Ordenador lento, seguí estos pasos

Hola mi ordenador va algo lento, vi un tema similar y seguí los siguientes pasos y os pongo el log. Sigue llendo algo lento.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 21/11/19
Hora del análisis: 20:46
Archivo de registro: 91ef1606-0c97-11ea-b091-001fc6b9ece8.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.750
Versión del paquete de actualización: 1.0.15238
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 14393.0)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-62I3FUH\Core 2 duo

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 284937
Amenazas detectadas: 7
Amenazas en cuarentena: 7
Tiempo transcurrido: 8 min, 41 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 3
PUP.Optional.Conduit, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 201, 236865, , , , 
PUP.Optional.Conduit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En cuarentena, 201, 236865, , , , 
PUP.Optional.Conduit, HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, En cuarentena, 201, 236865, 1.0.15238, , ame, 

Valor del registro: 2
PUP.Optional.Conduit, HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, En cuarentena, 201, 236865, 1.0.15238, , ame, 
PUP.Optional.Conduit, HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TOPRESULTURL, En cuarentena, 201, 236865, 1.0.15238, , ame, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
PUP.Optional.Conduit, C:\USERS\CORE 2 DUO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AZV8RVWH.DEFAULT\PREFS.JS, Sustituido, 201, 301520, 1.0.15238, , ame, 
HackTool.Agent.KMS, C:\PROGRAM FILES\KMSPICO\KMSELDI.EXE, En cuarentena, 7651, 700614, 1.0.15238, 944EE159F45C9BF05F6EC2BA, dds, 00467674

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Hola @Duq_Plex

Continua con lo siguiente:

1.- Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

2.- Descarga, instala y/o actualiza a las siguientes herramientas:

3.- Ejecutas respetando el orden los pasos con todos los programas cerrados incluido los navegadores

CCleaner

Usando su opción Limpiador de acuerdo su Manual:

  • Para borrar Cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos.
  • Cuando lo instales destilda las casillas para no permitir la instalación de Ccleaner Browser/Avast Browser o similar…
  • NO necesitamos este reporte

AdwCleaner

Lo ejecutas.

  • Pulsa en el botón Escanear y espera a que se realice el proceso. Luego pulsa sobre el botón Limpiar.
  • Espera a que se complete. Si te pidiera reiniciar el sistema Aceptas.
  • Guarda el reporte que le aparecerá para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también puede encontrarse en “C:\AdwCleaner\AdwCleaner.txt”

ZHPCleaner

  • Siguiendo su manual, lo instalas y ejecutas. Cuando termine, elimina todo lo que encuentre.

4.- Luego de reiniciar:

Desactiva temporalmente tu antivirus y cualquier programa de seguridad.

5.- Descarga Farbar Recovery Scan Tool. en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de su equipo. >> Como saber si mi Windows es de 32 o 64 bits.?

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Guía: Como Ejecutar FRST

6.- En tu próxima respuesta, pega los reportes generados.

Guía : ¿Como Pegar reportes en el Foro?

Esperamos esos reporte.

Salu2

Hola adjunto reportes solicitados,lo hago en 2 respuestas por que no me aclaraba como hacerlo para meter todos los reportes en una sola respuesta,disculpas. Gracias de antemano.

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-11-20.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-23-2019
# Duration: 00:00:00
# OS:       Windows 10 Enterprise 2016 LTSB
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [21726 octets] - [22/11/2019 16:22:53]
AdwCleaner[S00].txt - [1446 octets] - [22/11/2019 16:23:17]
AdwCleaner[C00].txt - [1614 octets] - [22/11/2019 16:23:26]
AdwCleaner[S01].txt - [1527 octets] - [23/11/2019 21:02:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

~ ZHPCleaner v2019.11.22.160 by Nicolas Coolman (2019/11/22)
~ Run by Core 2 duo (Administrator)  (23/11/2019 21:06:53)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Core 2 duo\Desktop\ZHPCleaner (S).txt
~ Quarantine : C:\Users\Core 2 duo\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt
~ System Restore Point : 
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
Windows 10 Enterprise 2016 LTSB, 64-bit  (Build 14393)


---\\  Alternate Data Stream (ADS). (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Servicios (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Navegadores de Internet (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Hosts carpeta (1)
~ El archivo hosts es legítimo (21)


---\\  Tareas automáticas programadas. (0)
~ No malintencionados o innecesarios artículos encontrados.


---\\  Explorador ( Archivos, Carpetas ) (18)
ENCONTRADOS carpeta: C:\Program Files\KMSpico\AutoPico.exe [@ByELDI - AutoPico]  =>HackTool.KMSpico
ENCONTRADOS carpeta: C:\Program Files\KMSpico\DevComponents.DotNetBar2.dll [DevComponents.com - DevComponents.DotNetBar]  =>HackTool.KMSpico
ENCONTRADOS carpeta: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS]  =>HackTool.KMSpico
ENCONTRADOS carpeta: C:\Program Files\KMSpico\unins000.dat    =>HackTool.KMSpico
ENCONTRADOS carpeta: C:\Program Files\KMSpico\unins000.exe [ - Setup/Uninstall]  =>HackTool.KMSpico
ENCONTRADOS carpeta: C:\Program Files\KMSpico\Vestris.ResourceLib.dll [Vestris Inc. - ResourceLib]  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\cert  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\driver  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\icons  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\logs  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\scripts  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\sounds  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\TokensBackup  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\x64  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico\x86  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Program Files\KMSpico  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>HackTool.KMSpico
ENCONTRADOS archivo: C:\Windows\SysWoW64\config\systemprofile\AppData\Roaming\Fighters  =>.SUP.SlowPCfighter


---\\  Registro ( Claves, Valores, Datos) (1)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 [KMSpico]  =>HackTool.KMSpico


---\\  Resumen de elementos en su estación de trabajo (2)
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/  =>HackTool.KMSpico
https://nicolascoolman.eu/2017/09/26/sup-slowpcfighter/  =>.SUP.SlowPCfighter


---\\ Resultado de la reparación.
~ ninguna reparación hecha
~ Mozilla Firefox OK
~ Internet Explorer OK


---\\ STATISTIQUES
~ Items escaneado : 95014
~ Items encontrado : 20
~ artículos cancelados : 0
~ Items opciones : 6/13
~ Ahorro de espacio (bytes) : 0


