07:25 - 2018-02-28 19:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ================

2019-04-02 15:47 - 2019-05-20 19:20 - 000000132 _____ () C:\Users\GASTON\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2019-06-24 16:37 - 2019-07-03 11:50 - 000001230 _____ () C:\Users\GASTON\AppData\Local\oobelibMkey.log
2018-08-05 22:48 - 2018-08-05 22:50 - 000007598 _____ () C:\Users\GASTON\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by GASTON (03-07-2019 18:51:43)
Running from C:\Users\GASTON\Desktop
Windows 10 Pro Version 1809 17763.593 (X64) (2018-12-12 11:09:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4053121906-3739663058-3097000640-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4053121906-3739663058-3097000640-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4053121906-3739663058-3097000640-1000 - Limited - Disabled) => C:\Users\defaultuser0
GASTON (S-1-5-21-4053121906-3739663058-3097000640-1001 - Administrator - Enabled) => C:\Users\GASTON
Invitado (S-1-5-21-4053121906-3739663058-3097000640-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-4053121906-3739663058-3097000640-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2129 Beta 5, 18.05.2019 - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.5.1 - Advanced Micro Devices, Inc.)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
BurnAware Free 11.9 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Dragon Ball Xenoverse 2 (HKLM-x32\...\Dragon Ball Xenoverse 2_is1) (Version:  - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
Kelly Slater's Pro Surfer(tm) (HKLM-x32\...\{A4479693-378E-49EB-AD5A-C5A8B2BC097A}) (Version: 1.00.0000 - Aspyr Media inc.)
K-Lite Codec Pack 14.9.7 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.9.7 - KLCP)
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Hogar y Estudiantes 2016 - es-es (HKLM\...\HomeStudentRetail - es-es) (Version: 16.0.11425.20228 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 67.0.4 (x64 es-ES) (HKLM\...\Mozilla Firefox 67.0.4 (x64 es-ES)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11425.20228 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{B998B716-4001-4919-BA90-BA14B51DFEB5}) (Version: 4.1.6 - dotPDN LLC)
PDF-XChange PRO (HKLM\...\{313BAF4A-B48F-41B4-BF9E-7B69F25018A9}) (Version: 8.0.330.0 - Tracker Software Products (Canada) Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.3) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

Packages:
=========
Complemento de Fotos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-04-08] (Microsoft Corporation)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Drawboard PDF -> C:\Program Files\WindowsApps\Drawboard.DrawboardPDF_5.8.232.0_x64__gqbn7fs4pywxm [2019-07-02] (Drawboard)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-04-08] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-06-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-04-08] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-27] (Netflix, Inc.)
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.5.1000_x64__6bhtb546zcxnj [2019-05-22] (TuneIn) [MS Ad]
uBlock Origin -> C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2019-04-08] (Nik Rolls)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-06-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-06-19] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-04-07 11:31 - 2014-04-07 11:31 - 000172032 _____ () [File not signed] C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 22:12 - 2018-04-24 22:12 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-05-16 15:25 - 2018-05-16 15:25 - 000155688 _____ (AMD PMP-PE CB Code Signer v20180327 -> Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\amdihk64.dll
2018-12-12 07:56 - 2018-12-12 07:56 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2017-01-03 05:06 - 2011-09-02 16:06 - 000065657 _____ (Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
2018-04-24 22:12 - 2018-04-24 22:12 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-05-16 14:48 - 2018-05-16 14:48 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 22:12 - 2018-04-24 22:12 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 08:47 - 2019-06-29 00:03 - 000000308 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\GASTON\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 186.130.128.250 - 186.130.129.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "FlashPlayerUpdate"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{00F4003A-45CB-4AC4-A4D4-036449DFE670}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{C9C7C7CF-52D9-4D42-96AC-8A1C01B53A79}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{E312653E-89B9-49FD-9639-8BB3C8D9D8E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4DE1A403-E326-4012-8263-8811F2CBAC82}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5FF61A69-E028-4472-8DFA-849F1CB0603E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{2321EF8C-3137-4737-9F5F-E8D3A9FAA774}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{A77B4769-BF3C-46EE-A153-239CF36D2EEE}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{FD4DED3B-A500-4903-890B-3E1355BFABB7}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{AD56A43B-4604-432D-854C-4120333C1835}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{17A34276-0D82-4C11-8167-38BE200F6D6C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{61646029-B2C4-4DB6-ABB0-1EF673953A8F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{ED96670D-36FD-4F73-8D99-816053EEF1F0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{4F1B353B-D6B1-4FD0-B407-D4ABA133958B}] => (Block) %ProgramFiles%\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe No File
FirewallRules: [{A0244CA2-0DAA-4B11-AF70-1EE3CD2325D3}] => (Block) C:\Program Files\Common Files\microsoft shared\ClickToRun ()

