Eliminar infeccion rootkit

Buenas… necesito ayuda para desinfectar mi sistema de un par de ROOTKIT detectados con AVG

tengo windows 7 home premium 64bits

Rootkit detectados con AVG “nos hemos esforzado al maximo, pero no hemos podido resolver 2 amenazas”: C:\windows\system32\drivers\Wdf03729.sys SVS:{45487F67-EC9F-4449-A6F2-2D…}>C:\Windo…

Problemas que tengo habitualmente…

Al terminar el inicio de windows, se congela absolutamente todo, excepto el puntero que puedo mover, por lapsos entre 1 a 60 minutos mas o menos… al reanudar ejecuta todas las ordenes que le di en ese lapso y funciona de lujo (ya no se cuelga ni congela, ni se atrasa en ningún proceso)

ocasionalmente se cuelga y reinicia el explorador de windows con el sigte mensaje… “Windows Explorer has stopped working”

los programas que utilizo para limpieza generalmente son… AVG - MALWAREBYTES - AT DESTROYER - CCLEANER - HIJACKTHIS - SPYBOT

en mi inicio solo tengo activado AVG…

quedo atento y gracias desde ya…

Hola @Dee_Jay_Huel Bienvenido al foro!!!

AT.Destroyer y Hijackthis se han quedado desactualizados, por lo que ya no se utilizan.

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

  • Realiza un Análisis personalizado, actualizando si te lo pide.
  • Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
  • En el apartado del manual Historial de detecciones encontrarás el reporte de MBAM, clic en Exportar >> Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

  • Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus.
  • Cierra también todos los programas que tengas abiertos.
  • Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
  • Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
  • Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C001]

3) Descarga CCleaner

  • Instala Ccleaner
  • Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine >> clic en ejecutar limpiador
  • Clic en la pestaña Registro >> clic en buscar problemas esperas que termine >> clic en Reparar Seleccionadas y haces una copia de seguridad
  • Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

¿Cómo pegar reportes en el foro?

Un saludo

1 me gusta

gracias por la pronta respuesta…

he hecho todo lo solicitado y adjunto los reportes…

01 mbeam reporte.txt (4,2 KB)

AdwCleaner[S00].txt (14,2 KB)

aun sin utilizar mucho ya noto mas estable el sistema… aunque para apagar se tarda como 5 minutos aun sin porgramas abiertos…

tampoco se congelo luego del inicio ninguna de las 3 veces que reinicio…

creo que quedaron algunos problemas por resolver…

quedo aguardando… muchas gracias…

Hola

El reporte de AdwCleaner es del escaneo, mandaste a cuarentena lo que detectó? Si no es así, ejecuta de nuevo.

Un saludo

hola Daniela…

gracias por tu tiempo…

no recuerdo haber marcado todos los items para enviarlos a quarentena…

hice un escaneo nuevamente y detecto 8 infecciones…

los envie a quarentena y reinicie el equipo…

escanee de vuelta y estan aun esas infecciones… adjunto logs AdwCleaner[C00].txt (2,4 KB) AdwCleaner[S00].txt (2,3 KB)

al reiniciar funciona todo… no se planta mas el sistema… pero para apagar tarda unos 5 minutos, no se si sea normal eso. tampoco tuve problemas con el explorador de windows hasta ahora…

saludos…

Hola

Pero no los has eliminado, “Not Deleted” :thinking:

Realizas lo siguiente:

Análisis del PC con Eset Online Scaner : Manual de Uso lee las instrucciones para salvar el reporte.

Análisis del PC con Kasperky Virus Removal Tool: Manual de Uso

  • Este no da reporte cuando te encuentres al finalizar, si es que lo hace con alguna infección, tomas una imagen y la subes.

Como subir imágenes al Foro ?

Comenta como sigue el problema.

Un saludo

Hola Daniela…

adjunto el reporte de Eset

eset.txt (12,5 KB)

Hice el analisis con Kaspesky… en el primer escaneo encontró lo siguiente

hizo el intento de neutralizarlo por mas o menos 5 minutos y reinicio el sistema, al reaundar inicio un nuevo analisis automaticamente y adjunto el resultado

ahora voy a proceder con el intento de desinfeccion…

Como nota, estuve haciendo algunos trabajos con la notebook… carga de pendrives y ediciones…

el explorador de windows se colgo y reinicio nuevamente en 3 ocasiones…

al hacer una edicion de video con COREL VIDEOSTUDIO en partes de relentiza notablemente, a ratos, se traban las videos al darle preview… tardan los procesos… aveces por 3 minutos, aveces por 6 minutos y luego funciona normalmente…

adjunto mas detalles de la nb

quedo atento… saludos

Hola

Descarga Malwarebytes Anti-Rootkit (Beta) y descomprimes el contenido en tu escritorio.

  • Abre la carpeta Mbar, haces doble clic en el archivo Mbar.exe
  • En la ventana que saldrá pulsas en "Next".
  • Pulsar en "Update", y cuando termine en "Next"
  • Ahora inicias el análisis pulsando en el botón "Scan"
  • Al terminar, si existe infección pulsamos en "CleanUp" y si no hay infección pulsamos en ""Exit"

Al terminar busca en la carpeta Mbar, y abres los archivos mbar-log.txt y system-log.txt, nos copias el contenido en la siguiente respuesta y comentas resultados.

Un saludo

No descarga desde el link Malwarebytes anti-rootkit…

creo que ya no esta disponible…

no se si habra otra fuente confiable o busco con google…

saludos…

descargue desde la pag oficial de malwarebytes…

adjunto los textos del resultado mbar-log-2020-10-10 (21-12-40).txt (2,1 KB) system-log.txt (26,1 KB)

quedo atento… saludos…

Hola

Como sigue el problema?

Un saludo

hola Daniela… luego del anti rootkit volvi con los procesos desde el principio… malwarebytes, adware, ccleaner y eset online…

adjunto resultados de adware… creo que hay infecciones en e registro que no puede neutralizar… AdwCleaner[C02].txt (2,0 KB)

AdwCleaner[S03].txt (1,9 KB)

lo siguiente el resultado de eset.

log.txt (1,5 KB)

ahora voy a repasar todo de vuelta por kaspersky y malwarebytes anti rootkit…

quedo atento a mas indicaciones…

gracias!!!

Hola

No vuelvas a pasar los programas que ya utilizamos.

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool en el escritorio, seleccionando la versión adecuada para la arquitectura (32 o 64bits) de tu equipo. :arrow_right: Como saber si Mi Windows es de 32 o 64 Bits ?.

  • Ejecuta FRST.exe.
  • En el mensaje de la ventana del Disclaimer, pulsamos Yes
  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

