hola @SanMar y gracias por la pronta respuesta, aquí los reportes :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019
Ran by GASTON (administrator) on JAHGZMN (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (27-08-2019 18:54:48)
Running from C:\Users\GASTON\Desktop
Loaded Profiles: GASTON (Available Profiles: defaultuser0 & GASTON)
Platform: Windows 10 Pro Version 1903 18362.295 (X64) Language: Español (México)
Default browser: "C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe" -- "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.107.15\MicrosoftEdgeUpdateCrashHandler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.107.15\MicrosoftEdgeUpdateCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Getstarted_7.11.22134.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola Mobility Inc. -> Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) [File not signed] C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
Failed to access process -> vmmem
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4053121906-3739663058-3097000640-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [152576 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\77.0.235.15\Installer\chrmstp.exe [2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F3B9B9-3F67-479D-A25A-20F5503526C1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112376 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {21820515-69BC-4BB0-A8F4-3272CBED4A3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2389F19F-9FEC-46E2-93AE-47430F806B92} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {27C3E0B4-E576-4FDF-A625-0EB2B991F24D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {31CEFF0F-66E5-4F58-A97D-46E6C031A249} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [25907200 2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B661A67-30C7-4CB6-ADC1-9EB768F785C5} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {4C723588-F71F-4000-B135-106FC4147A15} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4FAB73F3-DB87-4DDF-8410-1919966F48AF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {51E74509-7402-4758-B62D-CBFE862AF09C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112376 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B2FA3BC-CE16-4EDF-907D-A1A3D8DD0F6A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {86ED81C6-CBF1-4BD0-8A29-B54A1CE03C38} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {8BC3AF51-7740-4369-BDBE-75713733F469} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {94A31D7D-A4B4-435D-98EF-C4E6424784F3} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [272176 2014-10-30] (Motorola Mobility Inc. -> )
Task: {AC29AB62-BCAD-44E4-926F-816AB094CAEF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEED2A86-C249-4933-AF26-A6B96553017C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CreateExplorerShellUnelevatedTask" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Motorola Device Manager Initial Update" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Motorola Device Manager Update" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-4053121906-3739663058-3097000640-1001" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1522617166" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{61CFE85B-4B6A-4D81-85CE-A5B2FDF4379E}" /ENABLE
Task: {BE1C829B-2487-47DE-AC41-60810897F473} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {BF7D1070-A995-47FC-ACE6-D941881EB4B9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1432200 2019-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {C4AEB6AB-B05E-4062-8D5C-8C75F5ECA567} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C77B6296-51C4-4F30-BCDA-E29B7A7B4C77} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D4164BD0-7E30-43F5-811F-46707B37A0A0} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [158632 2019-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF09BED3-1200-4699-844A-D94C48757D14} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [158632 2019-08-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4F02FED-4C50-48E2-A683-6AE24C712DDC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 186.130.128.250 186.130.129.250
Tcpip\..\Interfaces\{f7b7cb9d-f6ec-4d29-aea7-8e0426dce701}: [DhcpNameServer] 186.130.128.250 186.130.129.250
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\GASTON\Downloads
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.17.0_neutral__d55gg7py3s0m0 [2019-08-25]
Edge Extension: (Traductor para Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-08-25]
FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4053121906-3739663058-3097000640-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4053121906-3739663058-3097000640-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-4053121906-3739663058-3097000640-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atiesrxx.exe [481656 2018-05-22] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082536 2019-04-16] (Microsoft Corporation -> Microsoft Corporation)