~ End of search in 00h08mn29s

---\\  Reporte (0)
ZHPCleaner-[S]-23112019-21_15_22.txt

Resto reporte:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2019
Ran by Core 2 duo (administrator) on DESKTOP-62I3FUH (23-11-2019 21:25:37)
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Platform: Windows 10 Enterprise 2016 LTSB Version 1607 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ATI Technologies, Inc -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies, Inc -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\bavhm.exe
(Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe
(Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe
(Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe [1997296 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\MountPoints2: {86037486-6e9f-11e9-b27e-806e6f6e6963} - "D:\weasis-win32.exe" 
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24869352 2019-06-28] (Plex, Inc -> Plex, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Welcome.lnk [2017-11-09]
ShortcutTarget: Welcome.lnk -> C:\Welcome\Welcome.exe () [File not signed]
Startup: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar762.lnk [2019-11-23]
ShortcutTarget: Sidebar762.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
Startup: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP ENVY 4500 series.lnk [2019-11-23]
ShortcutAndArgument: Supervisar alertas de tinta - HP ENVY 4500 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP ENVY 4500 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN53H221HJ060F;CONNECTION=USB;MONITOR=1;
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01795000-5B9E-4D32-A575-159B4938508A} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {0F9B572B-F328-407E-9BB1-BB723B05012E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {1E89733F-A4C0-47B9-83B4-8487BA5C6D55} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4F65979C-3296-41F0-8163-FA972A47A276} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {676E0A73-BC47-4DE0-B9D4-85118816C2D5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B22DFE2-D005-4200-A225-C05BB5CB6FEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {81F8D840-9F75-4885-9880-AA638DB0D8BF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe)
Task: {8A22C4BA-0816-4DF4-B67E-57E2B348A200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EB524607-9629-441C-A41E-D4F9B5262537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe)
Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {FABCE7CC-AE7E-418D-AC78-12EB16028359} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{72d85931-d2c8-4899-a78a-7e0d319854c0}: [DhcpNameServer] 212.166.211.4 62.81.16.164
Tcpip\..\Interfaces\{a327b524-86ed-4b15-916e-5de61f12ff61}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bc6103c1-46b4-4381-8674-9cb3e4f607bc}: [DhcpNameServer] 212.166.211.4 62.81.16.164

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/#spf=1573212087549
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-793460650-1082067395-1000565632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: azv8rvwh.default
FF ProfilePath: C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default [2019-11-23]
FF Homepage: Mozilla\Firefox\Profiles\azv8rvwh.default -> hxxp://www.google.es/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe [2572928 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe [531232 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-11-21] (Malwarebytes Inc -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2120680 2019-06-28] (Plex, Inc -> Plex, Inc.)
S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdSandboxSrv64.exe [X]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; C:\Windows\System32\drivers\l160x64.sys [65024 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
R3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdApiUtil64.sys [116936 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BdCameraProtect64.sys [25032 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\Bnmon64.sys [82376 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2016-07-16] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\drivers\L1E62x64.sys [59904 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (Microsoft Windows -> MediaTek Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Microsoft Windows -> Realtek )
S3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2016-07-16] (Microsoft Windows -> Marvell)
S3 BdSandbox; \??\C:\Windows\System32\drivers\BdSandbox.sys [X]
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-23 21:25 - 2019-11-23 21:26 - 000019722 _____ C:\Users\Core 2 duo\Desktop\FRST.txt
2019-11-23 21:25 - 2019-11-23 21:26 - 000000000 ____D C:\FRST
2019-11-23 21:24 - 2019-11-23 21:24 - 002262016 _____ (Farbar) C:\Users\Core 2 duo\Desktop\FRST64.exe
2019-11-23 21:18 - 2019-11-23 21:18 - 000002675 _____ C:\Users\Core 2 duo\Desktop\ZHPCleaner (R).txt
2019-11-23 21:15 - 2019-11-23 21:15 - 000003483 _____ C:\Users\Core 2 duo\Desktop\ZHPCleaner (S).txt
2019-11-23 21:06 - 2019-11-23 21:18 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\ZHP
2019-11-23 21:06 - 2019-11-23 21:06 - 000000891 _____ C:\Users\Core 2 duo\Desktop\ZHPCleaner.lnk
2019-11-23 21:06 - 2019-11-23 21:06 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ZHP
2019-11-23 21:05 - 2019-11-23 21:05 - 000001715 _____ C:\Users\Core 2 duo\Desktop\AdwCleaner[C01].txt
2019-11-23 20:57 - 2019-11-23 20:57 - 003334016 _____ (Nicolas Coolman) C:\Users\Core 2 duo\Desktop\ZHPCleaner.exe
2019-11-23 20:43 - 2019-11-23 20:43 - 000320874 _____ C:\Users\Core 2 duo\Documents\Scan0009.pdf
2019-11-23 20:43 - 2019-11-23 20:43 - 000137659 _____ C:\Users\Core 2 duo\Documents\Scan0010.pdf
2019-11-23 20:42 - 2019-11-23 20:42 - 000536877 _____ C:\Users\Core 2 duo\Documents\Scan0008.pdf
2019-11-23 20:41 - 2019-11-23 20:41 - 000410788 _____ C:\Users\Core 2 duo\Documents\Scan0007.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000346708 _____ C:\Users\Core 2 duo\Documents\Scan0005.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000315055 _____ C:\Users\Core 2 duo\Documents\Scan0006.pdf
2019-11-23 20:39 - 2019-11-23 20:39 - 000173321 _____ C:\Users\Core 2 duo\Documents\Scan0004.pdf
2019-11-23 20:37 - 2019-11-23 20:37 - 000482263 _____ C:\Users\Core 2 duo\Documents\Scan0003.pdf
2019-11-22 16:22 - 2019-11-22 16:23 - 000000000 ____D C:\AdwCleaner
2019-11-22 16:21 - 2019-11-22 16:22 - 007622344 _____ (Malwarebytes) C:\Users\Core 2 duo\Desktop\adwcleaner_7.4.2.exe
2019-11-22 16:16 - 2019-11-22 16:16 - 000000402 _____ C:\DelFix.txt
2019-11-22 10:11 - 2019-11-22 10:12 - 000703513 _____ C:\Users\Core 2 duo\Documents\Scan0002.pdf
2019-11-21 20:40 - 2019-11-21 20:40 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-11-21 20:40 - 2019-11-21 20:40 - 000002038 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\mbamtray
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\mbam
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-21 20:40 - 2019-11-21 20:39 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-11-21 20:40 - 2019-11-21 20:39 - 000020936 _____ (Malwarebytes) C:\Windows\ELAMBKUP
2019-11-21 20:39 - 2019-11-21 20:39 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-21 11:04 - 2019-11-21 12:05 - 000000000 ____D C:\Users\Core 2 duo\Desktop\facturas luz
2019-11-21 10:38 - 2019-11-21 10:38 - 000441117 _____ C:\Users\Core 2 duo\Documents\Scan0001.pdf
2019-11-17 19:56 - 2019-11-17 19:56 - 000133163 _____ C:\Users\Core 2 duo\Desktop\vida laboral.pdf
2019-11-17 19:41 - 2019-11-17 19:41 - 000162105 _____ C:\Users\Core 2 duo\Desktop\justificante.pdf
2019-11-06 15:19 - 2019-11-13 15:37 - 000004586 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-06 15:19 - 2019-11-13 15:37 - 000004388 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-06 15:19 - 2019-11-13 15:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-06 15:19 - 2019-11-06 15:19 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Macromedia
2019-11-03 21:08 - 2019-11-03 21:08 - 000000299 _____ C:\Users\Core 2 duo\Documents\Presupuesto Almussafes.txt
2019-10-31 16:13 - 2019-10-31 16:13 - 000000246 _____ C:\Users\Core 2 duo\Desktop\Prime Video.URL
2019-10-30 19:32 - 2019-10-30 19:31 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-10-28 20:47 - 2019-10-31 20:20 - 000000000 ____D C:\Torrents
2019-10-26 19:39 - 2019-10-26 19:39 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-10-25 09:24 - 2019-10-25 09:24 - 000000000 ____D C:\Users\Core 2 duo\Documents\Plantillas personalizadas de Office