hola Daniela…

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-10-2020
Ran by dj (administrator) on DJHP (Hewlett-Packard HP Pavilion dv7 Notebook PC) (11-10-2020 12:37:09)
Running from C:\Users\dj\Desktop\antiV
Loaded Profiles: dj
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26>
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) [File not signed] C:\Windows\explorer.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\audiodg.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\csrss.exe <2>
(Microsoft Corporation) [File not signed] C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\dwm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\lsass.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\lsm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\services.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\smss.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\spoolsv.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe <16>
(Microsoft Corporation) [File not signed] C:\Windows\System32\VSSVC.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wininit.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\winlogon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3229696 2016-08-29] (Microsoft Corporation) [File not signed]
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2972672 2016-08-29] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {19736cea-c740-11e0-ad2c-b6b7f73a5b37} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {19736cf8-c740-11e0-ad2c-b6b7f73a5b37} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {231b0a8b-edd6-11e4-bc30-00269ef9b1be} - F:\dlusb_launcherC120.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {30836291-fc33-11e4-967a-00269ef9b1be} - F:\Startme.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {38a3490f-efdf-11e2-a9db-fb1408114598} - I:\Windows\Install.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {e92740ea-d3e6-11e4-b455-00269ef9b1be} - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {eca17917-dd9d-11e0-9d38-0023140b7bf4} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {f6c28fdf-8398-11e3-b188-a0e8f0db155e} - J:\Startme.exe
HKLM\...\Providers\Internet Print Provider: C:\WINDOWS\SYSTEM32\inetpp.dll [166912 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM\...\Providers\LanMan Print Services: C:\WINDOWS\SYSTEM32\win32spl.dll [751104 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\HPCP1020PP: C:\Windows\System32\spool\prtprocs\x64\HPCP1020PP.DLL [65024 2012-12-24] (Marvell Semiconductor, Inc.) [File not signed]
HKLM\...\Windows x64\Print Processors\hpfppw73: C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll [258048 2009-07-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [39424 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\HP CP1020 LM: C:\WINDOWS\SYSTEM32\HPCP1020LM.DLL [129024 2012-12-24] () [File not signed]
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\SYSTEM32\hpzllw71.dll [53248 2009-07-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Print\Monitors\Local Port: C:\WINDOWS\SYSTEM32\localspl.dll [955904 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\WINDOWS\SYSTEM32\FXSMON.DLL [41984 2010-11-20] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\PCL hpf3lw73: C:\WINDOWS\SYSTEM32\hpf3lw73.dll [48640 2009-07-14] (Hewlett-Packard Company) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\SYSTEM32\hpz3lw71.dll [46080 2009-07-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Print\Monitors\PDFCreator: C:\WINDOWS\SYSTEM32\pdfcmnnt.dll [87040 2005-03-12] () [File not signed]
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\WINDOWS\SYSTEM32\tcpmon.dll [195072 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\USB Monitor: C:\WINDOWS\SYSTEM32\usbmon.dll [45056 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\WSD Port: C:\WINDOWS\SYSTEM32\WSDMon.dll [224768 2009-07-14] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\Installer\chrmstp.exe [2020-08-19] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00567336-D993-4546-9BE7-7E2AB4BE1654} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {00E584D5-E1A7-436C-9360-1408E88077F1} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe [1475640 2020-08-28] (Adobe Inc. -> Adobe)
Task: {0379F202-7A45-4AE7-974C-440BB380483F} - System32\Tasks\RealCreateProcessScheduledTask85358879S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {07CB8A57-51E1-40D1-9B69-E860BC5682B4} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [183296 2009-07-14] (Microsoft Corp.) [File not signed]
Task: {0A6E4EA2-A477-4F19-BC57-FE622135A486} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-28] (Adobe Inc. -> Adobe)
Task: {0A86C1B3-8140-461D-B64E-D1EB4915CEA3} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [233048 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {0E1AE3C4-195E-40C7-BEA9-7AF1ADB9760E} - System32\Tasks\Microsoft\Windows\Wininet\CacheTask => {0358b920-0ac7-461f-98f4-58e32cd89148} C:\Windows\system32\wininet.dll [2426880 2020-03-08] (Microsoft Corporation) [File not signed]
Task: {13ADE6DB-3D57-4097-9A52-3850261B01FA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {18F3FEC2-F629-41D7-9CFD-3AC36F3C8F0C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {1A853ACE-86E0-4DF0-B993-E159C6FD0C2B} - no filepath
Task: {1F7B7221-AE8F-44F3-BA82-F7D260F51964} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855fec53-d2e4-4999-9e87-3414e9cf0ff4} C:\Windows\system32\wdc.dll [1363968 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {2470470F-2634-478E-B181-571E98A789BB} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [84992 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {28011108-68DF-4C73-B91B-57427D501BBA} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [528384 2013-12-04] (Microsoft Corporation) [File not signed]
Task: {2862B17C-81E1-4CC4-A534-AD9503EE912F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [76800 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {2E5F0DB7-C279-4EFF-A8C2-D00E1B8C6B5F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [1264640 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {32147D69-BC96-4CFE-981F-D07F21A40F75} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {32A7701B-783C-4D1F-9BD4-510E1C0CFEBD} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} C:\Windows\System32\HotStartUserAgent.dll [27136 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {3B90F7DB-7345-48BE-A543-0538A4C1A6E4} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {40AD211E-EE38-4D07-8511-35B18E6A7606} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {4625674B-73B2-4F4F-8EBD-36D9D8BADB7E} - System32\Tasks\{E5365BF7-BC28-4B60-9A15-0F215A738A2E} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUn0415.exe -c -fC:\Codemasters\CMRally\Uninst.isu
Task: {47536D45-EEEC-4BDC-8183-A4DC1F8DA9E4} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} C:\Windows\System32\usbceip.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} C:\Windows\System32\wpcmig.dll [17408 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {4A75CADC-317A-41FB-AF2C-36B2BACBC14E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [76800 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {4BA38F9A-8216-4F23-B99F-F567BE40DAE1} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {4BEE29A4-F39F-4E63-8E21-2C9E5016A579} - System32\Tasks\RealCreateProcessScheduledTask231131S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {4C8B01A2-11FF-4C41-848F-508EF4F00CF7} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} C:\Windows\system32\MsCtfMonitor.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {58170AB6-0912-4BF4-92CC-37AA60B4EFB6} - System32\Tasks\RealCreateProcessScheduledTask12436540S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} C:\Windows\System32\wpcumi.dll [188416 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {5BE64A16-1C97-4470-B340-BD3A32B554E2} - System32\Tasks\{7130D8B4-6B2B-4DAF-A127-4EC8ABBFABB5} => C:\Windows\system32\pcalua.exe -a "G:\DATA DISK\programas\REAL PLAYER\RealPlayer11GOLD_es.exe" -d "G:\DATA DISK\programas\REAL PLAYER"
Task: {5DCBF464-2450-43F8-BBBB-C0F9751553AA} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [1264640 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {5F5A18EB-DC73-4E45-A11C-B59043598412} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {613612BA-897D-44CE-8DC1-8FC283F9FD51} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [528384 2013-12-04] (Microsoft Corporation) [File not signed]
Task: {662250CA-77AB-4E8E-B34C-F6434B85A65E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {689AF7A5-B3B2-4968-A3DB-6EE1A269AB94} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {6956D7A0-6986-4A9D-9F82-02B37A779AF1} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {69B68D14-0C60-4548-8256-CF3623167040} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {6D98C2E6-97D5-4972-A3C3-DB401F43A20F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {6FDA3CFC-3F7C-46BF-9DA9-197C15E1C732} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {721ECF15-49D4-4944-83D0-F366EFA89FC2} - System32\Tasks\RealCreateProcessScheduledTask49297329S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {72AD0D5A-9088-4727-A79E-4E140CA2A8A5} - \SpyHunter4Startup -> No File <==== ATTENTION
Task: {72DB7465-BC54-491B-A92A-4637A28C9BBF} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [17920 2019-02-21] (Microsoft Corporation) [File not signed]
Task: {7431F99F-EB20-4970-BE93-9E18A274EC0C} - System32\Tasks\{0382E760-B78D-4503-9B59-AAB8487FB55D} => C:\Windows\system32\pcalua.exe -a C:\Users\dj\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=adks <==== ATTENTION
Task: {750649C5-AC49-4EBD-B0F0-3A96B2BC9801} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [70656 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {77E7F16D-B585-4F48-B76E-0B93819EEE37} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {7A2AA004-C22B-4850-9652-C108993825F3} - no filepath
Task: {7AFCC0CA-7121-422A-AB45-B0E8D599FF08} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {7B126512-099E-4753-996F-9D7EA40E165B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {7B1BCC78-7AAE-4293-8C29-627E53D3404A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {7EBCA6DC-4FCE-43DA-87C7-685288195C83} - System32\Tasks\{6BD23002-A00F-4666-B8F2-764CFBBEA95C} => C:\Windows\system32\pcalua.exe -a "G:\programas\REAL PLAYER\RealPlayer11GOLD_es.exe" -d "G:\programas\REAL PLAYER"
Task: {7FCACA7D-D224-43BB-B196-38ACFFCAEFC7} - System32\Tasks\{5336320B-9D3D-4B6C-BF6D-029AD0C6854A} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\NUMARK~1\UNWISE.EXE -c C:\PROGRA~2\NUMARK~1\INSTALL.LOG
Task: {80D139B8-36AD-4273-A008-015B5F699B0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {880575E4-033C-4C71-BB2D-03ADCC7DD2DC} - System32\Tasks\{9B7ACCF5-C408-46EF-BEEA-17ABBDDF6341} => C:\Windows\system32\pcalua.exe -a C:\Users\dj\AppData\Local\Temp\bc3dbd07-3e6f-426b-94e8-634ff0ef9606\InstallShieldUninstaller.exe -d C:\Users\dj\Downloads <==== ATTENTION
Task: {89AD6C86-12FA-4CAB-92E9-19CD000C4572} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {9435F817-FED2-454E-88CD-7F78FDA62C48} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} C:\Windows\System32\wdi.dll [91136 2015-01-09] (Microsoft Corporation) [File not signed]
Task: {95C2F419-45B1-4541-A92E-CE614997AE15} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {985E235B-6B31-404B-8DB5-AA08190C3B52} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {98DBCC26-B66E-44A7-A496-7DA613D55735} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {9979CB83-103A-4105-9E5D-C74B0AF6D198} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [40448 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {9B7AA255-2DAC-477C-8D2E-F996FF48F44F} - no filepath
Task: {9DDCC645-5965-4D81-85A6-E623441045CA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {9F9424C5-A33D-45A3-BF7A-1C3A7F402A75} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {A35BB7A6-5F0C-4C9F-8450-2B3BED532D51} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490d-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [625664 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {A48CABBF-24C8-4B87-B00F-9261807C3B43} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [148480 2019-02-21] (Microsoft Corporation) [File not signed]
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [90112 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {A9FE06F7-D54B-4B3C-B1C6-93F8256EFA30} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\WINDOWS\SYSTEM32\aitagent.exe [122880 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {AC615EE8-3977-4FE8-91FB-1E003B825913} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2009-10-07] (Hewlett-Packard Company -> )
Task: {AC668097-4D6B-4093-AC14-014C09DBF820} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {c463a0fc-794f-4fdf-9201-01938ceacafa} C:\Windows\system32\rasmbmgr.dll [57344 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {AD480C71-53FA-483F-AD46-FC131E35C905} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {ADA9F6F4-A3C0-4F0D-B39E-7BCBC46A9E47} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {AF364794-7876-44BD-974A-5B0A0F259C44} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} C:\Windows\System32\perftrack.dll [950272 2015-01-09] (Microsoft Corporation) [File not signed]
Task: {B2E47E14-722F-4ADB-90E9-43C29EEE88E6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {B37AB87A-454B-40C5-89A7-0C2698D7F0C2} - System32\Tasks\{2876E453-CDD6-4561-ABE5-98BAA0D7A74A} => C:\Windows\system32\pcalua.exe -a C:\Users\Public\Documents\710_b042_multilanguage.exe -d C:\Users\Public\Documents
Task: {BA4282C0-D5A6-43A9-AA73-92E6C6838485} - System32\Tasks\{363D17E4-4B82-436F-8598-D31C75031182} => msiexec.exe /package "G:\Game.msi"
Task: {BA88FF08-31C5-4994-AAE9-E6607EDF1B65} - System32\Tasks\AdwCleaner_onReboot => G:\SOFTWARESSSSS\((( W7 CLEAN OK )))\02 adwcleaner\adwcleaner_8.0.8.exe [8447152 2020-10-10] (Malwarebytes Inc -> Malwarebytes)
Task: {BBB30C7B-F756-430A-B951-D31DE615C522} - System32\Tasks\{7FF484A2-866A-4B8D-A1AC-E8D8ADFF554D} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\VIRTUA~1\UNWISE.EXE -c C:\PROGRA~2\VIRTUA~1\INSTALL.LOG
Task: {BD1C4EFA-2EDA-438D-85DD-484E7D806F81} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [198656 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {BE669C13-8165-4536-96D0-6D6C39292AAE} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {C1F85EF8-BCC2-4606-BB39-70C523715EB3} C:\Windows\System32\sdiagschd.dll [51200 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {C016366B-7126-46CA-B36B-592A3D95A60B} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [293888 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {CA4B8FF2-A4D2-4D88-A52E-3A5BDAF7F56E} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {ca767aa8-9157-4604-b64b-40747123d5f2} C:\Windows\System32\regidle.dll [14336 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {CAFBB0DA-88C1-4A51-BF2E-3C2FFD31CC53} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3994139564-2437849967-1822899332-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {CB3D64BF-C0C9-45FF-BFB0-FF1A8F680186} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [125952 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {CB8CC51E-7912-4F51-B501-741C8E6E8A46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {CBD2757C-1693-47D8-9A88-A4E58142203D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline => C:\Windows\system32\schtasks.exe [285696 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {CE5117A5-A3F6-4570-ABC1-272E780BAB00} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [50688 2009-07-14] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {D287E980-3E04-4E78-8ACA-61CE02571687} - System32\Tasks\{BC85293A-1BD0-4DB7-954B-CFDD20216819} => C:\Windows\system32\pcalua.exe -a "C:\Users\dj\Downloads\yahtzee deluxe.exe" -d C:\Users\dj\Downloads
Task: {D3E63068-D215-4F93-9321-FB9ABFEF7728} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {D4B563AE-B917-4AD9-A84E-44620807AEC6} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-09] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {D4EC3DB6-740C-49AB-B003-71D7C483EDD2} - System32\Tasks\RealCreateProcessScheduledTask358864S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {D638C166-4003-47D3-8178-FB92A9228855} - no filepath
Task: {D6ECE471-ADDB-46D9-8459-C79415EE9636} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8F43898-9DD4-4FF1-A16C-D3246A67E38F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [295936 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {D91D7A18-7B3D-4DAD-A8CB-2C3043809B7C} - System32\Tasks\RealCreateProcessScheduledTask92121726S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {DA41DE71-8431-42FB-9DB0-EB64A961DEAD} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [501248 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {DD02EEFD-0BD0-4099-A16E-57E8E7389BB5} - System32\Tasks\RealCreateProcessScheduledTask70955229S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E0325069-2AD7-4A22-B967-78EADFAFED53} - System32\Tasks\RealCreateProcessScheduledTask64353516S-1-5-21-3994139564-2437849967-1822899332-1001 => c:\program files (x86)\real\realplayer\update\realsched.exe [295512 2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\WINDOWS\SYSTEM32\BthUdTask.exe [36864 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {E890BCB7-DBD2-4AD2-8C03-A38D847ED0A8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} C:\Windows\System32\AuxiliaryDisplayServices.dll [135680 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {E8BC146E-F1D7-4A86-959F-3FE7BCC6A41A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {EACA24FF-236C-401D-A1E7-B3D5267B8A50} - System32\Tasks\Microsoft\Windows\RAC\RacTask => {42060D27-CA53-41f5-96E4-B1E8169308A6} C:\Windows\system32\RacEngn.dll [1556992 2010-11-20] (Microsoft Corporation) [File not signed]
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [71168 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [71168 2009-07-14] (Microsoft Corporation) [File not signed]
Task: {FDD56C73-F0D5-41B6-B767-6EFFD7966428} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask => {e7ed314f-2816-4c26-aeb5-54a34d02404c} C:\Windows\System32\kernelceip.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224 2012-01-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352 2010-11-20] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 01 C:\Windows\system32\NLAapi.dll [70656 2012-10-03] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 02 C:\Windows\system32\napinsp.dll [68096 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 03 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 04 C:\Windows\system32\pnrpnsp.dll [86016 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 05 C:\Windows\System32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 06 C:\Windows\System32\winrnr.dll [28672 2009-07-14] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 07 C:\Windows\system32\wshbth.dll [47104 2010-11-20] (Microsoft Corporation) [File not signed]
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File 
Winsock: Catalog9-x64 01 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 02 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 03 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 04 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 05 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 06 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 07 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 08 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 09 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 10 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Winsock: Catalog9-x64 11 C:\Windows\system32\mswsock.dll [327168 2016-05-11] (Microsoft Corporation) [File not signed]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 186.16.16.16 186.17.17.17
Tcpip\..\Interfaces\{69982FD6-88B4-4AF2-BFAE-679C95BC473F}: [DhcpNameServer] 186.16.16.16 186.17.17.17
Tcpip\..\Interfaces\{A51A3B70-C2B5-4C0F-9709-3593B12F3D10}: [DhcpNameServer] 201.217.1.230 201.217.1.231