R2 CmService; C:\WINDOWS\System32\CmService.dll [818488 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [158632 2019-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [158632 2019-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1381176 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3388928 2019-07-26] (Microsoft Windows -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 MicrosoftEdgeBetaElevationService; C:\Program Files (x86)\Microsoft\Edge Beta\Application\77.0.235.15\elevation_service.exe [1107416 2019-08-26] (Microsoft Corporation -> Microsoft Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility Inc. -> Motorola Mobility LLC)
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5775208 2019-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3488784 2019-08-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-07-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmdag.sys [44682104 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0328911.inf_amd64_a81756cbffedb936\B328940\atikmpag.sys [552824 2018-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1409024 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2019-08-14] (Microsoft Windows -> Microsoft Corporation)
R3 VMSNPXYMP; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39736 2019-08-14] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-07-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-27 18:54 - 2019-08-27 18:56 - 000025043 _____ C:\Users\GASTON\Desktop\FRST.txt
2019-08-27 18:54 - 2019-08-27 18:54 - 000000000 ____D C:\FRST
2019-08-27 18:52 - 2019-08-27 18:52 - 001613312 _____ (Farbar) C:\Users\GASTON\Desktop\FRST64.exe
2019-08-27 18:49 - 2019-08-27 18:49 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\Macromedia
2019-08-27 17:32 - 2019-08-27 17:32 - 000000000 ____D C:\Users\GASTON\AppData\LocalLow\AMD
2019-08-27 17:30 - 2019-08-27 17:30 - 000003060 _____ C:\Users\GASTON\Desktop\ZHPCleaner (R).txt
2019-08-27 17:28 - 2019-08-27 17:27 - 000002924 _____ C:\Users\GASTON\Downloads\ZHPCleaner (S).txt
2019-08-27 17:27 - 2019-08-27 17:27 - 000002924 _____ C:\Users\GASTON\Desktop\ZHPCleaner (S).txt
2019-08-27 17:24 - 2019-08-27 17:14 - 000002326 _____ C:\Users\GASTON\Downloads\AdwCleaner[C00].txt
2019-08-27 17:23 - 2019-08-27 17:12 - 000000558 _____ C:\Users\GASTON\Downloads\JRT.txt
2019-08-27 17:23 - 2019-08-27 17:10 - 000001548 _____ C:\Users\GASTON\Downloads\mabam scan.txt
2019-08-27 17:18 - 2019-08-27 17:30 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\ZHP
2019-08-27 17:18 - 2019-08-27 17:18 - 000000876 _____ C:\Users\GASTON\Desktop\ZHPCleaner.lnk
2019-08-27 17:13 - 2019-08-27 17:14 - 000000000 ____D C:\AdwCleaner
2019-08-27 17:12 - 2019-08-27 17:12 - 000000558 _____ C:\Users\GASTON\Desktop\JRT.txt
2019-08-27 17:10 - 2019-08-27 17:10 - 000001548 _____ C:\Users\GASTON\Desktop\mabam scan.txt
2019-08-27 13:11 - 2019-08-27 17:27 - 000344150 _____ C:\WINDOWS\ntbtlog.txt
2019-08-27 13:11 - 2019-08-27 17:17 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-08-27 13:09 - 2019-08-27 13:09 - 003122048 _____ (Nicolas Coolman) C:\Users\GASTON\Desktop\ZHPCleaner.exe
2019-08-27 13:08 - 2019-08-27 13:08 - 000797760 _____ C:\Users\GASTON\Desktop\delfix.exe
2019-08-27 13:07 - 2019-08-27 13:07 - 007623880 _____ (Malwarebytes) C:\Users\GASTON\Desktop\adwcleaner_7.4.exe
2019-08-27 13:07 - 2019-08-27 13:07 - 001790024 _____ (Malwarebytes) C:\Users\GASTON\Desktop\JRT.exe
2019-08-25 23:12 - 2019-08-25 23:13 - 000000000 ____D C:\Users\GASTON\Desktop\edicion pes
2019-08-25 16:06 - 2019-08-26 17:54 - 000002359 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Beta.lnk
2019-08-25 16:05 - 2019-08-25 16:05 - 000003652 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2019-08-25 16:05 - 2019-08-25 16:05 - 000003528 _____ C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2019-08-23 17:52 - 2018-10-27 06:49 - 000000000 ____D C:\Users\GASTON\Downloads\SERIE-A by_AzMods
2019-08-15 19:35 - 2019-08-15 19:35 - 000000000 ____D C:\Users\GASTON\Downloads\BAKUP EDIT 15-8
2019-08-14 23:28 - 2019-08-14 23:28 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 018017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 008012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 007753728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 007008768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 005916160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 003488784 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.exe
2019-08-14 23:28 - 2019-08-14 23:28 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-08-14 23:28 - 2019-08-14 23:28 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 002398736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2019-08-14 23:28 - 2019-08-14 23:28 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 001715000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000676664 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmcompute.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000633344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000291848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationVdev.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nvspinfo.exe
2019-08-14 23:28 - 2019-08-14 23:28 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000093104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-14 23:28 - 2019-08-14 23:28 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-14 23:28 - 2019-08-14 23:28 - 000048440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxy.sys