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-23 21:26 - 2019-07-03 20:50 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Mozilla
2019-11-23 21:21 - 2018-12-06 19:42 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ClassicShell
2019-11-23 21:20 - 2018-12-06 16:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-23 21:10 - 2018-12-06 16:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-23 21:08 - 2018-12-06 16:08 - 006451342 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-23 21:08 - 2016-07-16 23:39 - 003128674 _____ C:\Windows\system32\perfh00A.dat
2019-11-23 21:08 - 2016-07-16 23:39 - 000889486 _____ C:\Windows\system32\perfc00A.dat
2019-11-22 16:48 - 2019-06-28 19:20 - 000005338 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH
2019-11-22 16:38 - 2019-10-05 14:44 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Kodi
2019-11-22 16:35 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2019-11-22 10:06 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Packages
2019-11-21 20:40 - 2019-06-30 15:49 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\cache
2019-11-21 12:09 - 2016-07-16 07:04 - 000008192 _____ C:\Windows\system32\config\BBI
2019-11-19 09:49 - 2019-10-19 08:20 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Ofimatica Pdf
2019-11-13 15:36 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-06 15:19 - 2018-12-07 22:47 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Adobe
2019-11-04 11:37 - 2019-10-10 11:25 - 000000000 ____D C:\Users\Core 2 duo\Desktop\correos
2019-11-03 22:09 - 2018-12-07 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-11-03 20:21 - 2018-12-07 22:21 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\Program Files (x86)\Java
2019-10-27 15:10 - 2019-09-23 14:24 - 000000000 ____D C:\ProgramData\clp
2019-10-26 19:39 - 2019-06-30 14:37 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-20 16:13
==================== End of FRST.txt ========================

Tercer reporte,mis disculpas por ponerlo en 3 respuestas:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2019
Ran by Core 2 duo (23-11-2019 21:27:18)
Running from C:\Users\Core 2 duo\Desktop
Windows 10 Enterprise 2016 LTSB Version 1607 (X64) (2018-12-06 18:36:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-793460650-1082067395-1000565632-500 - Administrator - Disabled)
Core 2 duo (S-1-5-21-793460650-1082067395-1000565632-1001 - Administrator - Enabled) => C:\Users\Core 2 duo
DefaultAccount (S-1-5-21-793460650-1082067395-1000565632-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-793460650-1082067395-1000565632-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-793460650-1082067395-1000565632-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.1.2185 - Open Media LLC)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Reader XI (11.0.03) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1331, 20.12.2013 - AIMP DevTeam)
Ashampoo Burning Studio 15 v.15.0.0 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.0 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{9D00A8DA-650F-21C6-E787-78756733F15F}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
Baidu Antivirus (HKLM-x32\...\Baidu Antivirus) (Version: 5.4.3.147185 - Baidu, Inc.)
BitTorrent Web (HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\btweb) (Version: 1.0.0 - BitTorrent, Inc.)
ccc-core-static (HKLM-x32\...\{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}) (Version: 2010.0210.2339.42455 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CrystalDiskInfo 6.0.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.0 - Crystal Dew World)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
Estudio para la mejora del producto HP ENVY 4500 series (HKLM\...\{7AB1C3CE-613B-4078-8FDA-DE70E8A917E7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
HP ENVY 4500 series Ayuda (HKLM-x32\...\{083DCC02-5EB2-48B0-8BFF-F2D367F5AFB7}) (Version: 30.0.0 - Hewlett Packard)
HP ENVY 4500 series Software básico del dispositivo (HKLM\...\{F1F56388-1766-41E4-BFBE-F23671D56574}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{B7EC0338-EAE9-ABEA-D202-95025E66CC8C}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Kodi (HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\Kodi) (Version:  - XBMC Foundation)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Plex Media Server (HKLM-x32\...\{656F5C13-45EE-4E5E-BD8D-4707CD70D1CE}) (Version: 1.16.1291 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{6da84f4d-438a-4113-8155-ca857e3c5379}) (Version: 1.16.1.1291 - Plex, Inc.)
Python 3.7.1 (64-bit) (HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation)
Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8437 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Skins (HKLM-x32\...\{B04D5DA5-11DA-830C-85C6-0FF9185787E7}) (Version: 2010.0210.2339.42455 - ATI) Hidden
Stopping Plex (HKLM-x32\...\{85724C87-8FC8-4791-BDAD-BFB2FF7CE24F}) (Version: 1.16.1291 - Plex, Inc.) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer 12_is1) (Version: 12.0.71503 - TeamViewer)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Win Updates Disabler v1.4 (HKLM\...\Win Updates Disabler_is1) (Version: 1.4.0.0 - site2unblock.com)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-793460650-1082067395-1000565632-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Core 2 duo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-793460650-1082067395-1000565632-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Core 2 duo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellServiceObjects: No Name -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => 
ShellServiceObjects: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellServiceObjects-x32: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2018-12-07] (AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2018-12-07] (AIMP DevTeam) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavShx64.dll [2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-06-10] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-06-10] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Online Help.lnk -> hxxp://www.virtualdj.com/support
Shortcut: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) =============