FireFox:
========
FF DefaultProfile: 3mazn0aj.default
FF ProfilePath: C:\Users\dj\AppData\Roaming\Mozilla\Firefox\Profiles\1csbwtpa.default-release [2020-10-11]
FF Homepage: Mozilla\Firefox\Profiles\1csbwtpa.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-08-20 11:42:19&bName=
FF NewTab: Mozilla\Firefox\Profiles\1csbwtpa.default-release -> hxxps://securesearch.org/homepage?hp=2&pId=BT171002&iDate=2020-08-20 11:42:19&bName=
FF ProfilePath: C:\Users\dj\AppData\Roaming\Mozilla\Firefox\Profiles\3mazn0aj.default [2020-10-11]
FF Homepage: Mozilla\Firefox\Profiles\3mazn0aj.default -> hxxp://google.com
FF Extension: (leethax.net extension) - C:\Users\dj\AppData\Roaming\Mozilla\Firefox\Profiles\3mazn0aj.default\Extensions\[email protected] [2013-06-15] [Legacy] [not signed]
FF Extension: (Test Pilot) - C:\Users\dj\AppData\Roaming\Mozilla\Firefox\Profiles\3mazn0aj.default\Extensions\[email protected] [2015-06-25] [Legacy]
FF Extension: (Greasemonkey) - C:\Users\dj\AppData\Roaming\Mozilla\Firefox\Profiles\3mazn0aj.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2020-03-18]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-14] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-08-28] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-08-28] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2010-09-01] (Google) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-12-17] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-12-17] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-12-14] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealNetworks, Inc. -> RealDownloader)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc. -> Yahoo! Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default [2020-10-11]
CHR Notifications: Default -> hxxps://forospyware.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (YouTube) - C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Búsqueda de Google) - C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Tampermonkey) - C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-09-29]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-08-28]
CHR Extension: (Gmail) - C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\dj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-21]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]