2019-08-14 23:28 - 2019-08-14 23:28 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VmsProxyHNic.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 025901056 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 022625280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 017785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 009926672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 007890256 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 007277568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 007251808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 006518184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 006226864 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 006071432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 005941760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 005753944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 004562904 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 003724800 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 003698176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 003590672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 003550720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 002990096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 002798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-08-14 23:27 - 2019-08-14 23:27 - 002724352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 002449432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 002094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001954960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-14 23:27 - 2019-08-14 23:27 - 001717776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001647280 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001535288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001509936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 001505808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001458176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001428992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 001413328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001391416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-14 23:27 - 2019-08-14 23:27 - 001337872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001301008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 001262016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001259008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001213240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 001146880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001072144 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 001056704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 001037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000889664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000876560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000830976 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000829776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 000821904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000804880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000796088 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000782120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 000752792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000672944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000524216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000481592 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-14 23:27 - 2019-08-14 23:27 - 000477712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-08-14 23:27 - 2019-08-14 23:27 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000441360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000316432 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000300176 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000283152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000210448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000210400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000202256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000170920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000166200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpcivsp.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2019-08-14 23:27 - 2019-08-14 23:27 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-14 23:27 - 2019-08-14 23:27 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000089328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpapi.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2019-08-14 23:27 - 2019-08-14 23:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-08-14 23:27 - 2019-08-14 23:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-07-30 16:36 - 2019-07-30 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-30 16:36 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-30 16:36 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-30 16:05 - 2019-07-30 16:05 - 000000000 ____D C:\Program Files (x86)\LucasArts
2019-07-29 22:58 - 2019-07-30 19:52 - 000000924 _____ C:\cmdlog.txt