2018-12-06 22:08 - 2018-12-06 22:08 - 000013312 _____ ( ) [File not signed] C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007168 _____ ( ) [File not signed] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2009-11-24 13:36 - 2009-11-24 13:36 - 000016384 ____R () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2008-11-25 10:19 - 2008-11-25 10:19 - 001193472 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\wbocx.ocx
2018-12-07 22:17 - 2007-09-02 13:57 - 000069632 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000014848 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2011-11-09 22:06 - 2011-11-09 22:06 - 002508800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll
2011-11-09 22:06 - 2011-11-09 22:06 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000208896 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000438272 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000675840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000692224 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000798720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000589824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000712704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001728512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000126976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000192512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000225280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000204800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000258048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000811008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000405504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000286720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001036288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000491520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000544768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
2010-02-10 23:34 - 2010-02-10 23:34 - 000871936 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2010-02-10 23:33 - 2010-02-10 23:33 - 000003584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamesp.dll
2007-10-29 14:56 - 2007-10-29 14:56 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2008-01-18 11:35 - 2008-01-18 11:35 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2008-05-15 14:51 - 2008-05-15 14:51 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000450560 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001142784 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000405504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000503808 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000139264 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2018-12-07 22:26 - 2018-12-07 22:26 - 000590848 _____ (AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2018-12-06 19:35 - 2017-12-07 23:23 - 000608256 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2018-12-06 19:35 - 2012-05-19 05:16 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000327680 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\container.dll
2016-07-16 12:42 - 2017-11-29 00:21 - 000092160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UXINIT.dll
2016-07-16 12:42 - 2017-11-29 00:21 - 000587264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UxTheme.dll
2006-08-12 16:05 - 2006-08-12 16:05 - 000126976 _____ (Stardock Corporation) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\dshelp64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Welcome.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SWPROguard"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FF61B4C7-DCCF-482B-AC6A-E5E787AEFADB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B162256A-C6C6-4DA3-BF43-FA8757A08CCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{53A03DA4-2EC1-4771-A37A-094D6E410309}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B235F1EA-E81F-4B42-A970-F9D954F67BC0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4106B087-1408-4D01-916D-FFBFE54C0898}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98D7CEF8-69F2-4B00-81AD-717A3DBB4C79}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{46596770-023A-4FCA-B65B-92278D82A313}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{35E11152-87FD-41B9-9B34-AA47A1865E62}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{6E3C4DBD-F4A9-4CE9-A2A9-DD1CFFF46398}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{3EDC74FF-E2BE-4183-8EE7-89CE51479879}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> )
FirewallRules: [TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [TCP Query User{AC914367-E903-4F66-90B8-B8A001C90BA3}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{724BFB86-D316-4E67-BEED-2656D4DBC1A6}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [{63B1AA13-27BF-4EBB-8D4A-DF7E7B30E4F0}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{29F4B4F0-6822-4D9F-80B6-F0850BD1AE23}] => (Allow) LPort=5357
FirewallRules: [{753E1327-3F96-47AA-B6A8-800B876B1F97}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{CBAA0F4A-75A0-447F-BADA-C656ADC90376}C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.elementum\bin\windows_x64\elementum.exe] => (Allow) C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.elementum\bin\windows_x64\elementum.exe () [File not signed]
FirewallRules: [UDP Query User{1E4F7C77-DF99-4A5B-BB2D-3D73004D4769}C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.elementum\bin\windows_x64\elementum.exe] => (Allow) C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.elementum\bin\windows_x64\elementum.exe () [File not signed]
FirewallRules: [TCP Query User{2D21A3C7-45AB-414F-9F98-97AB953E5D9B}C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe] => (Allow) C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe () [File not signed]
FirewallRules: [UDP Query User{B018635F-8222-45F3-AE5B-EC960A58B3BE}C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe] => (Allow) C:\users\core 2 duo\appdata\roaming\kodi\userdata\addon_data\plugin.video.quasar\bin\windows_x64\quasar.exe () [File not signed]
FirewallRules: [TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File
FirewallRules: [UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File
FirewallRules: [TCP Query User{1C3F32D0-A478-4A46-80DC-2EBA10E86F78}C:\users\core 2 duo\appdata\roaming\kodi\addons\script.module.torrent2http\bin\windows_x86\torrent2http.exe] => (Allow) C:\users\core 2 duo\appdata\roaming\kodi\addons\script.module.torrent2http\bin\windows_x86\torrent2http.exe () [File not signed]
FirewallRules: [UDP Query User{477C6627-C4BD-43AE-89E6-D9077B0E4ACF}C:\users\core 2 duo\appdata\roaming\kodi\addons\script.module.torrent2http\bin\windows_x86\torrent2http.exe] => (Allow) C:\users\core 2 duo\appdata\roaming\kodi\addons\script.module.torrent2http\bin\windows_x86\torrent2http.exe () [File not signed]
FirewallRules: [{E1377D71-D242-446D-8912-A5F651985099}] => (Allow) LPort=1688

==================== Restore Points =========================

23-11-2019 21:16:27 ZHPcleaner

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/23/2019 09:16:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/22/2019 04:47:51 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x80070422).

Error: (11/21/2019 10:37:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Service_KMS.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.IOException
   en System.IO.__Error.WinIOError(Int32, System.String)
   en System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)
   en System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)
   en System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)
   en System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)
   en System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding)
   en System.IO.File.InternalAppendAllText(System.String, System.String, System.Text.Encoding)
   en Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()

Error: (11/20/2019 03:45:11 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x80070422).

Error: (11/18/2019 07:28:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x80070422).

Error: (11/15/2019 02:58:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: Service_KMS.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IndexOutOfRangeException
   en System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Add(System.__Canon)
   en Service_KMS.Logging.FileLogger.ᜀ(System.String ByRef)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   en System.Threading.ThreadHelper.ThreadStart()

Error: (11/13/2019 09:00:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x80070422).

Error: (11/11/2019 07:06:30 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Windows\system32\srtasks.exe ExecuteScheduledSPPCreation; descripción = Punto de control programado; error = 0x80070422).


System errors:
=============
Error: (11/23/2019 09:20:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Service KMSELDI no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/23/2019 09:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Baidu Antivirus Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/23/2019 09:03:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Plex Update Service terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 10000 milisegundos: Reiniciar el servicio.

Error: (11/23/2019 09:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Acrobat Update Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/23/2019 09:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Baidu Hips Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/23/2019 09:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Service KMSELDI se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/23/2019 09:03:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Ati External Event Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/22/2019 04:23:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Baidu Antivirus Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0304 03/14/2008
Motherboard: ASUSTeK Computer INC. P5K SE/EPU
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 32%
Total physical RAM: 4095.11 MB
Available physical RAM: 2749.78 MB
Total Virtual: 4799.11 MB
Available Virtual: 3432.38 MB

==================== Drives ================================

Drive c: (Nuevo vol) (Fixed) (Total:928.72 GB) (Free:898.02 GB) NTFS

\\?\Volume{f9aed71f-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:2.8 GB) (Free:2.75 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F9AED71F)
Partition 1: (Active) - (Size=2.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=928.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Hola @Duq_Plex

Mientras analizo los reportes, dime tu versión de Windows 10 esta bastante antigua, y puede ser parte del problema, tienes un Enterprise con licencia original?

Es un ordenador de Empresa/Trabajo o es un PC personal.?

Nos comentas.

Salu2

Hola me lo vendieron ya con el 10 y según creo no es licencia original, el ordenador es personal. Un saludo

Hola @Duq_Plex

Si es una notebook, revisa si en la parte inferior no tiene una estampilla de licencia de Microsoft que te diga con que Sistema Operativo vino de fabrica.

O si es un PC de escritorio puede estar en la torre.

Dinos marca y modelo del equipo.

Salu2

Hola pues mi ordenador es de torre pero no tiene marca ya que me lo montó un amigo y le instaló el windows 10.

Hola @Duq_Plex

El problema de lentitud de tu ordenador no se debe a Malwares.

Si veo varios problemas que pueden ser el causante:

  • Tienes una versión de Windows 10 obsoleta que quedo antigua y ya no tiene Soporte y al no actualizar te expones a todos los agujeros de seguridad de la red.

Tu versión es:

  • Windows 10 Enterprise 2016 LTSB Version 1607

Te dejo algo de información:

https://support.microsoft.com/es-ar/help/4503267/windows-10-update-kb4503267

  • Para la versión de Windows que tienes (Enterprise), tu Ram (4 gb) es algo limitada.
  • Incluso tu Procesador salió al mercado en el año 2008.

Con ese equipo te iría mejor una versión de Windows 10 Home , y al que puedas descargarle todas las actualizaciones.


Realiza lo siguiente para ver si mejora:

1.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • Baidu Antivirus

Manual de Revo Uninstaller.

2.- Luego de reiniciar sigue estos pasos:

Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

3.- Desactiva Temporalmente tu antivirus. En tu caso al desinstalar Baidu es probable que se active Windows Defender.