Opera: 
=======
OPR Extension: (alelhddbbhepgpmgidjdcjakblofbmce) - C:\Users\dj\AppData\Roaming\Opera Software\Opera Stable\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-09-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-03-09] (Adobe Systems) [File not signed]
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2015-05-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-28] (Adobe Inc. -> Adobe)
S4 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2015-10-29] (Microsoft Corporation) [File not signed]
S4 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [34816 2019-02-21] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2016-05-04] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680448 2019-02-10] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680448 2019-02-10] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation) [File not signed]
R2 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CryptSvc; C:\Windows\system32\cryptsvc.dll [190976 2019-02-10] (Microsoft Corporation) [File not signed]
R3 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [146432 2019-02-10] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EFS; C:\Windows\System32\lsass.exe [30720 2019-02-21] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed] [File is in use]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) [File not signed]
R2 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
S2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2020-03-08] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [794624 2016-05-12] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) [File not signed]
R2 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R2 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S4 HyperDeskCustomThemeEnabler; C:\Windows\Installer\MSIB352.tmp [102400 2011-07-08] () [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [853504 2010-11-20] (Microsoft Corporation) [File not signed]
R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [30720 2019-02-21] (Microsoft Corporation) [File not signed]
S4 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-06-16] () [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2019-02-21] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-10] (Malwarebytes Inc -> Malwarebytes)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) [File not signed]
S2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
S4 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\system32\msiexec.exe /V [128512 2016-05-04] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe /V [73216 2016-05-04] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [30720 2019-02-21] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
R2 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [187904 2019-02-10] (Microsoft Corporation) [File not signed]
S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [632792 2013-08-08] (PC Tools -> PC Tools)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [502272 2016-05-12] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-19] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [30720 2019-02-21] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] (RealNetworks, Inc. -> )
S4 Realtek87B; C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [30720 2019-02-21] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2016-02-09] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2010-11-20] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe [240640 2009-10-21] (IDT, Inc.) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) [File not signed]
R3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2015-07-15] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [681984 2014-07-17] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [30720 2019-02-21] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
R3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-09] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [258560 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\WINDOWS\SYSTEM32\winhttp.dll [444928 2016-05-11] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351744 2016-05-11] (Microsoft Corporation) [File not signed]
R3 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) [File not signed]
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S4 wuauserv; C:\Windows\system32\wuaueng.dll [2607104 2016-05-13] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation) [File not signed]
S4 avg9emc; "C:\Program Files (x86)\AVG\AVG9\avgemc.exe" [X]
S4 avg9wd; "C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe" [X]
S4 avgfws9; "C:\Program Files (x86)\AVG\AVG9\avgfws9.exe" [X]
S4 GameConsoleService; "C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe" [X]
S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S4 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S2 PSI_SVC_2_x64; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S4 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
S3 TBS; %SystemRoot%\System32\tbssvc.dll [X]
S2 weoprvduct; C:\Users\dj\AppData\Local\fasefan.exe produco weoprvduct [X]
S4 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S2 WsDrvInst; C:\Program Files\Wondershare\Wondershare Dr.Fone para iOS\Library\DriverInstaller\DriverInstall.exe [X]
S4 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S4 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) [File not signed]
S3 a8djavs_x64; C:\Windows\System32\Drivers\a8djavs_x64.sys [44560 2008-12-09] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 a8djusb_x64; C:\Windows\System32\Drivers\a8djusb_x64.sys [233488 2008-12-09] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [497664 2015-10-13] (Microsoft Corporation) [File not signed]
S3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1146880 2009-06-10] (LSI Corp) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2019-02-21] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2019-02-21] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [62464 2019-02-21] (Microsoft Windows) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
S3 automap; C:\Windows\System32\DRIVERS\automap.sys [10752 2008-02-21] (Novation Digital Music Systems Limited) [File not signed]
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [29976 2011-06-16] (AVG Technologies -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSErHrw7a; C:\Windows\System32\Drivers\AVGIDSwa.sys [27216 2011-06-16] (AVG Technologies -> AVG Technologies CZ, s.r.o.)
S1 AvgLdx64; C:\Windows\System32\Drivers\avgldx64.sys [282976 2013-01-15] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 AvgMfx64; C:\Windows\System32\Drivers\avgmfx64.sys [35664 2011-09-13] (AVG Technologies -> AVG Technologies CZ, s.r.o.)
R0 AvgRkx64; C:\Windows\System32\Drivers\avgrkx64.sys [56008 2011-06-16] (AVG Technologies -> AVG Technologies CZ, s.r.o.)
R1 AvgTdiA; C:\Windows\System32\Drivers\avgtdia.sys [317520 2011-06-16] (AVG Technologies -> AVG Technologies CZ, s.r.o.)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [41984 2009-07-14] (Microsoft Corporation) [File not signed]
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [23944 2010-04-07] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [118784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [552960 2012-07-06] (Microsoft Corporation) [File not signed]
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [80384 2011-04-28] (Microsoft Corporation) [File not signed]
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [30088 2010-04-07] (IVT SOFTWARE TECHNOLOGY Inc. -> )
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [154112 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
S1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) [File not signed]
R3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) [File not signed]
S3 DDJCTRAUDIO; C:\Windows\System32\drivers\ddjctraud.sys [143872 2012-06-10] (D&M Holdings Inc.) [File not signed]
S3 DENONDJ_SVC; C:\Windows\System32\drivers\DenonDJ.sys [38400 2010-07-15] (DENON Co.,Ltd.) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
S2 DLPortIO; C:\Windows\SysWow64\Drivers\DLPortIO.sys [3584 1999-01-10] () [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2015-12-08] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
R3 enecir; C:\Windows\System32\DRIVERS\enecir.sys [70656 2009-06-29] (ENE TECHNOLOGY INC.) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-10-03] (GEAR Software Inc. -> GEAR Software Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [211968 2009-11-03] (© Guillemot R&D, 2009. All rights reserved.) [File not signed]
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [144896 2009-10-02] (© Guillemot R&D, 2009. All rights reserved.) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HpqKbFiltr; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [18432 2009-04-29] (Hewlett-Packard Development Company, L.P.) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042HDR; C:\Windows\System32\DRIVERS\i8042HDR.sys [15920 2011-06-27] (Chicony Electronics Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed]
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [6108416 2009-06-10] (Intel Corporation) [File not signed]
R3 Impcd; C:\Windows\System32\DRIVERS\Impcd.sys [151040 2009-10-13] (Intel Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2019-02-21] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [105176 2007-04-13] ([email protected] -> EZB Systems, Inc.)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-07] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [25688 2011-07-01] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) [File not signed]
S3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
S3 ks2avs; C:\Windows\System32\Drivers\ks2avs.sys [357968 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 ks2usb_svc; C:\Windows\System32\Drivers\ks2usb.sys [79440 2011-09-15] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 kx1avs_x64; C:\Windows\System32\Drivers\kx1avs_x64.sys [45136 2009-12-07] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
S3 kx1usb_x64; C:\Windows\System32\Drivers\kx1usb_x64.sys [300624 2009-12-07] (NATIVE INSTRUMENTS GmbH -> Native Instruments GmbH)
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-24] (Pinnacle Systems GmbH) [File not signed]
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-10-11] (Malwarebytes Inc -> Malwarebytes)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2010-11-20] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [161280 2019-02-21] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [291328 2019-02-21] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129536 2019-02-21] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MUSBDMX; C:\Windows\System32\DRIVERS\musbdmx.sys [25824 2011-10-14] (inoage GbR - C. Hertel, S. Pinzer, S. Wissmann -> Lighting-Solutions)
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-06-11] (Apple Inc.) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262144 2016-05-11] (Microsoft Corporation) [File not signed]
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [7675392 2010-01-13] (Intel Corporation) [File not signed]
S3 netw5v64; C:\Windows\System32\DRIVERS\netw5v64.sys [5434368 2009-06-10] (Intel Corporation) [File not signed]
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [48912 2015-04-27] (Panda Security S.L. -> Panda Security, S.L.)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44544 2019-02-21] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [41472 2008-01-17] (Novation DMS Ltd.) [File not signed]
R3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2019-02-10] (Microsoft Corporation) [File not signed]
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2006-10-02] (Padus, Inc.) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60928 2019-02-21] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) [File not signed]
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] (Microsoft Corporation) [File not signed]
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [158720 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) [File not signed]
S3 ROOTMODEM; C:\Windows\System32\Drivers\RootMdm.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [448512 2010-01-08] (Realtek Semiconductor Corporation) [File not signed]
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sdbus; C:\Windows\system32\drivers\sdbus.sys [109056 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Ser2pl; C:\Windows\System32\DRIVERS\ser2pl64.sys [89600 2011-11-28] (Prolific Technology Inc.) [File not signed]
S3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 silabenm; C:\Windows\System32\DRIVERS\silabenm.sys [23040 2009-02-19] (Silicon Laboratories, Inc.) [File not signed]
S3 silabser; C:\Windows\System32\DRIVERS\silabser.sys [71168 2009-02-19] (Silicon Laboratories) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] (SRS Labs, Inc -> )
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [464384 2019-02-21] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [406016 2019-02-21] (Microsoft Corporation) [File not signed]
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Conexant Systems, Inc.) [File not signed]
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.) [File not signed]
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Conexant Systems, Inc.) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [169984 2019-02-21] (Microsoft Corporation) [File not signed]
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [505344 2010-03-23] (IDT, Inc.) [File not signed]
S3 SU6000SRV; C:\Windows\System32\DRIVERS\SU6000.sys [257024 2011-07-15] () [File not signed]
S3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2014-05-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [46080 2016-07-07] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [118272 2015-10-13] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-17] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-02] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [File not signed]
S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [53248 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [42496 2013-07-03] (Microsoft Corporation) [File not signed]
S3 usbser; C:\Windows\System32\DRIVERS\usbser.sys [32768 2010-11-20] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-03] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vrm; C:\Windows\System32\DRIVERS\vrm.sys [237568 2010-11-25] (Focusrite Audio Engineering Ltd.) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Western Digital Technologies) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WSDPrintDevice; C:\Windows\System32\DRIVERS\WSDPrint.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [389120 2009-06-10] (Marvell) [File not signed]
S3 ALSysIO; \??\C:\Users\dj\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 AVGIDSDriverw7a; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys [X]
S3 AVGIDSFilterw7a; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
U4 ekrn; no ImagePath
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 NUMARK_NC06; System32\Drivers\nc06_usb.sys [X]
S3 NUMARK_NC06_MIDI; system32\drivers\nc06midi.sys [X]
S3 NUMARK_NC06_WDM; system32\drivers\nc06_wdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 sdfhgdf; system32\DRIVERS\sdfhgdf.sys [X]
S3 XDJ-AEROAudio; system32\drivers\XDJ-AEROAudio64.sys [X]
S3 XONE_DX; System32\Drivers\XONE_DX.sys [X]
S3 XONE_DXM; system32\drivers\XONE_DXM.sys [X]
S3 XONE_DX_WDM; system32\drivers\XONE_DXW.sys [X]
S3 zlportio; \??\C:\Program Files (x86)\Laser Controller\zlportio.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-11 12:36 - 2020-10-11 12:37 - 000000000 ____D C:\FRST
2020-10-11 12:34 - 2020-10-11 12:37 - 000000000 ____D C:\Users\dj\Desktop\antiV
2020-10-11 12:30 - 2020-10-11 12:30 - 002299392 _____ (Farbar) C:\Users\dj\Downloads\FRST64.exe
2020-10-11 10:42 - 2020-10-11 10:42 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\7651F717.sys
2020-10-10 22:14 - 2020-10-10 22:14 - 000002138 _____ C:\Users\dj\Downloads\mbar-log-2020-10-10 (21-12-40).txt
2020-10-10 22:11 - 2020-10-10 22:11 - 000000000 ____D C:\Users\dj\Downloads\mbar
2020-10-10 21:12 - 2020-10-10 21:12 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\5677D2DA.sys
2020-10-10 21:10 - 2020-10-11 12:15 - 000000000 ____D C:\Users\dj\Desktop\mbar
2020-10-10 21:10 - 2020-10-11 12:15 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-10-10 18:23 - 2020-10-10 18:24 - 000052432 _____ C:\Users\dj\Downloads\AUD-20201010-WA0031.mp3.sfk
2020-10-10 16:47 - 2020-10-10 16:47 - 000000000 ____D C:\Users\dj\New folder
2020-10-10 16:05 - 2020-10-11 12:38 - 089391104 _____ C:\Windows\system32\config\SYSTEM
2020-10-10 16:04 - 2020-10-10 16:04 - 000000000 _____ C:\Windows\system32\Drivers\OLD3B22.tmp
2020-10-10 16:04 - 2020-10-10 16:04 - 000000000 _____ C:\Windows\system32\Drivers\OLD2E64.tmp
2020-10-10 15:39 - 2020-10-11 10:30 - 000000000 ____D C:\KVRT_Data
2020-10-10 15:30 - 2020-10-10 15:38 - 183571312 _____ (AO Kaspersky Lab) C:\Users\dj\Downloads\KVRT.exe
2020-10-10 12:32 - 2020-10-11 00:31 - 000000847 _____ C:\Users\dj\Desktop\ESET Online Scanner.lnk
2020-10-10 12:32 - 2020-10-10 12:32 - 000000000 ____D C:\Users\dj\AppData\Local\ESET
2020-10-10 12:31 - 2020-10-10 12:31 - 014860896 _____ (ESET spol. s r.o.) C:\Users\dj\Downloads\esetonlinescanner.exe
2020-10-10 01:34 - 2020-10-10 01:34 - 000014518 _____ C:\Users\dj\Downloads\AdwCleaner[S00].txt
2020-10-10 01:34 - 2020-10-10 01:34 - 000004256 _____ C:\Users\dj\Downloads\01 mbeam reporte.txt
2020-10-10 00:56 - 2020-10-11 00:03 - 000003152 _____ C:\Windows\system32\Tasks\AdwCleaner_onReboot
2020-10-10 00:53 - 2020-10-10 00:56 - 000000000 ____D C:\AdwCleaner
2020-10-10 00:52 - 2020-10-10 00:52 - 008447152 _____ (Malwarebytes) C:\Users\dj\Downloads\adwcleaner_8.0.8.exe