==================== Restore Points =========================

28-06-2019 18:41:44 Removed Adobe Acrobat DC.
01-07-2019 13:13:16 Installed PDF-XChange PRO

==================== Faulty Device Manager Devices =============

Name: Kaspersky Lab power events provider
Description: Kaspersky Lab power events provider
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: KL
Service: klhk
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2019 12:22:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa WWAHost.exe (versión 10.0.17763.404) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: b30

Hora de Inicio: 01d5314dc5ea09d4

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\System32\WWAHost.exe

Id. de informe: 570605a8-a9d9-4740-9b5e-aafaf62fefd0

Nombre completo del paquete con errores: 4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8

Id. de la aplicación relativa al paquete con errores: Netflix.App

Tipo de bloqueo: Quiesce

Error: (07/02/2019 08:10:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x8007001f, Uno de los dispositivos conectados al sistema no funciona.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (07/02/2019 08:10:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {b01a0148-63f5-4654-b866-c7310782d07c}

Error: (07/02/2019 04:54:12 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\GASTON\Desktop\delfix.exe ; descripción = End of disinfection; error = 0x8007043c).

Error: (07/02/2019 04:36:25 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\GASTON\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).

Error: (06/28/2019 06:42:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MsiExec.exe, versión: 5.0.17763.404, marca de tiempo: 0xbe6e0b31
Nombre del módulo con errores: MSI36F0.tmp_unloaded, versión: 19.12.20034.1161, marca de tiempo: 0x5ccb7d82
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x000079d0
Identificador del proceso con errores: 0x24d4
Hora de inicio de la aplicación con errores: 0x01d52dfa4f8fdbd7
Ruta de acceso de la aplicación con errores: C:\Windows\syswow64\MsiExec.exe
Ruta de acceso del módulo con errores: MSI36F0.tmp
Identificador del informe: 03836bd0-7865-4bcc-b34e-b07f537db69c
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/28/2019 06:42:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: MsiExec.exe, versión: 5.0.17763.404, marca de tiempo: 0xbe6e0b31
Nombre del módulo con errores: MSI77FA.tmp, versión: 17.12.20093.41392, marca de tiempo: 0x597f8abe
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00001e0d
Identificador del proceso con errores: 0x1d00
Hora de inicio de la aplicación con errores: 0x01d52dfa590bdcfc
Ruta de acceso de la aplicación con errores: C:\Windows\syswow64\MsiExec.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\Installer\MSI77FA.tmp
Identificador del informe: c2f13c36-288f-48dc-9397-4f93bcdadc41
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (06/28/2019 06:41:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet


System errors:
=============
Error: (07/03/2019 06:48:09 PM) (Source: DCOM) (EventID: 10016) (User: JAHGZMN)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario JAHGZMN\GASTON con SID (S-1-5-21-4053121906-3739663058-3097000640-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/03/2019 06:48:08 PM) (Source: DCOM) (EventID: 10016) (User: JAHGZMN)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 y APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 al usuario JAHGZMN\GASTON con SID (S-1-5-21-4053121906-3739663058-3097000640-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/03/2019 06:45:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/03/2019 06:45:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscDataProtection
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/03/2019 06:45:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.SecurityAppBroker
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (07/03/2019 06:42:13 PM) (Source: DCOM) (EventID: 10005) (User: JAHGZMN)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/03/2019 06:42:07 PM) (Source: DCOM) (EventID: 10005) (User: JAHGZMN)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/03/2019 06:40:33 PM) (Source: DCOM) (EventID: 10005) (User: JAHGZMN)
Description: Error de DCOM "1084" al intentar iniciar el servicio ShellHWDetection con argumentos "No disponible" para ejecutar el servidor:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2019-07-03 00:09:39.478
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCleaner64.exe realizara cambios en la memoria.
Tiempo de detección: 2019-07-03T03:09:39.475Z
Usuario: JAHGZMN\GASTON
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCleaner64.exe
Versión de la firma: 1.297.321.0
Versión del motor: 1.1.16100.4
Versión del producto: 4.18.1905.4