4.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\MountPoints2: {86037486-6e9f-11e9-b27e-806e6f6e6963} - "D:\weasis-win32.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/#spf=1573212087549
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-793460650-1082067395-1000565632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
S3 BdSandbox; \??\C:\Windows\System32\drivers\BdSandbox.sys [X]
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
ShellServiceObjects: No Name -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => 
ShellServiceObjects: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellServiceObjects-x32: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
FirewallRules: [TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File
FirewallRules: [UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Aquí te adjunto el log, espero haberlo hecho bien,por cierto no se me activó el windows defender por lo que estoy sin antivirus. pd: He instalado desde vuestra pagina el Bitdefender (por tener de momento antivirus)

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Core 2 duo (26-11-2019 19:41:30) Run:1
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\MountPoints2: {86037486-6e9f-11e9-b27e-806e6f6e6963} - "D:\weasis-win32.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/#spf=1573212087549
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-793460650-1082067395-1000565632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
S3 BdSandbox; \??\C:\Windows\System32\drivers\BdSandbox.sys [X]
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
ShellServiceObjects: No Name -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => 
ShellServiceObjects: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellServiceObjects-x32: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
FirewallRules: [TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File
FirewallRules: [UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86037486-6e9f-11e9-b27e-806e6f6e6963} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
Service KMSELDI => service not found.
HKLM\System\CurrentControlSet\Services\BdSandbox => removed successfully
BdSandbox => service removed successfully
HKLM\System\CurrentControlSet\Services\dcpsvc => removed successfully
dcpsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\DiagTrack => removed successfully
DiagTrack => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac}" => removed successfully
HKLM\Software\Classes\CLSID\{872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5} => removed successfully
HKLM\Software\Classes\CLSID\{900c0763-5cad-4a34-bc1f-40cd513679d5} => not found
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5} => removed successfully
HKLM\Software\WOW6432Node\Classes\CLSID\{900c0763-5cad-4a34-bc1f-40cd513679d5} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2d2e:331e:4524:4241%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.38
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{A327B524-86ED-4B15-916E-5DE61F12FF61}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2851:782c:8ca:415:a7ee:160e
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8ca:415:a7ee:160e%16
   Puerta de enlace predeterminada . . . . . : ::

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40822825 B
Java, Flash, Steam htmlcache => 1158 B
Windows/system/drivers => 46509 B
Edge => 0 B
Chrome => 0 B
Firefox => 441356367 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
defaultuser0 => 384 B
Core 2 duo => 11330321 B

RecycleBin => 4119604149 B
EmptyTemp: => 4.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:42:28 ====

Por cierto instalé el bitdefender por no quedarme sin antivirus y lo tuve que quitar por que me ralentizaba mucho la velocidad, he instalado avast y va algo mejor pero aún asi algo me ralentiza, ya me dirás que hacer tambien al respecto. un saludo

Hola @Duq_Plex

NO tenias que instalar ningún antivirus, ni ningún programa, con solo cuidar donde navegas o no descargar nada no te pasará ningún problema.

Desinstala Avast con su herramienta especifica de desinstalacion.

Vuelve a ejecutar FRT como la primera vez que lo hiciste y nos pegas los dos reportes, los necesitamos nuevamente para eliminar los restos.

Salu2

Adjunto log en 2 partes:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Core 2 duo (27-11-2019 18:57:40)
Running from C:\Users\Core 2 duo\Desktop
Windows 10 Enterprise 2016 LTSB Version 1607 (X64) (2018-12-06 18:36:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-793460650-1082067395-1000565632-500 - Administrator - Disabled)
Core 2 duo (S-1-5-21-793460650-1082067395-1000565632-1001 - Administrator - Enabled) => C:\Users\Core 2 duo
DefaultAccount (S-1-5-21-793460650-1082067395-1000565632-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-793460650-1082067395-1000565632-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-793460650-1082067395-1000565632-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.1.2185 - Open Media LLC)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Reader XI (11.0.03) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1331, 20.12.2013 - AIMP DevTeam)
Ashampoo Burning Studio 15 v.15.0.0 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.0 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{9D00A8DA-650F-21C6-E787-78756733F15F}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
ccc-core-static (HKLM-x32\...\{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}) (Version: 2010.0210.2339.42455 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CrystalDiskInfo 6.0.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.0 - Crystal Dew World)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Estudio para la mejora del producto HP ENVY 4500 series (HKLM\...\{7AB1C3CE-613B-4078-8FDA-DE70E8A917E7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
HP ENVY 4500 series Ayuda (HKLM-x32\...\{083DCC02-5EB2-48B0-8BFF-F2D367F5AFB7}) (Version: 30.0.0 - Hewlett Packard)
HP ENVY 4500 series Software básico del dispositivo (HKLM\...\{F1F56388-1766-41E4-BFBE-F23671D56574}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{B7EC0338-EAE9-ABEA-D202-95025E66CC8C}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Plex Media Server (HKLM-x32\...\{656F5C13-45EE-4E5E-BD8D-4707CD70D1CE}) (Version: 1.16.1291 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{6da84f4d-438a-4113-8155-ca857e3c5379}) (Version: 1.16.1.1291 - Plex, Inc.)
Python 3.7.1 (64-bit) (HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation)
Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8437 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Skins (HKLM-x32\...\{B04D5DA5-11DA-830C-85C6-0FF9185787E7}) (Version: 2010.0210.2339.42455 - ATI) Hidden
Stopping Plex (HKLM-x32\...\{85724C87-8FC8-4791-BDAD-BFB2FF7CE24F}) (Version: 1.16.1291 - Plex, Inc.) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer 12_is1) (Version: 12.0.71503 - TeamViewer)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Win Updates Disabler v1.4 (HKLM\...\Win Updates Disabler_is1) (Version: 1.4.0.0 - site2unblock.com)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-793460650-1082067395-1000565632-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Core 2 duo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-793460650-1082067395-1000565632-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Core 2 duo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2018-12-07] (AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2018-12-07] (AIMP DevTeam) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Online Help.lnk -> hxxp://www.virtualdj.com/support
Shortcut: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) =============

2018-12-06 22:08 - 2018-12-06 22:08 - 000013312 _____ ( ) [File not signed] C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007168 _____ ( ) [File not signed] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2009-11-24 13:36 - 2009-11-24 13:36 - 000016384 ____R () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2008-11-25 10:19 - 2008-11-25 10:19 - 001193472 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\wbocx.ocx
2018-12-07 22:17 - 2007-09-02 13:57 - 000069632 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000014848 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2011-11-09 22:06 - 2011-11-09 22:06 - 002508800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll
2011-11-09 22:06 - 2011-11-09 22:06 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000208896 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000438272 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000675840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000692224 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000798720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000589824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000712704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001728512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000126976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000192512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000225280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000204800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000258048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000811008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000405504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000286720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001036288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000491520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000544768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
2007-10-29 14:56 - 2007-10-29 14:56 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2008-01-18 11:35 - 2008-01-18 11:35 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2008-05-15 14:51 - 2008-05-15 14:51 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000450560 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001142784 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000405504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000503808 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000139264 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2018-12-07 22:26 - 2018-12-07 22:26 - 000590848 _____ (AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2018-12-06 19:35 - 2017-12-07 23:23 - 000608256 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000327680 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\container.dll
2016-07-16 12:42 - 2017-11-29 00:21 - 000092160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UXINIT.dll
2016-07-16 12:42 - 2017-11-29 00:21 - 000587264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UxTheme.dll
2006-08-12 16:05 - 2006-08-12 16:05 - 000126976 _____ (Stardock Corporation) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\dshelp64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-26 19:42 - 2019-11-26 19:42 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Welcome.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SWPROguard"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-11-2019 21:16:27 ZHPcleaner
26-11-2019 19:27:33 Revo Uninstaller's restore point - Baidu Antivirus
26-11-2019 19:30:16 Revo Uninstaller's restore point - eMule
26-11-2019 19:31:09 Revo Uninstaller's restore point - Malwarebytes version 4.0.4.49

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/26/2019 07:41:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (11/26/2019 07:41:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/26/2019 07:41:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {da060c45-0377-48c6-9eb4-4acd9ade17de}

Error: (11/26/2019 07:31:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/26/2019 07:31:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary (Bnmon).