2020-10-10 00:14 - 2020-10-11 00:22 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-10-10 00:14 - 2020-10-10 21:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-10-10 00:14 - 2020-10-10 00:14 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-10-10 00:14 - 2020-10-10 00:14 - 000001922 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-10-10 00:14 - 2020-10-10 00:14 - 000001910 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-10-10 00:14 - 2020-10-10 00:14 - 000001910 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-10-10 00:12 - 2020-10-10 00:12 - 000000000 ____D C:\Program Files\Malwarebytes
2020-10-09 23:48 - 2020-10-09 23:48 - 000566128 _____ (Malwarebytes) C:\Users\dj\Downloads\mbam-clean-2.3.0.1001.exe
2020-10-09 13:30 - 2020-10-09 13:31 - 060058184 _____ C:\Users\dj\Downloads\VDJ8.rar
2020-10-08 23:58 - 2020-10-08 23:59 - 000000000 ____D C:\Program Files (x86)\GUMD5B0.tmp
2020-10-08 23:58 - 2020-10-08 23:58 - 000000000 ____D C:\Program Files (x86)\AVG
2020-10-08 23:38 - 2020-10-09 23:29 - 000000000 ____D C:\Users\dj\AppData\LocalLow\uTorrent
2020-10-08 23:27 - 2020-10-08 23:27 - 000000000 ____D C:\Users\dj\Downloads\AVG AntiVirus 2018 18.45.7449 Multilanguage + Key
2020-10-08 01:51 - 2020-10-08 17:06 - 000000000 ____D C:\Users\dj\Downloads\VA - 90s BEST 100 (2020) Mp3 320kbps [PMEDIA] ⭐️
2020-10-08 01:47 - 2020-10-08 02:08 - 000000000 ____D C:\Users\dj\Downloads\VA - 100 Greatest 80s Rock Classics (2020) Mp3 320kbps [PMEDIA] ⭐️
2020-10-08 01:45 - 2020-10-08 02:08 - 000000000 ____D C:\Users\dj\Downloads\Greatest Hits (2020)
2020-10-08 01:43 - 2020-10-08 01:46 - 000000000 ____D C:\Users\dj\Downloads\Bob Marley - Greatest Hits [Mp3][www.lokotorrents.com]
2020-10-08 01:42 - 2020-10-08 01:42 - 000000000 ____D C:\Users\dj\Downloads\The Beatles [2009] Greatest Hits CDRip [Remastered][Bubanee]
2020-10-07 23:56 - 2019-12-28 11:00 - 000784384 _____ C:\Windows\system32\xvidcore.dll
2020-10-07 23:56 - 2019-12-28 11:00 - 000681984 _____ C:\Windows\SysWOW64\xvidcore.dll
2020-10-07 23:56 - 2019-12-28 11:00 - 000310784 _____ C:\Windows\system32\xvidvfw.dll
2020-10-07 23:56 - 2019-12-28 11:00 - 000284160 _____ C:\Windows\SysWOW64\xvidvfw.dll
2020-10-07 23:56 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2020-10-07 23:56 - 2017-07-30 12:50 - 003799552 _____ (x264vfw project) C:\Windows\system32\x264vfw64.dll
2020-10-07 23:56 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll
2020-10-07 23:56 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2020-10-07 23:42 - 2020-10-07 23:43 - 061636300 _____ (KLCP ) C:\Users\dj\Downloads\k-lite-codec-pack-mega-15-7-5.exe
2020-10-01 00:52 - 2020-09-29 02:00 - 000000050 _____ C:\Windows\system32\Drivers\etc\hosts.20201001-005204.backup
2020-09-29 16:24 - 2020-09-29 20:16 - 000000000 ____D C:\Users\dj\Downloads\New folder
2020-09-29 16:21 - 2020-09-29 16:21 - 000171520 ____N (Pinnacle Systems GmbH) C:\Users\dj\Downloads\MarvinBus.sys
2020-09-29 16:21 - 2020-09-29 16:21 - 000072699 _____ C:\Users\dj\Downloads\pinnacle-marvin-bus-64-147788.zip
2020-09-29 16:21 - 2020-09-29 16:21 - 000008030 ____N C:\Users\dj\Downloads\MarvinBus.cat
2020-09-29 15:22 - 2020-09-29 15:22 - 012843626 _____ C:\Users\dj\Downloads\Como-elaborar-un-proyecto-2005-Ed.18-Ander-Egg-Ezequiel-y-Aguilar-Idáñez-MJ.pdf.pdf
2020-09-29 01:07 - 2020-09-29 01:07 - 000000000 ____D C:\Users\dj\AppData\Local\mbam
2020-09-29 00:56 - 2020-09-29 00:56 - 000000024 _____ C:\Windows\PSENDGU.TMP
2020-09-28 02:14 - 2020-09-29 00:56 - 189435859 _____ C:\Users\dj\Downloads\Chayanne.zip
2020-09-27 13:48 - 2020-09-27 13:48 - 028118212 _____ C:\Users\dj\Downloads\Tainy, J. Balvin - Agua (Music From _Sponge On The Run_ Movie).mp4
2020-09-27 13:42 - 2020-09-27 13:42 - 087132747 _____ C:\Users\dj\Downloads\POCOYÓ Coches infantiles [ 27 min ] .mp4
2020-09-27 13:37 - 2020-09-27 13:37 - 129497633 _____ C:\Users\dj\Downloads\Pocoyó Disco [ 37 minutos ].mp4
2020-09-27 12:51 - 2020-09-27 12:51 - 168093821 _____ C:\Users\dj\Downloads\Enganchado Musical de Rondas y Clásicos Infantiles.mp4
2020-09-27 12:39 - 2020-09-27 12:39 - 258271216 _____ C:\Users\dj\Downloads\Enganchados de Rondas y Clásicos Infantiles 2 _ El Reino Infantil.mp4
2020-09-27 12:32 - 2020-09-27 12:32 - 087335074 _____ C:\Users\dj\Downloads\CUCÚ CANTABA LA RANA y más Canciones. Cleo&Cuquín I Familia Telerín.Canciones Infantiles(30 minutos).mp4
2020-09-27 12:06 - 2020-09-27 12:08 - 107742407 _____ C:\Users\dj\Downloads\pocoyo canciones.mp4
2020-09-27 12:02 - 2020-09-27 12:02 - 012750966 _____ C:\Users\dj\Downloads\00 CUMPLEAÑOS FELIZ, Canciones infantiles.mp4
2020-09-27 11:58 - 2020-09-27 12:09 - 640015143 _____ C:\Users\dj\Downloads\la granja de zenon compilacion.mp4
2020-09-27 11:56 - 2020-09-27 12:08 - 751390354 _____ C:\Users\dj\Downloads\pika pika compilacion.mp4
2020-09-27 11:46 - 2020-09-27 11:50 - 313702029 _____ C:\Users\dj\Downloads\toy cantando infantiles.mp4
2020-09-27 11:43 - 2020-09-27 11:45 - 102476509 _____ C:\Users\dj\Downloads\chumbala cachumba infantiles.mp4
2020-09-27 11:42 - 2020-09-27 11:46 - 258412583 _____ C:\Users\dj\Downloads\1 hora infantiles 2019.mp4
2020-09-27 11:40 - 2020-09-27 13:17 - 632050776 _____ C:\Users\dj\Downloads\Recopilatorio .Alegre Fiesta Infantil-MP3-[www.bajandoalbums.com].rar
2020-09-27 03:17 - 2020-09-27 03:19 - 000000000 ____D C:\Users\dj\Downloads\va - retro remix quality 333 (2020)
2020-09-27 03:15 - 2020-09-27 03:18 - 000000000 ____D C:\Users\dj\Downloads\VA - Retro Remix Quality - 245 - 2019
2020-09-27 01:36 - 2020-09-27 01:52 - 000000000 ____D C:\Users\dj\Downloads\VA - 40Remixes 60s-70s-80s-90s (2016)MP3-Странник
2020-09-27 01:35 - 2020-09-29 00:59 - 000000000 ____D C:\Users\dj\Downloads\Disco Hits of The 70s 80s 90s (2013)[Mp3][www.lokotorrents.com]
2020-09-25 18:37 - 2020-09-25 18:37 - 000576848 _____ C:\Users\dj\Downloads\NES Super Mario Bros. 1 + 2 + 3.zip
2020-09-25 17:15 - 2020-09-25 17:20 - 000001063 ____H C:\Windows\EPMBatch.ept
2020-09-25 17:11 - 2020-09-25 17:11 - 000000000 ____D C:\ProgramData\SystemAcCrux
2020-09-25 17:11 - 2020-07-07 15:11 - 000075912 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUDCPEPM.sys
2020-09-25 17:11 - 2020-07-07 15:11 - 000024200 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EUEDKEPM.sys
2020-09-25 17:10 - 2020-09-25 17:10 - 000000000 ____D C:\Program Files (x86)\EaseUS
2020-09-25 17:09 - 2020-09-25 17:10 - 047169616 _____ (EaseUS ) C:\Users\dj\Downloads\epm_free_easeus.exe
2020-09-25 17:09 - 2020-09-25 17:09 - 001710608 _____ C:\Users\dj\Downloads\epm_free_installer.exe
2020-09-25 12:54 - 2020-09-25 12:54 - 040150325 _____ C:\Users\dj\Downloads\Rauw Alejandro & Camilo - Tattoo Remix (Video Oficial).mp4
2020-09-25 12:41 - 2020-09-25 12:41 - 000071424 _____ C:\Users\dj\Downloads\Rauw Alejandro - Tattoo (Video Oficial).mp4.sfk
2020-09-25 12:40 - 2020-09-25 12:40 - 033000913 _____ C:\Users\dj\Downloads\Rauw Alejandro - Tattoo (Video Oficial).mp4
2020-09-25 12:36 - 2020-09-25 12:41 - 000086208 _____ C:\Users\dj\Downloads\Sech, Daddy Yankee, J Balvin, Rosalía, Farruko - Relación Remix (Video Oficial).mp4.sfk
2020-09-25 12:35 - 2020-09-25 12:36 - 047857386 _____ C:\Users\dj\Downloads\Sech, Daddy Yankee, J Balvin, Rosalía, Farruko - Relación Remix (Video Oficial).mp4
2020-09-25 12:28 - 2020-09-25 12:30 - 000062496 _____ C:\Users\dj\Downloads\Los Teke Teke - El Teke Teke (Audio).mp4.sfk
2020-09-25 12:28 - 2020-09-25 12:30 - 000058592 _____ C:\Users\dj\Downloads\Jason Derulo - Savage Love (Lyrics _ Lyric Video) Prod. Jawsh 685.mp4.sfk
2020-09-25 12:27 - 2020-09-25 12:27 - 006875771 _____ C:\Users\dj\Downloads\Los Teke Teke - El Teke Teke (Audio).mp4
2020-09-25 12:26 - 2020-09-25 12:27 - 007575504 _____ C:\Users\dj\Downloads\Jason Derulo - Savage Love (Lyrics _ Lyric Video) Prod. Jawsh 685.mp4
2020-09-25 12:25 - 2020-09-25 12:25 - 025153238 _____ C:\Users\dj\Downloads\Camilo - Vida de Rico (Official Video).mp4
2020-09-25 12:25 - 2020-09-25 12:25 - 000072752 _____ C:\Users\dj\Downloads\EL TEKE TEKE - .mp4.sfk
2020-09-25 12:25 - 2020-09-25 12:25 - 000065416 _____ C:\Users\dj\Downloads\Camilo - Vida de Rico (Official Video).mp4.sfk
2020-09-25 12:25 - 2020-09-25 12:25 - 000048128 _____ C:\Users\dj\Downloads\Pa Arriba Pa Abajo Lento - Nfasis (Video Oficial).mp4.sfk
2020-09-25 11:58 - 2020-09-25 11:58 - 031729698 _____ C:\Users\dj\Downloads\Pa Arriba Pa Abajo Lento - Nfasis (Video Oficial).mp4
2020-09-25 11:56 - 2020-09-25 11:57 - 006395158 _____ C:\Users\dj\Downloads\Suavecito para Abajo.mp4
2020-09-25 11:56 - 2020-09-25 11:56 - 005376623 _____ C:\Users\dj\Downloads\Mami Quiebra La Cintura.mp4
2020-09-25 11:53 - 2020-09-25 11:54 - 030794025 _____ C:\Users\dj\Downloads\EL TEKE TEKE - .mp4
2020-09-23 22:35 - 2020-09-23 23:03 - 000000000 ____D C:\Users\dj\Downloads\The Very Best Of Pop Music (1980-86)
2020-09-23 22:24 - 2020-09-23 22:24 - 020292328 _____ C:\Users\dj\Downloads\Robbie Williams - Feels.mp4
2020-09-23 22:23 - 2020-09-23 22:23 - 029595419 _____ C:\Users\dj\Downloads\Robbie Williams - Rock DJ.mp4
2020-09-23 13:14 - 2020-09-23 13:14 - 008493090 _____ C:\Users\dj\Downloads\HQ Fergie - Big Girls Don't Cry Lyrics.mp4
2020-09-23 13:12 - 2020-09-23 13:12 - 005820847 _____ C:\Users\dj\Downloads\Coldplay - The Hardest Part __ Sub. Español.mp4
2020-09-22 20:32 - 2020-09-22 20:32 - 036292224 _____ C:\Users\dj\Downloads\Rihanna - Pon de Replay (Internet Version).mp4
2020-09-22 20:09 - 2020-09-22 20:09 - 033000100 _____ C:\Users\dj\Downloads\The Rasmus - In The Shadows (US Version).mp4
2020-09-22 19:58 - 2020-09-22 19:58 - 026806922 _____ C:\Users\dj\Downloads\Natasha Bedingfield - These Words (US Version).mp4
2020-09-21 02:29 - 2020-09-21 02:29 - 034354836 _____ C:\Users\dj\Downloads\R.E.M. - Losing My Religion (DJ Bollacha Extended Remix).mp4
2020-09-21 02:23 - 2020-09-21 02:23 - 007130965 _____ C:\Users\dj\Downloads\The Outfield - Your Love Lost 12'' Version.mp4
2020-09-21 02:13 - 2020-09-21 02:13 - 018472148 _____ C:\Users\dj\Downloads\a ha _ Take On Me 1985 Extended Meow Mix.mp4
2020-09-21 02:09 - 2020-09-21 02:09 - 016827224 _____ C:\Users\dj\Downloads\Africa (extended) - Toto.mp4
2020-09-21 02:01 - 2020-09-21 02:01 - 010445538 _____ C:\Users\dj\Downloads\Rick Astley - Never Gonna Give You Up (Stephen Gilham - PHD Extended Mix).mp4
2020-09-21 01:59 - 2020-09-21 01:59 - 027486187 _____ C:\Users\dj\Downloads\Se a vida è (Enterprise mix) Pet Shop Boys.mp4
2020-09-21 01:52 - 2020-09-21 01:52 - 100761990 _____ C:\Users\dj\Downloads\Erasure - Love To Hate You  (Extended 12'' Mix VIDEO EDITION ROBSON VEEJAY).mp4
2020-09-21 01:49 - 2020-09-21 01:49 - 007833065 _____ C:\Users\dj\Downloads\Shiny Happy People (Dance to the Music Mix) - R.E.M.mp4
2020-09-21 01:47 - 2020-09-21 01:48 - 038201266 _____ C:\Users\dj\Downloads\The Police _ Every Breath You Take 1983 Purrfection Version.mp4
2020-09-21 01:37 - 2020-09-21 01:37 - 010440480 _____ C:\Users\dj\Downloads\The Police - Message in a Bottle (Extended Version).mp4
2020-09-21 01:35 - 2020-09-21 01:35 - 061576121 _____ C:\Users\dj\Downloads\Midnigth Oil -  Bed Are Burning  Extended Version.mp4
2020-09-21 01:24 - 2020-09-21 01:24 - 131763426 _____ C:\Users\dj\Downloads\Pet Shop Boys - Always On My Mind (2016 Another Ext.Mix By Marc Eliow) HD.mp4
2020-09-21 01:23 - 2020-09-21 01:23 - 021562699 _____ C:\Users\dj\Downloads\The Beloved - Sweet Harmony - Dj sparkes - 2016 - remix - a life in music.mp4
2020-09-21 01:17 - 2020-09-21 01:17 - 007541692 _____ C:\Users\dj\Downloads\Earth Wind & Fire - September (Dj ''S'' Remix).mp4
2020-09-21 01:09 - 2020-09-21 01:09 - 009219578 _____ C:\Users\dj\Downloads\The Cure - In Between Days (DJ Revan extended mix).mp4
2020-09-21 00:18 - 2020-09-21 00:18 - 053781455 _____ C:\Users\dj\Downloads\Erasure - A Little Respect (Disco Mix Extended Remix Version) VP Dj Duck.mp4
2020-09-21 00:05 - 2020-09-21 00:05 - 010078646 _____ C:\Users\dj\Downloads\New Order - Bizarre Love Triangle (Extended Dance Mix) = 1986.mp4
2020-09-19 16:03 - 2020-09-19 16:03 - 000000000 ____D C:\Program Files (x86)\Doblon
2020-09-19 14:58 - 2020-09-19 14:58 - 000001785 _____ C:\Users\dj\Desktop\KaraFun Editor.lnk
2020-09-19 14:58 - 2020-09-19 14:58 - 000000895 _____ C:\Users\dj\Desktop\KaraFun.lnk
2020-09-19 14:58 - 2020-09-19 14:58 - 000000000 ____D C:\ProgramData\Recisio
2020-09-19 14:58 - 2020-09-19 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun
2020-09-15 18:06 - 2020-09-15 18:14 - 000081928 _____ C:\Users\dj\Downloads\Porque te vas.mp4.sfk
2020-09-15 18:05 - 2020-09-15 18:05 - 006901811 _____ C:\Users\dj\Downloads\Porque te vas.mp4
2020-09-15 00:27 - 2020-09-15 00:29 - 000085880 _____ C:\Users\dj\Downloads\Nos Barracos da Cidade (Barracos).mp4.sfk
2020-09-15 00:26 - 2020-09-15 00:26 - 008566773 _____ C:\Users\dj\Downloads\Nos Barracos da Cidade (Barracos).mp4
2020-09-15 00:15 - 2020-09-15 00:20 - 000061376 _____ C:\Users\dj\Downloads\TCHAKABUM - Explosao.mp4.sfk
2020-09-15 00:13 - 2020-09-15 00:13 - 008492692 _____ C:\Users\dj\Downloads\TCHAKABUM - Explosao.mp4
2020-09-14 23:05 - 2020-09-14 23:07 - 000067224 _____ C:\Users\dj\Downloads\Damas Gratis - Tu no eres para mi.mp4.sfk
2020-09-14 23:05 - 2020-09-14 23:05 - 007907145 _____ C:\Users\dj\Downloads\Damas Gratis - Tu no eres para mi.mp4
2020-09-14 22:53 - 2020-09-14 23:01 - 000075528 _____ C:\Users\dj\Downloads\Cerca De Ti.mp4.sfk
2020-09-14 22:52 - 2020-09-14 22:52 - 011656997 _____ C:\Users\dj\Downloads\Cerca De Ti.mp4
2020-09-14 22:38 - 2020-09-14 22:38 - 005958828 _____ C:\Users\dj\Downloads\Alicia Villarreal - Y tropece de nuevo.mp4
2020-09-11 22:57 - 2020-09-11 22:58 - 103118199 _____ C:\Users\dj\Downloads\ANGELES DE CHARLY -  EXITOS ENGANCHADOS -  DJ MAXI GALAMIXER.mp4
2020-09-11 20:51 - 2020-09-11 20:51 - 031485343 _____ C:\Users\dj\Downloads\LOS FLAMERS '' MI NEGRA.mp4
2020-09-11 20:34 - 2020-09-11 20:34 - 004702079 _____ C:\Users\dj\Downloads\Los Sabanales  - Los Corraleros de Majagual _ Discos Fuentes.mp4
2020-09-11 18:53 - 2020-09-11 18:53 - 006739346 _____ C:\Users\dj\Downloads\La Sonora Dinamita Capullo y Sorullo.mp4
2020-09-11 13:22 - 2020-09-11 13:23 - 011145338 _____ C:\Users\dj\Downloads\Quiereme Como Te Quiero _ Bronco.mp4
2020-09-11 13:22 - 2020-09-11 13:22 - 005734145 _____ C:\Users\dj\Downloads\Bronco - Si Te Vuelves a Enamorar (Cover Audio).mp4
2020-09-11 12:58 - 2020-09-11 12:58 - 012644927 _____ C:\Users\dj\Downloads\Bronco - Esa Mujer [HD].mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-11 05:05 - 2011-06-16 21:12 - 000000000 ____D C:\Windows\system32\Drivers\Avg
2020-10-11 01:38 - 2011-11-08 16:52 - 000000000 ____D C:\Users\dj\AppData\Roaming\uTorrent
2020-10-11 00:29 - 2009-07-14 06:45 - 000014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-10-11 00:29 - 2009-07-14 06:45 - 000014800 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-10-11 00:26 - 2009-07-14 07:13 - 000006414 _____ C:\Windows\system32\PerfStringBackup.INI
2020-10-11 00:22 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-10-10 20:36 - 2020-07-23 02:35 - 000000000 ____D C:\Users\dj\AppData\Local\CrashDumps
2020-10-10 20:32 - 2011-06-16 04:45 - 000000000 ____D C:\Users\dj\AppData\Roaming\Any Video Converter
2020-10-10 20:28 - 2011-06-16 09:00 - 000000000 ____D C:\Users\dj\AppData\Roaming\vlc
2020-10-10 18:48 - 2020-07-15 00:27 - 000000000 ____D C:\CLIPS EDITADOS
2020-10-10 16:47 - 2011-06-16 04:22 - 000000000 ____D C:\Users\dj
2020-10-10 16:09 - 2020-08-27 07:19 - 089128960 _____ C:\Windows\system32\C_32770.NLS
2020-10-10 14:00 - 2014-08-08 20:39 - 000000000 ____D C:\Users\dj\Documents\office 2013
2020-10-10 13:44 - 2019-01-06 03:47 - 000000000 ____D C:\USB File Resc
2020-10-10 13:44 - 2009-09-07 02:40 - 000000000 ___HD C:\SYSTEM.SAV
2020-10-10 13:03 - 2011-06-16 04:45 - 000000000 ____D C:\Outerspace Software
2020-10-10 13:02 - 2011-06-27 18:56 - 000000000 ____D C:\NVIDIA
2020-10-10 13:00 - 2014-03-13 04:54 - 000000000 ____D C:\My-3D-Album
2020-10-10 13:00 - 2014-01-22 21:39 - 000000000 ____D C:\Daslight Virtual Controller 3
2020-10-10 13:00 - 2009-10-30 04:14 - 000000000 ___HD C:\HP
2020-10-10 12:58 - 2012-06-05 15:49 - 000000000 ____D C:\Daslight Virtual Controller 2
2020-10-10 12:55 - 2011-07-04 19:40 - 000000000 ____D C:\Archivos de programa
2020-10-10 12:40 - 2020-07-18 23:17 - 000000000 ___HD C:\$AV_AVG
2020-10-10 12:40 - 2020-06-25 03:04 - 000000000 ____D C:\adb
2020-10-10 01:09 - 2015-06-29 07:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2020-10-10 00:05 - 2020-08-27 21:28 - 000000000 ____D C:\Windows\w
2020-10-10 00:05 - 2020-08-27 21:28 - 000000000 ____D C:\Windows\c
2020-10-09 23:59 - 2019-05-14 02:08 - 000000000 ____D C:\ProgramData\AVG
2020-10-09 23:29 - 2020-08-21 01:43 - 000000000 ____D C:\Users\dj\AppData\Local\BitTorrentHelper
2020-10-09 23:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-10-09 10:51 - 2020-09-05 17:15 - 000000000 ___SD C:\Users\dj\AppData\LocalLow\Temp
2020-10-09 01:43 - 2012-06-26 17:33 - 000000000 ____D C:\Program Files (x86)\Free MP3 Converter
2020-10-09 00:32 - 2020-07-22 16:59 - 000022410 _____ C:\AT-Destroyer.txt
2020-10-07 23:56 - 2018-05-15 06:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2020-10-07 23:56 - 2012-04-12 02:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2020-10-01 00:18 - 2015-06-29 07:32 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2020-09-30 18:50 - 2020-07-14 03:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-09-29 23:30 - 2011-11-08 03:53 - 000000000 ____D C:\Windows\Minidump
2020-09-29 00:39 - 2013-04-23 15:45 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-09-29 00:35 - 2020-08-27 07:29 - 000000000 ____D C:\Users\dj\AppData\Roaming\Panda Security
2020-09-29 00:33 - 2020-08-27 07:26 - 000000000 ____D C:\ProgramData\Panda Security
2020-09-29 00:32 - 2015-01-26 00:46 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2020-09-27 01:18 - 2019-07-17 23:48 - 000000000 ____D C:\Users\dj\AppData\Roaming\Mp3tag
2020-09-19 14:58 - 2015-03-26 22:57 - 000000000 ____D C:\Program Files (x86)\KaraFun
2020-09-17 20:41 - 2011-06-16 08:09 - 000000000 ____D C:\ProgramData\NVIDIA