Date: 2019-07-03 00:09:39.455
Description: 
El acceso controlado a carpetas impidió que C:\Program Files\CCleaner\CCUpdate.exe realizara cambios en la memoria.
Tiempo de detección: 2019-07-03T03:09:39.454Z
Usuario: JAHGZMN\GASTON
Ruta de acceso: \Device\Harddisk0\DR0
Nombre del proceso: C:\Program Files\CCleaner\CCUpdate.exe
Versión de la firma: 1.297.321.0
Versión del motor: 1.1.16100.4
Versión del producto: 4.18.1905.4

Date: 2019-07-03 18:53:16.779
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.361.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x80240016
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. 

Date: 2019-07-03 14:30:29.230
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.321.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

Date: 2019-07-03 14:20:21.941
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-07-02 20:36:23.215
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2019-07-02 16:14:47.082
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.297.290.0
Origen de actualización: Servidor de Microsoft Update
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión de motor actual: 
Versión de motor anterior: 1.1.16100.4
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 

CodeIntegrity:
===================================

Date: 2019-07-03 13:49:41.776
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 13:49:41.736
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 13:03:41.341
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 13:03:41.301
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 12:25:49.441
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 12:25:49.410
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 11:28:48.999
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-07-03 11:28:48.966
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\D3DSCache.dll because the set of per-page image hashes could not be found on the system.

Hola

Comentaste que habías desinstalado Adobe Flash Player, lo has vuelto a instalar? En el reporte de FRST veo bastantes entradas de Adobe, si no lo has instalado de nuevo, para eliminar todo lo que encuentre.

Un saludo

@Daniela no, no lo volvi a instalar, tenia pensado hacerlo una vez solucionado este tema, yo uso firefox, sigue siendo necesario ? siempre veo que una vez al mes microsoft me baja una actualizacion de seguridad para el flash player, por eso siempre lo deje (pero entre nos ni se para que sirve) !!! saludos !!!

Hola

En alguna página web puede que necesites tener instalado Flash Player para reproducir, por ejemplo un vídeo, pero ya apenas se encuentran, yo no lo tengo instalado y hasta el momento, no lo he necesitado, por lo que te recomiendo que no lo instales al no ser que lo necesites.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5A4EF5B6-8FA6-4039-A6DD-C74DB45F2530} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-04-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-04-17] <==== ATTENTION
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [X]
2019-07-03 11:50 - 2019-07-03 11:50 - 000000000 ____D C:\ProgramData\Adobe
2019-06-24 16:52 - 2019-06-27 05:38 - 000003702 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-06-15 07:35 - 2018-09-15 04:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-15 07:35 - 2018-09-15 04:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-02 15:47 - 2019-05-20 19:20 - 000000132 _____ () C:\Users\GASTON\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "FlashPlayerUpdate"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
FirewallRules: [UDP Query User{00F4003A-45CB-4AC4-A4D4-036449DFE670}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{C9C7C7CF-52D9-4D42-96AC-8A1C01B53A79}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{A77B4769-BF3C-46EE-A153-239CF36D2EEE}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{FD4DED3B-A500-4903-890B-3E1355BFABB7}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{4F1B353B-D6B1-4FD0-B407-D4ABA133958B}] => (Block) %ProgramFiles%\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

bien @Daniela aqui el resultado del fichero fix, que opinas ?