2019-07-29 22:58 - 2019-07-29 22:58 - 000000000 ____D C:\Users\GASTON\Documents\LucasArts
2019-07-29 22:58 - 2019-07-29 22:58 - 000000000 ____D C:\Users\GASTON\AppData\Local\LucasArts
2019-07-29 22:56 - 2019-07-30 16:53 - 000001665 _____ C:\Users\GASTON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SWTFU2.lnk
2019-07-29 20:13 - 2019-07-30 15:17 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\qBittorrent
2019-07-29 20:13 - 2019-07-29 20:13 - 000000000 ____D C:\Users\GASTON\AppData\Local\qBittorrent
2019-07-29 20:13 - 2019-07-29 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-07-29 20:13 - 2019-07-29 20:13 - 000000000 ____D C:\Program Files\qBittorrent
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-08-27 18:52 - 2019-07-23 19:42 - 000004222 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CFE85B-4B6A-4D81-85CE-A5B2FDF4379E}
2019-08-27 18:47 - 2019-07-23 19:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-08-27 17:39 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-27 17:31 - 2019-07-23 20:02 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2019-08-27 17:31 - 2019-07-23 19:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-27 17:31 - 2017-01-03 05:07 - 000000000 ____D C:\Temp
2019-08-27 17:30 - 2019-03-19 01:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-08-27 17:16 - 2017-05-10 16:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-08-27 13:06 - 2017-03-23 18:42 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\AIMP
2019-08-27 12:59 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2019-08-27 12:41 - 2017-05-20 15:28 - 000000000 ____D C:\Users\GASTON\Documents\comprobantes de pago
2019-08-27 00:07 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-27 00:07 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-26 21:44 - 2016-11-09 13:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-08-25 09:23 - 2017-11-09 18:45 - 000000000 ____D C:\Users\GASTON\AppData\Local\PlaceholderTileLogoFolder
2019-08-25 09:21 - 2017-11-09 08:19 - 000000000 ____D C:\Users\GASTON\AppData\Local\Packages
2019-08-24 19:33 - 2019-07-23 18:47 - 000000000 ____D C:\Users\GASTON
2019-08-24 19:32 - 2017-02-23 03:16 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\MPC-HC
2019-08-24 19:30 - 2019-01-20 22:13 - 000000000 ____D C:\Users\GASTON\AppData\Roaming\Mozilla
2019-08-24 19:30 - 2019-01-20 22:13 - 000000000 ____D C:\Users\GASTON\AppData\Local\Mozilla
2019-08-24 19:19 - 2019-01-20 22:13 - 000000000 ____D C:\Users\GASTON\AppData\LocalLow\Mozilla
2019-08-24 17:14 - 2019-05-09 18:53 - 000001114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2019-08-24 17:14 - 2019-04-02 16:08 - 000000000 ____D C:\Program Files\paint.net
2019-08-21 21:39 - 2018-05-10 04:24 - 000000000 ____D C:\Users\GASTON\AppData\Local\D3DSCache
2019-08-18 19:26 - 2019-07-23 19:38 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-18 19:26 - 2019-03-19 08:49 - 000786462 _____ C:\WINDOWS\system32\perfh00A.dat
2019-08-18 19:26 - 2019-03-19 08:49 - 000155296 _____ C:\WINDOWS\system32\perfc00A.dat
2019-08-15 13:32 - 2016-11-01 22:42 - 000000000 ___RD C:\Users\GASTON\3D Objects
2019-08-15 13:32 - 2016-11-01 21:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-15 13:31 - 2019-07-23 19:25 - 000303320 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-15 07:43 - 2019-03-19 08:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-08-15 07:43 - 2019-03-19 08:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\es-MX
2019-08-15 07:43 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-08-15 07:43 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-08-15 07:43 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-15 07:43 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-08-15 07:43 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-14 23:35 - 2016-11-09 13:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-14 23:33 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-14 23:33 - 2016-11-09 13:07 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-12 15:17 - 2016-11-09 11:30 - 000000000 ____D C:\Users\GASTON\AppData\Local\ElevatedDiagnostics
2019-08-10 00:18 - 2019-07-23 19:42 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4053121906-3739663058-3097000640-1001
2019-08-10 00:18 - 2019-07-23 18:47 - 000002370 _____ C:\Users\GASTON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-10 00:18 - 2016-11-01 21:35 - 000000000 ___RD C:\Users\GASTON\OneDrive
2019-08-07 19:26 - 2019-07-23 19:24 - 000000000 ____D C:\Windows.old
2019-08-05 19:09 - 2019-07-23 17:05 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-02 22:54 - 2019-07-23 19:42 - 000003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-08-02 22:48 - 2019-07-23 19:42 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-02 22:48 - 2019-06-24 22:11 - 000000000 ____D C:\Users\GASTON\Downloads\gzmn cv
2019-08-02 22:46 - 2018-09-25 21:11 - 000000000 ____D C:\Users\GASTON\Downloads\games
2019-07-30 16:36 - 2019-03-19 01:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ================
2019-06-24 16:37 - 2019-07-03 11:50 - 000001230 _____ () C:\Users\GASTON\AppData\Local\oobelibMkey.log
2018-08-05 22:48 - 2018-08-05 22:50 - 000007598 _____ () C:\Users\GASTON\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================