==================== Files in the root of some directories ========

2013-02-04 02:59 - 2013-02-25 15:19 - 000000128 ____H () C:\Users\dj\microsoft.dat
2012-07-06 13:21 - 2012-07-06 13:21 - 000000288 _____ () C:\Users\dj\AppData\Roaming\.backup.dm
2013-01-31 14:00 - 2013-02-01 01:17 - 000000199 _____ () C:\Users\dj\AppData\Roaming\burnaware.ini
2014-08-09 23:47 - 2014-08-30 02:14 - 000000360 _____ () C:\Users\dj\AppData\Roaming\com.plutinosoft.idemo.plist
2013-01-31 20:23 - 2018-05-15 01:32 - 000007859 _____ () C:\Users\dj\AppData\Roaming\pcouffin.cat
2013-01-31 20:23 - 2018-05-15 01:32 - 000001167 _____ () C:\Users\dj\AppData\Roaming\pcouffin.inf
2013-01-31 20:23 - 2018-05-15 01:32 - 000000055 _____ () C:\Users\dj\AppData\Roaming\pcouffin.log
2013-01-31 20:23 - 2018-05-15 01:32 - 000082816 _____ (VSO Software) C:\Users\dj\AppData\Roaming\pcouffin.sys
2019-12-03 05:09 - 2019-12-03 05:09 - 000157351 _____ () C:\Users\dj\AppData\Roaming\Rasigacohino
2013-11-29 17:30 - 2014-08-11 21:50 - 000000462 _____ () C:\Users\dj\AppData\Roaming\Rim.Desktop.Exception.log
2013-11-29 17:29 - 2014-09-16 05:13 - 000008458 _____ () C:\Users\dj\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-11-29 17:30 - 2014-08-11 21:49 - 000000462 _____ () C:\Users\dj\AppData\Roaming\Rim.DesktopHelper.Exception.log
2019-05-14 14:09 - 2019-12-05 05:09 - 000000399 _____ () C:\Users\dj\AppData\Roaming\WB.CFG
2013-11-28 22:25 - 2013-11-28 22:25 - 000000000 _____ () C:\Users\dj\AppData\Roaming\wklnhst.dat
2011-06-16 04:27 - 2011-06-16 04:27 - 000000000 _____ () C:\Users\dj\AppData\Local\AtStart.txt
2020-07-19 07:34 - 2020-07-19 07:34 - 000000558 _____ () C:\Users\dj\AppData\Local\bowsakkdestx.txt
2011-06-16 04:27 - 2011-06-16 04:27 - 000000000 _____ () C:\Users\dj\AppData\Local\DSwitch.txt
2019-07-18 15:05 - 2019-07-18 15:05 - 000000001 _____ () C:\Users\dj\AppData\Local\llftool.4.25.agreement
2019-05-25 08:13 - 2019-05-25 08:13 - 000000000 _____ () C:\Users\dj\AppData\Local\oobelibMkey.log
2011-06-16 04:27 - 2011-06-16 04:27 - 000000000 _____ () C:\Users\dj\AppData\Local\QSwitch.txt
2015-01-26 00:21 - 2017-12-21 23:54 - 000007597 _____ () C:\Users\dj\AppData\Local\resmon.resmoncfg
2020-07-19 07:34 - 2020-07-19 07:34 - 000000049 _____ () C:\Users\dj\AppData\Local\script.ps1
2015-11-07 19:31 - 2015-11-07 19:31 - 000000000 _____ () C:\Users\dj\AppData\Local\{3B39B971-16B2-42C1-A4A8-698A3D2645C7}
2020-08-27 00:10 - 2020-08-27 00:10 - 000000000 _____ () C:\Users\dj\AppData\Local\{5827666D-36D1-4B80-BBA4-98BF20A7A222}
2015-11-06 01:04 - 2015-11-06 01:04 - 000000000 _____ () C:\Users\dj\AppData\Local\{6D61232A-0AF5-4BD2-8956-1C775FAC5676}
2018-07-13 02:48 - 2018-07-13 02:48 - 000000000 _____ () C:\Users\dj\AppData\Local\{8229AD89-9DC8-4C65-8D93-25D67996EBCB}
2017-12-15 16:26 - 2017-12-15 16:26 - 000000000 _____ () C:\Users\dj\AppData\Local\{B6DB3797-C2D0-4885-8131-CD414BB7A5E7}
2020-07-22 16:39 - 2020-07-22 16:39 - 000000000 _____ () C:\Users\dj\AppData\Local\{C3C629D2-0AFD-4CDF-A54A-A98BF0A35E26}
2017-03-06 02:30 - 2017-03-06 02:30 - 000000000 _____ () C:\Users\dj\AppData\Local\{D6D2F376-A24C-4917-902F-0CD8BBC3C35D}
2018-08-01 18:23 - 2018-08-01 18:23 - 000000000 _____ () C:\Users\dj\AppData\Local\{EF0739FD-6430-45B1-B494-371B6E0D05A0}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\dllhost.exe => MD5 is legit
C:\Windows\SysWOW64\dllhost.exe => MD5 is legit

LastRegBack: 2020-08-26 23:16
==================== End of FRST.txt ========================