Fix result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by GASTON (03-07-2019 23:16:56) Run:1
Running from C:\Users\GASTON\Desktop
Loaded Profiles: GASTON (Available Profiles: defaultuser0 & GASTON)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5A4EF5B6-8FA6-4039-A6DD-C74DB45F2530} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-04-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-04-17] <==== ATTENTION
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [X]
2019-07-03 11:50 - 2019-07-03 11:50 - 000000000 ____D C:\ProgramData\Adobe
2019-06-24 16:52 - 2019-06-27 05:38 - 000003702 _____ C:\WINDOWS\System32\Tasks\[email protected]
2019-06-15 07:35 - 2018-09-15 04:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-15 07:35 - 2018-09-15 04:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-02 15:47 - 2019-05-20 19:20 - 000000132 _____ () C:\Users\GASTON\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "FlashPlayerUpdate"
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
FirewallRules: [UDP Query User{00F4003A-45CB-4AC4-A4D4-036449DFE670}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{C9C7C7CF-52D9-4D42-96AC-8A1C01B53A79}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{A77B4769-BF3C-46EE-A153-239CF36D2EEE}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{FD4DED3B-A500-4903-890B-3E1355BFABB7}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{4F1B353B-D6B1-4FD0-B407-D4ABA133958B}] => (Block) %ProgramFiles%\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A4EF5B6-8FA6-4039-A6DD-C74DB45F2530}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A4EF5B6-8FA6-4039-A6DD-C74DB45F2530}" => removed successfully
C:\WINDOWS\System32\Tasks\[email protected] => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\[email protected]" => removed successfully
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
HKLM\System\CurrentControlSet\Services\AGMService => removed successfully
AGMService => service removed successfully
HKLM\System\CurrentControlSet\Services\AGSService => removed successfully
AGSService => service removed successfully
HKLM\System\CurrentControlSet\Services\klids => removed successfully
klids => service removed successfully
C:\ProgramData\Adobe => moved successfully
"C:\WINDOWS\System32\Tasks\[email protected]" => not found
C:\WINDOWS\SysWOW64\FlashPlayerApp.exe => moved successfully
C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl => moved successfully
C:\Users\GASTON\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   AccExtIco1 => removed successfully
HKLM\Software\Classes\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   AccExtIco2 => removed successfully
HKLM\Software\Classes\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\   AccExtIco3 => removed successfully
HKLM\Software\Classes\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AccExt => removed successfully
HKLM\Software\Classes\CLSID\{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
HKLM\Software\Classes\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\AccExt => removed successfully
HKLM\Software\Classes\CLSID\{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AdobeGCInvoker-1.0" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeGCInvoker-1.0" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AdobeAAMUpdater-1.0" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0" => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\Adobe Creative Cloud" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Creative Cloud" => not found
"HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\FlashPlayerUpdate" => removed successfully
"HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\FlashPlayerUpdate" => not found
"HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Adobe Acrobat Synchronizer" => removed successfully
"HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adobe Acrobat Synchronizer" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{00F4003A-45CB-4AC4-A4D4-036449DFE670}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C9C7C7CF-52D9-4D42-96AC-8A1C01B53A79}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A77B4769-BF3C-46EE-A153-239CF36D2EEE}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FD4DED3B-A500-4903-890B-3E1355BFABB7}C:\program files (x86)\steam\steamapps\common\pro evolution soccer 2017\pes2017.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F1B353B-D6B1-4FD0-B407-D4ABA133958B}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::f06e:bdb3:bef9:6626%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.63
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19959952 B
Java, Flash, Steam htmlcache => 313301068 B
Windows/system/drivers => 3436380 B
Edge => 6204230 B
Chrome => 0 B
Firefox => 1494388494 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 8268 B
NetworkService => 0 B
defaultuser0 => 0 B
GASTON => 20961263 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:18:16 ====

Hola

Frst ha hecho su trabajo y ha eliminado todo lo que se localizó, ahora tu tienes que revisar si ya se solucionó el problema.

Nos comentas.

Un saludo

bien @Daniela ya no aparece nada de adobe ni en el inicio, ni en los servicios, ni en la carpeta common files, asi que considero resuelto el problema, solo restaria el ultimo paso de eliminar los programas usados que no recuerdo bien como se hacia, desde ya muchas gracias nuevamente por tu ayuda !!!

Hola @jah-gzmn

Sigue estos pasos, para eliminar las herramientas utilizadas:

Para hacerlo utiliza de nuevo/descarga >> DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador)

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte :handshake:

Nos alegramos que se te haya resuelto :+1: Damos el tema por solucionado.

Solucionado

Un saludo