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (11/26/2019 07:30:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/26/2019 07:30:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary (Bnmon).

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (11/26/2019 07:27:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.


System errors:
=============
Error: (11/27/2019 06:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BavSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:53:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AvastWscReporter no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:47:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:47:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BavSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 08:55:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BavSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 08:55:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/26/2019 09:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0304 03/14/2008
Motherboard: ASUSTeK Computer INC. P5K SE/EPU
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 37%
Total physical RAM: 4095.11 MB
Available physical RAM: 2557.44 MB
Total Virtual: 4799.11 MB
Available Virtual: 3247.01 MB

==================== Drives ================================

Drive c: (Nuevo vol) (Fixed) (Total:928.72 GB) (Free:898.01 GB) NTFS

\\?\Volume{f9aed71f-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:2.8 GB) (Free:2.74 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F9AED71F)
Partition 1: (Active) - (Size=2.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=928.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

log 2:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{72d85931-d2c8-4899-a78a-7e0d319854c0}: [DhcpNameServer] 212.166.211.4 62.81.16.164
Tcpip\..\Interfaces\{a327b524-86ed-4b15-916e-5de61f12ff61}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bc6103c1-46b4-4381-8674-9cb3e4f607bc}: [DhcpNameServer] 212.166.211.4 62.81.16.164

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: azv8rvwh.default
FF ProfilePath: C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default [2019-11-27]
FF Homepage: Mozilla\Firefox\Profiles\azv8rvwh.default -> hxxp://www.google.es/
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-26]
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2120680 2019-06-28] (Plex, Inc -> Plex, Inc.)
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; C:\Windows\System32\drivers\l160x64.sys [65024 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2016-07-16] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\drivers\L1E62x64.sys [59904 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (Microsoft Windows -> MediaTek Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Microsoft Windows -> Realtek )
S3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2016-07-16] (Microsoft Windows -> Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 18:56 - 2019-11-27 18:57 - 000007767 _____ C:\Users\Core 2 duo\Desktop\FRST.txt
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-27 09:06 - 2019-11-27 09:06 - 002066743 _____ C:\Users\Core 2 duo\Downloads\joinPdf_58da73a2188a062702c0956c57e89d2f.pdf
2019-11-26 21:39 - 2019-11-26 21:39 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\CEF
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\Users\Core 2 duo\ntuser.pol
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-26 19:41 - 2019-11-27 18:56 - 000000000 ____D C:\FRST
2019-11-26 19:41 - 2019-11-26 19:42 - 000010454 _____ C:\Users\Core 2 duo\Desktop\Fixlog.txt
2019-11-26 19:40 - 2019-11-26 19:40 - 002262016 _____ (Farbar) C:\Users\Core 2 duo\Desktop\FRST64.exe
2019-11-26 19:36 - 2019-11-26 19:36 - 000000268 _____ C:\Users\Core 2 duo\Desktop\DelFix.txt
2019-11-26 19:35 - 2019-11-26 19:35 - 000797760 _____ C:\Users\Core 2 duo\Desktop\delfix.exe
2019-11-26 19:35 - 2019-11-26 19:35 - 000000268 _____ C:\DelFix.txt
2019-11-26 19:35 - 2019-11-26 19:35 - 000000000 ____D C:\Windows\ERUNT
2019-11-26 19:26 - 2019-11-26 19:26 - 000001100 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\Program Files\VS Revo Group
2019-11-26 19:24 - 2019-11-26 19:24 - 007411912 _____ (VS Revo Group ) C:\Users\Core 2 duo\Desktop\revosetup.exe
2019-11-25 12:32 - 2019-11-25 12:32 - 000006668 _____ C:\Users\Core 2 duo\Downloads\document.pdf
2019-11-23 21:06 - 2019-11-23 21:18 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\ZHP
2019-11-23 21:06 - 2019-11-23 21:06 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ZHP
2019-11-23 20:43 - 2019-11-23 20:43 - 000320874 _____ C:\Users\Core 2 duo\Documents\Scan0009.pdf
2019-11-23 20:43 - 2019-11-23 20:43 - 000137659 _____ C:\Users\Core 2 duo\Documents\Scan0010.pdf
2019-11-23 20:42 - 2019-11-23 20:42 - 000536877 _____ C:\Users\Core 2 duo\Documents\Scan0008.pdf
2019-11-23 20:41 - 2019-11-23 20:41 - 000410788 _____ C:\Users\Core 2 duo\Documents\Scan0007.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000346708 _____ C:\Users\Core 2 duo\Documents\Scan0005.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000315055 _____ C:\Users\Core 2 duo\Documents\Scan0006.pdf
2019-11-23 20:39 - 2019-11-23 20:39 - 000173321 _____ C:\Users\Core 2 duo\Documents\Scan0004.pdf
2019-11-23 20:37 - 2019-11-23 20:37 - 000482263 _____ C:\Users\Core 2 duo\Documents\Scan0003.pdf
2019-11-22 10:11 - 2019-11-22 10:12 - 000703513 _____ C:\Users\Core 2 duo\Documents\Scan0002.pdf
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\mbamtray
2019-11-21 20:40 - 2019-11-21 20:39 - 000020936 _____ (Malwarebytes) C:\Windows\ELAMBKUP
2019-11-21 11:04 - 2019-11-27 09:07 - 000000000 ____D C:\Users\Core 2 duo\Desktop\facturas luz
2019-11-21 10:38 - 2019-11-21 10:38 - 000441117 _____ C:\Users\Core 2 duo\Documents\Scan0001.pdf
2019-11-17 19:56 - 2019-11-17 19:56 - 000133163 _____ C:\Users\Core 2 duo\Desktop\vida laboral.pdf
2019-11-17 19:41 - 2019-11-17 19:41 - 000162105 _____ C:\Users\Core 2 duo\Desktop\justificante.pdf
2019-11-06 15:19 - 2019-11-13 15:37 - 000004586 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-06 15:19 - 2019-11-13 15:37 - 000004388 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-06 15:19 - 2019-11-13 15:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-06 15:19 - 2019-11-06 15:19 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Macromedia
2019-11-03 21:08 - 2019-11-03 21:08 - 000000299 _____ C:\Users\Core 2 duo\Documents\Presupuesto Almussafes.txt
2019-10-31 16:13 - 2019-10-31 16:13 - 000000246 _____ C:\Users\Core 2 duo\Desktop\Prime Video.URL
2019-10-30 19:32 - 2019-10-30 19:31 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-10-28 20:47 - 2019-10-31 20:20 - 000000000 ____D C:\Torrents