AHORA PEGO EL INFORME ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by dj (11-10-2020 12:38:29)
Running from C:\Users\dj\Desktop\antiV
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-16 02:22:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3994139564-2437849967-1822899332-500 - Administrator - Disabled)
dj (S-1-5-21-3994139564-2437849967-1822899332-1001 - Administrator - Enabled) => C:\Users\dj
Guest (S-1-5-21-3994139564-2437849967-1822899332-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3994139564-2437849967-1822899332-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\uTorrent) (Version: 3.5.5.45776 - BitTorrent Inc.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Ae (HKLM\...\{B910FB1A-0B9D-412D-A735-28AF88A52FF1}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects 6.5 (HKLM-x32\...\{61CEB2D7-8D3B-4247-B75E-A95F6699B90A}) (Version: 6.5 - Adobe Systems Inc.)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_0_0) (Version: 15.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.414 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.414 - Adobe)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
AudioShell 2.3.6 (HKLM\...\AudioShell_is1) (Version: 2.3.6 - Softpointer Inc)
BluffTitler (HKLM-x32\...\BluffTitler) (Version:  - Outerspace Software)
BluffTitler Ultimate 13.0.0.1 MegaPack (HKLM-x32\...\BluffTitler Ultimate 13.0.0.1 MegaPack_is1) (Version:  - Outerspace Software)
Boris Graffiti 6 for Corel VideoStudio Pro X8 64-Bit (HKLM\...\{C0AC7ED4-3714-499D-849B-77396A04591C}) (Version: 6.1.0010 - Boris FX, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1086 - AB Team, d.o.o.)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.56.1043 - Webteh, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 3.03 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Corel VideoStudio 12 (HKLM-x32\...\InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation)
Daslight Virtual Controller 3 (HKLM-x32\...\Daslight Virtual Controller 3_is1) (Version:  - Daslight)
DENON DJ ASIO Driver (HKLM-x32\...\{E4EC27CD-229E-481E-84F1-7AB83AC479BE}) (Version: 2.2.2 - DENON_DJ)
DENON DJ ASIO for DJ Controller (HKLM\...\{A4DEAEA9-724B-4A28-A2B7-F4794FC2C4F8}) (Version: 1.0.0 - D&M Holdings Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.7.0 - DivX, LLC)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
ezvid (HKLM-x32\...\{38C27BF3-6977-4CB1-94C4-A05A9989A137}) (Version: 0.6.18 - ezvid, inc.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Freemake Audio Converter version 1.1.3 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.3 - Ellora Assets Corporation)
Freemake Video Converter versión 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.135 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Earth (HKLM-x32\...\{4286E640-B5FB-11DF-AC4B-005056C00008}) (Version: 5.2.1.1588 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HDClone 5.0.7 Free Edition (HKLM\...\Miray.HDClone.Free.5.0.7.1033-{FC3130B1-E135-4C35-9703-883F19504327}) (Version: 5.0 - Miray Software AG)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
Imagenomic Noiseware 5.0.2 Plug-in (build 5020) (HKLM\...\ImagenomicNoisewarePlugin) (Version:  - )
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
KaraFun 1.18 (HKLM-x32\...\KaraFun_is1) (Version:  - Recisio)
K-Lite Mega Codec Pack 15.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.7.5 - KLCP)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
KMSpico v9.3.2 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
Malwarebytes version 4.2.1.89 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.1.89 - Malwarebytes)
Mega Manager (HKLM-x32\...\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}) (Version: 3.5.0.0 - Megaupload Limited)
Mega Manager (HKLM-x32\...\{41BB38A4-ED84-4682-8329-042FEBD8C30B}) (Version: 3.3.05 - Megaupload Limited) Hidden
Mega Manager (HKLM-x32\...\{CD6163D8-60AB-4681-A79E-B677C2D98BA5}) (Version: 3.5.0.0 - Megaupload Limited) Hidden
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\Teams) (Version: 1.3.00.4461 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 69.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 69.0.1 (x64 es-ES)) (Version: 69.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1 - Mozilla)
Mp3tag v2.97 (HKLM-x32\...\Mp3tag) (Version: 2.97 - Florian Heidenreich)
MSVC80_x64 (HKLM\...\{68660049-8D48-427C-9FF7-139D8340CDC0}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86 (HKLM-x32\...\{212748BB-0DA5-46DE-82A1-403736DC9F27}) (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 260.99 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 260.99 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OrangeVocoder v2.0-OxYGeN (HKLM-x32\...\OrangeVocoder v2.0-OxYGeN) (Version:  - )
OrangeVocoder VST 2.02 (HKLM-x32\...\OrangeVocoder_VST_2.02) (Version:  - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF to JPG 13.0 (HKLM-x32\...\PDF to JPG_is1) (Version:  - TriSun Software Limited)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 5.7.0.0014 - Pioneer DJ Corporation.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 7.7 - Power Software Ltd)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.110.2 - proDAD GmbH) Hidden
proDAD Mercalli 2.0 (64bit) (HKLM\...\proDAD-Mercalli-2.0) (Version: 2.0.120 - proDAD GmbH) Hidden
proDAD Route 4.0 (64bit) (HKLM\...\proDAD-HeroglyphRoute-4.0) (Version: 4.0.233.1 - proDAD GmbH) Hidden
proDAD Script 4.0 (64bit) (HKLM\...\proDAD-HeroglyphScript-4.0) (Version: 4.0.233.1 - proDAD GmbH) Hidden
proDAD Vitascene 2.0 (64bit) (HKLM\...\proDAD-Vitascene-2.0) (Version: 2.0.233 - proDAD GmbH) Hidden
QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RealDownloader (HKLM-x32\...\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}) (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0010 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2214 - CyberLink Corp.) Hidden
rekordbox 5.7.0 64bit (HKLM\...\Pioneer rekordbox 5.7.0) (Version: 5.7.0.0014 - Pioneer DJ)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Sound Forge Pro 10.0 (HKLM-x32\...\{3F9170C9-A7C2-408F-A4D8-EC77250040BF}) (Version: 10.0.368 - Sony)
Sound Forge Pro 11.0 (HKLM-x32\...\{4240D670-7367-11E6-92BB-BB95F5A309BD}) (Version: 11.0.345 - MAGIX)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.27.1 - Synaptics Incorporated)
The Logo Creator v5 (HKLM-x32\...\The Logo Creator v5) (Version:  - )
Trapcode Suite 64-bit (HKLM\...\{DA06169F-8857-41A0-8FAE-F57C787CE9E2}) (Version: 12.1.2 - Red Giant) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{DA06169F-8857-41A0-8FAE-F57C787CE9E2}) (Version: 12.1.2 - Red Giant)
TuneUp Utilities Language Pack (es-ES) (HKLM-x32\...\{DED3E411-B3C3-4154-A3F7-AE2EFC98FDBA}) (Version: 12.0.2040.29 - TuneUp Software) Hidden
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
UltraISO Premium V8.63 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Utilidad Configuración iPhone (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VideoStudio (HKLM-x32\...\{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}) (Version: 12.0.0.0000 - Corel Corporation) Hidden
VideoStudio (HKLM-x32\...\{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
VirtualDJ LE (MC3000) (HKLM-x32\...\{C313E56B-BD78-41B6-8E37-2F327027C26D}) (Version: 7.0.5 - Atomix Productions)
VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Driver Package - Das (WinUSB) USB  (12/14/2011 1.4) (HKLM\...\883C6F371CE9B23C1CF864201BD5C4BBCA440808) (Version: 12/14/2011 1.4 - Das)
Windows Driver Package - Das USB  (09/20/2010 1.6.0) (HKLM\...\3CAABDB4D5E19760A561BDB6506A3E8432AE8457) (Version: 09/20/2010 1.6.0 - Das)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Windows Driver Package - LightingSoft AG (WinUSB) USB  (11/21/2012 2.0) (HKLM\...\AD8DE902B836E8AAF38035C3FD2D8B47A0960F4F) (Version: 11/21/2012 2.0 - LightingSoft AG)
Windows Live Sync (HKLM-x32\...\{914DD274-9C5D-44CA-9AC7-12B8D2D4DA08}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xara 3D Maker 7 (HKLM-x32\...\{19B9DAD6-5E6E-4B80-8EFE-314B5638D6D4}) (Version: 7.0.0.415 - Xara Group Ltd) Hidden
Xara 3D Maker 7 (HKLM-x32\...\MAGIX_MSI_Xara3D7) (Version: 7.0.0.415 - Xara Group Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\dj\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001_Classes\CLSID\{AB246BE9-1623-4A84-ABDA-CFF4D4A273CB}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dj\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AudioShellContextMenu] -> {0BB9462B-BCDD-4341-8344-790CAE8A747D} => C:\Program Files\AudioShell\AudioShell64.dll [2016-06-06] (Softpointer Inc -> Softpointer Inc)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-07-15] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-07-15] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => C:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2008-06-09] (Corel Corporation -> Ulead Systems, Inc.)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll [2017-07-09] () [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-07-15] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2020-06-22] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\SYSTEM32\prodad-codec.dll [607256 2013-08-17] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\SYSTEM32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SYSTEM32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SYSTEM32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS) [File not signed]
HKLM\...\Drivers32: [msacm.dvacm] => C:\Program Files (x86)\Common Files\Ulead Systems\VIO\DVACM.acm [20480 2008-02-25] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [msacm.MPEGacm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm [69632 2008-05-06] (Ulead Systems, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.ulmp3acm] => C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm [319488 2006-01-23] (Ulead systems) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\Drivers32: [vidc.i420] => [X]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\dj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\dj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
ShortcutWithArgument: C:\Users\Public\Desktop\VideoStudio Learning.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudio