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 18:55 - 2019-07-03 20:50 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Mozilla
2019-11-27 18:53 - 2018-12-06 16:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-27 18:52 - 2018-12-06 19:42 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ClassicShell
2019-11-27 08:59 - 2018-12-06 16:08 - 006775028 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-27 08:59 - 2016-07-16 23:39 - 003301242 _____ C:\Windows\system32\perfh00A.dat
2019-11-27 08:59 - 2016-07-16 23:39 - 000941780 _____ C:\Windows\system32\perfc00A.dat
2019-11-27 08:54 - 2018-12-06 21:08 - 000000000 ____D C:\Program Files\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:32 - 2018-12-07 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-11-26 21:17 - 2018-12-06 16:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-26 20:45 - 2019-06-28 19:20 - 000005338 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH
2019-11-26 20:02 - 2018-12-07 22:46 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\MPC-HC
2019-11-26 20:02 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2019-11-26 19:43 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo
2019-11-26 19:42 - 2019-10-15 09:33 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Temp
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-11-26 13:11 - 2018-12-07 22:29 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Microsoft Help
2019-11-25 20:05 - 2019-10-05 14:44 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Kodi
2019-11-25 15:06 - 2019-09-25 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-22 10:06 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Packages
2019-11-21 20:40 - 2019-06-30 15:49 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\cache
2019-11-21 12:09 - 2016-07-16 07:04 - 000008192 _____ C:\Windows\system32\config\BBI
2019-11-19 09:49 - 2019-10-19 08:20 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Ofimatica Pdf
2019-11-13 15:36 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-06 15:19 - 2018-12-07 22:47 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Adobe
2019-11-04 11:37 - 2019-10-10 11:25 - 000000000 ____D C:\Users\Core 2 duo\Desktop\correos
2019-11-03 20:21 - 2018-12-07 22:21 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\Program Files (x86)\Java

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-20 16:13
==================== End of FRST.txt ========================

Hola @Duq_Plex

El informe de Addition entró completo, pero el reporte de Frst te falto la primera parte antes de:

==================== Internet (Whitelisted) ====================

La necesito para continuar.

Salu2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by Core 2 duo (administrator) on DESKTOP-62I3FUH (28-11-2019 18:37:26)
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Platform: Windows 10 Enterprise 2016 LTSB Version 1607 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ATI Technologies, Inc -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies, Inc -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Baidu Antivirus] => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe" -auto
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24869352 2019-06-28] (Plex, Inc -> Plex, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Welcome.lnk [2017-11-09]
ShortcutTarget: Welcome.lnk -> C:\Welcome\Welcome.exe () [File not signed]
Startup: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar662.lnk [2019-11-28]
ShortcutTarget: Sidebar662.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
Startup: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP ENVY 4500 series.lnk [2019-11-28]
ShortcutAndArgument: Supervisar alertas de tinta - HP ENVY 4500 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP ENVY 4500 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN53H221HJ060F;CONNECTION=USB;MONITOR=1;
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01795000-5B9E-4D32-A575-159B4938508A} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {0F9B572B-F328-407E-9BB1-BB723B05012E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {1E89733F-A4C0-47B9-83B4-8487BA5C6D55} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4F65979C-3296-41F0-8163-FA972A47A276} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {676E0A73-BC47-4DE0-B9D4-85118816C2D5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B22DFE2-D005-4200-A225-C05BB5CB6FEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {81F8D840-9F75-4885-9880-AA638DB0D8BF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe)
Task: {8A22C4BA-0816-4DF4-B67E-57E2B348A200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EB524607-9629-441C-A41E-D4F9B5262537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe)
Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {FABCE7CC-AE7E-418D-AC78-12EB16028359} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{72d85931-d2c8-4899-a78a-7e0d319854c0}: [DhcpNameServer] 212.166.211.4 62.81.16.164
Tcpip\..\Interfaces\{a327b524-86ed-4b15-916e-5de61f12ff61}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bc6103c1-46b4-4381-8674-9cb3e4f607bc}: [DhcpNameServer] 212.166.211.4 62.81.16.164

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: azv8rvwh.default
FF ProfilePath: C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default [2019-11-28]
FF Homepage: Mozilla\Firefox\Profiles\azv8rvwh.default -> hxxp://www.google.es/
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2120680 2019-06-28] (Plex, Inc -> Plex, Inc.)
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; C:\Windows\System32\drivers\l160x64.sys [65024 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2016-07-16] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\drivers\L1E62x64.sys [59904 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (Microsoft Windows -> MediaTek Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Microsoft Windows -> Realtek )
S3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2016-07-16] (Microsoft Windows -> Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 19:02 - 2019-11-27 19:03 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Documentos Manoli
2019-11-27 18:57 - 2019-11-27 18:59 - 000052821 _____ C:\Users\Core 2 duo\Desktop\Addition.txt
2019-11-27 18:56 - 2019-11-28 18:38 - 000016887 _____ C:\Users\Core 2 duo\Desktop\FRST.txt
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-27 09:06 - 2019-11-27 09:06 - 002066743 _____ C:\Users\Core 2 duo\Downloads\joinPdf_58da73a2188a062702c0956c57e89d2f.pdf
2019-11-26 21:39 - 2019-11-26 21:39 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\CEF
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\Users\Core 2 duo\ntuser.pol
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-26 19:41 - 2019-11-28 18:38 - 000000000 ____D C:\FRST
2019-11-26 19:40 - 2019-11-26 19:40 - 002262016 _____ (Farbar) C:\Users\Core 2 duo\Desktop\FRST64.exe
2019-11-26 19:35 - 2019-11-26 19:35 - 000797760 _____ C:\Users\Core 2 duo\Desktop\delfix.exe
2019-11-26 19:35 - 2019-11-26 19:35 - 000000268 _____ C:\DelFix.txt
2019-11-26 19:35 - 2019-11-26 19:35 - 000000000 ____D C:\Windows\ERUNT
2019-11-26 19:26 - 2019-11-26 19:26 - 000001100 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\Program Files\VS Revo Group
2019-11-26 19:24 - 2019-11-26 19:24 - 007411912 _____ (VS Revo Group ) C:\Users\Core 2 duo\Desktop\revosetup.exe
2019-11-25 12:32 - 2019-11-25 12:32 - 000006668 _____ C:\Users\Core 2 duo\Downloads\document.pdf
2019-11-23 21:06 - 2019-11-23 21:18 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\ZHP
2019-11-23 21:06 - 2019-11-23 21:06 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ZHP
2019-11-23 20:43 - 2019-11-23 20:43 - 000320874 _____ C:\Users\Core 2 duo\Documents\Scan0009.pdf
2019-11-23 20:43 - 2019-11-23 20:43 - 000137659 _____ C:\Users\Core 2 duo\Documents\Scan0010.pdf
2019-11-23 20:42 - 2019-11-23 20:42 - 000536877 _____ C:\Users\Core 2 duo\Documents\Scan0008.pdf
2019-11-23 20:41 - 2019-11-23 20:41 - 000410788 _____ C:\Users\Core 2 duo\Documents\Scan0007.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000346708 _____ C:\Users\Core 2 duo\Documents\Scan0005.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000315055 _____ C:\Users\Core 2 duo\Documents\Scan0006.pdf
2019-11-23 20:39 - 2019-11-23 20:39 - 000173321 _____ C:\Users\Core 2 duo\Documents\Scan0004.pdf
2019-11-23 20:37 - 2019-11-23 20:37 - 000482263 _____ C:\Users\Core 2 duo\Documents\Scan0003.pdf
2019-11-22 10:11 - 2019-11-22 10:12 - 000703513 _____ C:\Users\Core 2 duo\Documents\Scan0002.pdf
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\mbamtray
2019-11-21 20:40 - 2019-11-21 20:39 - 000020936 _____ (Malwarebytes) C:\Windows\ELAMBKUP
2019-11-21 10:38 - 2019-11-21 10:38 - 000441117 _____ C:\Users\Core 2 duo\Documents\Scan0001.pdf
2019-11-06 15:19 - 2019-11-13 15:37 - 000004586 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-06 15:19 - 2019-11-13 15:37 - 000004388 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-06 15:19 - 2019-11-13 15:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-06 15:19 - 2019-11-06 15:19 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Macromedia
2019-11-03 21:08 - 2019-11-03 21:08 - 000000299 _____ C:\Users\Core 2 duo\Documents\Presupuesto Almussafes.txt
2019-10-31 16:13 - 2019-10-31 16:13 - 000000246 _____ C:\Users\Core 2 duo\Desktop\Prime Video.URL
2019-10-30 19:32 - 2019-10-30 19:31 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-28 18:33 - 2019-07-03 20:50 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Mozilla
2019-11-28 18:33 - 2018-12-06 16:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-28 18:27 - 2019-06-28 19:20 - 000005338 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH
2019-11-28 18:18 - 2018-12-06 16:08 - 006833880 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-28 18:18 - 2016-07-16 23:39 - 003332618 _____ C:\Windows\system32\perfh00A.dat
2019-11-28 18:18 - 2016-07-16 23:39 - 000951288 _____ C:\Windows\system32\perfc00A.dat
2019-11-28 18:13 - 2018-12-06 16:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-27 21:04 - 2018-12-06 19:42 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ClassicShell
2019-11-27 20:57 - 2019-10-05 14:44 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Kodi
2019-11-27 08:54 - 2018-12-06 21:08 - 000000000 ____D C:\Program Files\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:32 - 2018-12-07 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-11-26 20:02 - 2018-12-07 22:46 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\MPC-HC
2019-11-26 20:02 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2019-11-26 19:43 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo
2019-11-26 19:42 - 2019-10-15 09:33 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Temp
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-11-26 13:11 - 2018-12-07 22:29 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Microsoft Help
2019-11-25 15:06 - 2019-09-25 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-22 10:06 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Packages
2019-11-21 20:40 - 2019-06-30 15:49 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\cache
2019-11-21 12:09 - 2016-07-16 07:04 - 000008192 _____ C:\Windows\system32\config\BBI
2019-11-19 09:49 - 2019-10-19 08:20 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Ofimatica Pdf
2019-11-13 15:36 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-06 15:19 - 2018-12-07 22:47 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Adobe
2019-11-04 11:37 - 2019-10-10 11:25 - 000000000 ____D C:\Users\Core 2 duo\Desktop\correos
2019-11-03 20:21 - 2018-12-07 22:21 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-31 20:20 - 2019-10-28 20:47 - 000000000 ____D C:\Torrents
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\Program Files (x86)\Java

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-20 16:13
==================== End of FRST.txt ========================

Hola @Duq_Plex

Aun tienes muchos restos de todos los AV, especialmente de Baidu.

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus. en tu caso Windows Defender

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Baidu Antivirus] => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe" -auto
C:\Program Files (x86)\Baidu Security
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
C:\ProgramData\Baidu Security
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Recuerda que estarás sin AV, no instales ni descargues nada que no te diga.

Por tu seguridad instala Malwarebytes Browser Guard en tus navegadores.

Nos comentas .

Salu2.

Hola aquí te adjunto el log

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Core 2 duo (29-11-2019 20:53:10) Run:2
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Baidu Antivirus] => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe" -auto
C:\Program Files (x86)\Baidu Security
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
C:\ProgramData\Baidu Security
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Baidu Antivirus" => removed successfully
C:\Program Files (x86)\Baidu Security => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\SettingsPageVisibility" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BCDB4BD-7AD3-4E67-85C0-61F100D7718D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BCDB4BD-7AD3-4E67-85C0-61F100D7718D}" => removed successfully
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => removed successfully
C:\ProgramData\Baidu Security => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD05758A-94CC-47DE-8247-A4FA9B2908C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD05758A-94CC-47DE-8247-A4FA9B2908C4}" => removed successfully
C:\Windows\System32\Tasks\DriverEasy Scheduled Scan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverEasy Scheduled Scan" => removed successfully
C:\Windows\Tasks\DriverEasy Scheduled Scan.job => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] => moved successfully
"FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)" => not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
HKLM\System\CurrentControlSet\Services\BavSvc => removed successfully
BavSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\BHipsSvc => removed successfully
BHipsSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\bdark64 => removed successfully
bdark64 => service removed successfully
Bfilter => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bfilter => removed successfully
Bfilter => service removed successfully
Bfmon => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bfmon => removed successfully
Bfmon => service removed successfully
Bnbase => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bnbase => removed successfully
Bnbase => service removed successfully
Bndef => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bndef => removed successfully
Bndef => service removed successfully
Bprotect => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bprotect => removed successfully
Bprotect => service removed successfully
C:\Users\Core 2 duo\Downloads\avastclear.exe => moved successfully
C:\Program Files\Common Files\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe => moved successfully
C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin => moved successfully
C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin => moved successfully
C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk => moved successfully
C:\ProgramData\Bitdefender => moved successfully
C:\ProgramData\agent.1574795055.bdinstall.v2.bin => moved successfully
C:\ProgramData\Bitdefender Agent => moved successfully
C:\Users\Core 2 duo\Downloads\bitdefender_online.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2d2e:331e:4524:4241%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.38
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{A327B524-86ED-4B15-916E-5DE61F12FF61}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2851:782c:8ca:415:a7ee:160e
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8ca:415:a7ee:160e%16
   Puerta de enlace predeterminada . . . . . : ::

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10666189 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6586 B
Edge => 0 B
Chrome => 0 B
Firefox => 137378825 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
defaultuser0 => 128 B
Core 2 duo => 42615181 B

RecycleBin => 0 B
EmptyTemp: => 181.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:54:36 ====

Hola @Duq_Plex

Perfecto…:+1:

Solo falto que comentes como sientes el equipo.


Sigue optimizando de la siguiente manera:

1.- Ejecuta CCleaner desde tu escritorio.

  • Siguiendo su manual lo ejecutas y utilizas las opciones Limpiador y Registro del mismo, tal como se explican en su Manual.

2.- Realiza un análisis completo del Disco Duro siguiendo la guía:

IMPORTANTE: Si el porcentaje de Avance parece pararse, NO Canceles el proceso. Déjalo continuar si es necesario durante 24 horas más. .

3.- Libera espacio en disco siguiendo los pasos de:

4. Desfragmenta el/los discos duros y particiones del PC, siguiendo los pasos de:

Nota:: Si tu disco es un SSD este paso no es necesario.

Luego de reiniciar, nos comentas como sigue el equipo.

Salu2.