==================== Loaded Modules (Whitelisted) =============

2016-10-31 21:45 - 2017-07-09 12:00 - 000598528 _____ () [File not signed] C:\Users\dj\AppData\Local\MEGAsync\ShellExtX64.dll
2012-12-24 12:53 - 2012-12-24 12:53 - 000129024 _____ () [File not signed] C:\Windows\System32\HPCP1020LM.DLL
2011-12-20 20:30 - 2005-03-12 06:07 - 000087040 _____ () [File not signed] C:\Windows\System32\pdfcmnnt.dll
2011-06-16 05:34 - 2007-07-17 17:07 - 000130560 _____ (EZB Systems, Inc.) [File not signed] C:\Program Files (x86)\UltraISO\isoshl64.dll
2019-07-15 11:24 - 2019-07-15 11:24 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2009-07-14 03:20 - 2009-07-14 03:41 - 000048640 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpf3lw73.dll
2009-07-14 03:20 - 2009-07-14 03:41 - 000046080 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\System32\hpz3lw71.dll
2009-07-14 03:20 - 2009-07-14 03:41 - 000053248 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\System32\hpzllw71.dll
2012-09-09 21:29 - 2009-07-14 03:41 - 000258048 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpfppw73.dll
2011-10-10 21:49 - 2009-07-14 03:41 - 000230400 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzppw71.dll
2010-03-23 20:53 - 2010-03-23 20:53 - 001465344 _____ (IDT, Inc.) [File not signed] C:\Windows\system32\stapo64.dll
2013-11-28 15:58 - 2012-12-24 12:53 - 000065024 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\HPCP1020PP.DLL
2009-07-14 02:00 - 2009-07-14 03:40 - 000402944 _____ (Microsoft Corporation) [File not signed] [File is in use] c:\windows\system32\es.dll
2020-03-08 11:15 - 2020-03-08 11:15 - 000743424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Internet Explorer\ieproxy.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 000244736 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Portable Devices\SqmApi.dll
2009-07-14 01:56 - 2009-07-14 03:41 - 000087552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2009-07-14 02:24 - 2009-07-14 03:40 - 000026112 _____ (Microsoft Corporation) [File not signed] C:\Windows\ehome\ehSSO.dll
2011-06-27 20:08 - 2010-11-20 15:25 - 000053248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\acppage.dll
2011-06-27 20:08 - 2010-11-20 15:25 - 000780800 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Actioncenter.dll
2011-06-27 20:10 - 2010-11-20 15:25 - 000958464 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\actxprxy.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000880640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ADVAPI32.dll
2018-12-30 00:47 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\AEPIC.dll
2009-07-14 01:55 - 2009-07-14 03:40 - 000053248 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AltTab.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000010752 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000003584 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000002560 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000005632 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000003072 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000009728 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000005632 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000004096 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2020-03-08 11:03 - 2020-03-08 11:03 - 000003072 ____H (Microsoft Corporation) [File not signed] C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2018-12-30 00:45 - 2015-10-29 19:50 - 000342016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\apphelp.dll
2020-03-07 20:31 - 2016-05-04 19:16 - 000070144 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\appinfo.dll
2009-07-14 02:34 - 2009-07-14 03:40 - 000090624 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ATL.DLL
2020-03-07 20:38 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\audioeng.dll
2020-03-07 20:38 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\audioses.dll
2020-03-07 20:38 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\audiosrv.dll
2018-12-28 00:54 - 2016-08-29 17:31 - 001941504 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\authui.dll
2009-07-14 01:50 - 2009-07-14 03:40 - 000177664 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\AUTHZ.dll
2009-07-14 02:22 - 2009-07-14 03:40 - 000018432 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\AVRT.dll
2018-12-30 00:47 - 2015-07-15 05:19 - 000052736 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\basesrv.DLL
2011-06-27 20:09 - 2010-11-20 15:25 - 000749568 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\BatMeter.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000123904 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\bcrypt.dll
2011-06-27 20:09 - 2010-11-20 15:25 - 000705024 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bfe.dll
2009-07-14 01:46 - 2009-07-14 03:40 - 000056832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\bitsigd.dll
2011-06-27 20:08 - 2010-11-20 15:25 - 000024576 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bitsperf.dll
2013-11-29 14:45 - 2012-07-05 00:13 - 000059392 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\browcli.dll
2013-11-29 14:45 - 2012-07-05 00:13 - 000136704 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\browser.dll
2011-06-27 20:08 - 2010-11-20 15:24 - 000721408 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\bthprops.cpl
2009-07-14 02:06 - 2009-07-14 03:40 - 000083968 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\bthserv.dll
2011-06-27 20:08 - 2010-11-20 15:25 - 000094720 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Cabinet.dll
2009-07-14 02:00 - 2009-07-14 03:40 - 000525824 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\catsrvut.dll
2011-06-27 20:08 - 2010-11-20 15:25 - 000071680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\certpoleng.dll
2011-06-29 14:36 - 2010-11-20 15:25 - 000207872 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CFGMGR32.dll
2009-07-14 02:00 - 2009-07-14 03:40 - 000607744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CLBCatQ.DLL
2011-06-27 20:09 - 2010-11-20 15:25 - 000314368 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CLUSAPI.DLL
2009-07-14 01:49 - 2009-07-14 03:40 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cngaudit.dll
2011-06-27 20:09 - 2010-11-20 15:25 - 000594432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\comdlg32.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000022016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\credssp.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPT32.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000043520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTBASE.dll
2009-07-14 01:49 - 2009-07-14 03:40 - 000066048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cryptdll.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\CRYPTNET.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTSP.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cryptsvc.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTUI.dll
2011-06-27 20:08 - 2010-11-20 15:25 - 000046080 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\cscapi.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000044032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CSRSRV.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 000194560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d10_1.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 000333312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d10_1core.dll
2014-08-11 23:58 - 2013-04-01 00:52 - 001887232 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d11.dll
2009-07-14 01:41 - 2009-07-14 03:40 - 000012288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d8thk.dll
2011-06-27 20:10 - 2010-11-20 15:26 - 002067456 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\d3d9.dll
2018-12-25 11:11 - 2017-04-12 15:05 - 004296704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\D3DCompiler_47.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000100864 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\davclnt.dll
2009-07-14 01:23 - 2009-07-14 03:40 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\DAVHLPR.dll
2011-06-27 20:08 - 2010-11-20 15:26 - 001087488 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dbghelp.dll
2018-12-28 00:56 - 2015-12-08 21:07 - 000076288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\devenum.dll
2009-07-14 01:26 - 2009-07-14 03:40 - 000093184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DEVOBJ.dll
2009-07-14 01:26 - 2009-07-14 03:40 - 000058368 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\DEVRTL.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000317952 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dhcpcore.dll
2014-08-12 00:45 - 2012-10-09 20:17 - 000226816 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dhcpcore6.dll
2009-07-14 01:21 - 2009-07-14 03:40 - 000087040 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dhcpcsvc.DLL
2014-08-12 00:45 - 2012-10-09 20:17 - 000055296 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dhcpcsvc6.DLL
2011-06-16 22:59 - 2011-03-03 08:24 - 000357888 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DNSAPI.dll
2009-07-14 02:12 - 2009-07-14 03:40 - 000008192 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\dnsext.dll
2011-06-16 22:59 - 2011-03-03 08:24 - 000183296 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dnsrslvr.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000162816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dps.dll
2020-03-07 20:37 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\drmv2clt.dll
2009-07-14 02:17 - 2009-07-14 03:40 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\drprov.dll
2009-07-14 01:50 - 2009-07-14 03:40 - 000032768 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\dsrole.dll
2009-07-14 01:41 - 2009-07-14 03:40 - 000976896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DUI70.dll
2009-07-14 01:39 - 2009-07-14 03:40 - 000260608 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DUser.dll
2018-12-30 00:47 - 2015-07-09 19:58 - 000082944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmapi.dll
2018-12-30 00:47 - 2015-07-09 19:58 - 001632256 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmcore.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000128512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmredir.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 001643520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DWrite.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 000363008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxgi.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000459776 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxp.dll
2009-07-14 01:42 - 2009-07-14 03:40 - 000117248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxva2.dll
2009-07-14 02:12 - 2009-07-14 03:40 - 000263680 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eappcfg.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000303616 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\eapphost.dll
2009-07-14 02:12 - 2009-07-14 03:40 - 000064512 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eappprxy.dll
2009-07-14 02:12 - 2009-07-14 03:40 - 000111104 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\eapsvc.dll
2011-06-27 20:08 - 2010-11-20 15:26 - 000304128 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EFSCORE.dll
2009-07-14 01:50 - 2009-07-14 03:40 - 000056832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\efslsaext.dll
2009-07-14 01:50 - 2009-07-14 03:40 - 000037376 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\efssvc.dll
2009-07-14 01:50 - 2009-07-14 03:40 - 000034816 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EFSUTIL.dll
2011-06-27 20:08 - 2010-11-20 15:26 - 000144896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EhStorAPI.dll
2009-07-14 02:00 - 2009-07-14 03:40 - 000203264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EhStorShell.dll
2014-08-11 22:37 - 2011-03-11 08:33 - 002565632 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ESENT.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EVR.dll
2018-12-28 00:54 - 2016-08-29 17:31 - 001867776 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EXPLORERFRAME.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 000016384 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fdphost.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 000051200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fdPnp.dll
2011-06-27 20:08 - 2010-11-20 15:26 - 000074240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fdproxy.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 000034816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\fdrespub.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 000093696 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fdssdp.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 000132096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fdwsd.dll
2009-07-14 02:08 - 2009-07-14 03:40 - 000748032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FirewallAPI.dll
2009-07-14 01:23 - 2009-07-14 03:40 - 000019456 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FLTLIB.DLL
2011-06-27 20:09 - 2010-11-20 15:26 - 000295936 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\framedynos.dll
2009-07-14 01:35 - 2009-07-14 03:40 - 000194560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FunDisc.dll
2009-07-14 01:21 - 2009-07-14 03:40 - 000020480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FVECERTS.dll
2009-07-14 02:09 - 2009-07-14 03:40 - 000324096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fwpuclnt.dll
2018-12-28 00:52 - 2016-05-12 19:14 - 000075776 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\FwRemoteSvr.DLL
2011-06-27 20:08 - 2010-11-20 15:26 - 000623104 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FXSAPI.dll
2011-06-27 20:08 - 2010-11-20 15:26 - 000041984 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\FXSMON.DLL
2009-07-14 02:36 - 2009-07-14 03:27 - 000925184 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\FXSRESM.DLL
2009-07-14 02:35 - 2009-07-14 03:40 - 000863744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fxsst.dll
2014-08-12 01:31 - 2012-12-07 15:15 - 002746368 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\gameux.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000403968 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\GDI32.dll
2018-12-28 00:52 - 2016-05-12 19:14 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\GPAPI.dll
2018-12-28 00:52 - 2016-05-12 19:14 - 000794624 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\gpsvc.dll
2009-07-14 01:56 - 2009-07-14 03:40 - 000031232 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\hcproviders.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000332288 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\hgcpl.dll
2009-07-14 02:06 - 2009-07-14 03:41 - 000030208 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\HID.DLL
2009-07-14 02:06 - 2009-07-14 03:41 - 000038912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\hidserv.dll
2009-07-14 02:08 - 2009-07-14 03:41 - 000424448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\hnetcfg.dll
2011-06-27 20:08 - 2010-11-20 15:26 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\HTTPAPI.dll
2009-07-14 01:37 - 2009-07-14 03:41 - 000014336 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IconCodecService.dll
2020-03-08 11:15 - 2020-03-08 11:15 - 014404096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ieframe.DLL
2020-03-08 11:15 - 2020-03-08 11:15 - 002885632 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\iertutil.dll
2011-06-27 20:10 - 2010-11-20 15:26 - 000853504 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ikeext.dll
2014-08-12 00:50 - 2013-10-19 04:18 - 000081408 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\imagehlp.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000503296 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\imapi2.dll
2009-07-14 01:38 - 2009-07-14 03:41 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IMM32.DLL
2011-06-27 20:09 - 2010-11-20 15:26 - 000166912 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\inetpp.dll
2009-07-14 01:35 - 2009-07-14 03:41 - 000101888 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ipbusenum.dll
2009-07-14 01:35 - 2009-07-14 03:41 - 000012800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IPBusEnumProxy.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000145920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IPHLPAPI.DLL
2014-08-11 23:53 - 2012-10-03 19:42 - 000569344 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\iphlpsvc.dll
2018-12-28 00:52 - 2016-05-12 19:14 - 000502272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ipsecsvc.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000733184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\kerberos.DLL
2020-03-07 20:38 - 2019-02-21 06:06 - 001162752 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\kernel32.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 000419840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\KERNELBASE.dll
2009-07-14 01:49 - 2009-07-14 03:41 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\keyiso.dll
2018-12-28 00:56 - 2015-12-08 21:07 - 000005120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ksuser.dll
2009-07-14 01:19 - 2009-07-14 03:41 - 000023040 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ktmw32.dll
2009-07-14 02:07 - 2009-07-14 03:41 - 000071168 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\l2gpstore.dll
2009-07-14 01:55 - 2009-07-14 03:41 - 000029696 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LINKINFO.dll
2009-07-14 02:09 - 2009-07-14 03:41 - 000023552 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\lmhsvc.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000955904 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\localspl.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000186880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\logoncli.dll
2018-12-30 00:45 - 2015-07-30 20:06 - 000041984 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LPK.dll
2020-03-07 20:38 - 2019-02-21 06:06 - 001472512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\lsasrv.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mf.dll
2009-07-14 01:59 - 2009-07-14 03:41 - 000033792 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MfcSubs.dll
2020-03-07 20:38 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mfplat.DLL
2011-06-27 20:09 - 2010-11-20 15:26 - 000257024 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mfreadwrite.dll
2009-07-14 02:10 - 2009-07-14 03:41 - 000022528 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mgmtapi.dll
2009-07-14 02:18 - 2009-07-14 03:41 - 000020480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\midimap.dll
2009-07-14 01:55 - 2009-07-14 03:41 - 000226816 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MLANG.dll
2009-07-14 02:18 - 2009-07-14 03:41 - 000284160 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\MMDevAPI.DLL
2009-07-14 02:10 - 2009-07-14 03:41 - 000080896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MPR.dll
2011-06-27 20:09 - 2010-11-20 15:26 - 000221184 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\MPRAPI.dll
2009-07-14 02:18 - 2009-07-14 03:41 - 000083456 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSACM32.dll
2009-07-14 02:18 - 2009-07-14 03:38 - 000025600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msacm32.drv
2011-06-27 20:09 - 2010-11-20 15:27 - 000046592 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSASN1.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000625664 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mscms.dll
2009-07-14 01:40 - 2009-07-14 03:41 - 001067008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSCTF.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000035840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msdmo.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000799744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MsftEdit.dll
2020-03-07 20:31 - 2016-05-04 19:17 - 003244032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msi.dll
2009-07-14 01:48 - 2009-07-14 03:41 - 000019968 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msiltcfg.dll
2009-07-14 01:38 - 2009-07-14 03:41 - 000008192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSIMG32.dll
2020-03-08 11:15 - 2020-03-08 11:15 - 000247808 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msls31.dll
2018-12-28 00:56 - 2015-12-08 21:07 - 001160192 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\msmpeg2enc.dll
2020-07-12 19:33 - 2015-12-08 21:07 - 002777088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msmpeg2vdec.dll
2009-07-14 01:50 - 2009-07-14 03:29 - 000002048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msprivs.DLL
2009-07-14 02:29 - 2009-07-14 03:41 - 000100352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mssprxy.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000316928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msv1_0.DLL
2013-11-29 14:45 - 2011-12-16 10:46 - 000634880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msvcrt.dll
2018-12-28 00:53 - 2016-05-11 19:02 - 000327168 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mswsock.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 001881088 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\msxml3.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 002004480 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\msxml6.dll
2009-07-14 02:10 - 2009-07-14 03:41 - 000068096 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\napinsp.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 001326080 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NaturalLanguage6.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000090112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NCI.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000069120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NCObjAPI.DLL
2020-03-07 20:38 - 2019-02-21 06:07 - 000312320 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ncrypt.dll
2014-08-11 23:53 - 2012-10-03 19:44 - 000216576 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ncsi.dll
2009-07-14 01:50 - 2009-07-14 03:41 - 000117248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\negoexts.DLL
2013-11-29 14:45 - 2012-07-05 00:16 - 000073216 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\NETAPI32.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000519680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netcfgx.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000188928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netjoin.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 000695808 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netlogon.DLL
2009-07-14 02:08 - 2009-07-14 03:41 - 000360448 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\netman.dll
2009-07-14 02:12 - 2009-07-14 03:41 - 000459776 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\netprofm.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 002652160 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\netshell.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netutils.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 001672704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NetworkExplorer.dll
2014-08-11 23:53 - 2012-10-03 19:44 - 000070656 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NLAapi.dll
2014-08-11 23:53 - 2012-10-03 19:44 - 000303104 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nlasvc.dll
2009-07-14 02:31 - 2009-07-14 03:41 - 006270976 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSData0009.dll
2009-07-14 02:32 - 2009-07-14 03:41 - 009772544 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSData000a.dll
2009-07-14 02:33 - 2009-07-14 03:31 - 002628608 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSLexicons0009.dll
2009-07-14 02:33 - 2009-07-14 03:31 - 009892864 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSLexicons000a.dll
2009-07-14 01:26 - 2009-07-14 03:31 - 000002560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\normaliz.DLL
2009-07-14 02:12 - 2009-07-14 03:41 - 000031744 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\npmproxy.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000015360 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nrpsrv.DLL
2009-07-14 01:21 - 2009-07-14 03:41 - 000013824 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NSI.dll
2009-07-14 01:21 - 2009-07-14 03:41 - 000025600 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\nsisvc.dll
2009-07-14 01:54 - 2009-07-14 03:41 - 000152064 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NTDSAPI.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000129536 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ntlanman.dll
2009-07-14 01:50 - 2009-07-14 03:41 - 000162304 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ntmarta.dll
2014-08-12 00:30 - 2012-01-04 12:44 - 000509952 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ntshrui.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 002086912 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ole32.dll
2013-11-29 14:44 - 2011-08-27 07:37 - 000331776 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\OLEACC.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 001211392 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RPCRT4.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RpcRtRemote.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000512000 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcss.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000052224 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\rtutils.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000067584 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\samcli.dll
2009-07-14 01:53 - 2009-07-14 03:41 - 000107008 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SAMLIB.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000758784 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SAMSRV.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000232960 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scecli.DLL
2011-06-27 20:09 - 2010-11-20 15:27 - 000406016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SCESRV.dll
2009-07-14 01:31 - 2009-07-14 03:41 - 000089088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scext.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000345600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\schannel.DLL
2011-06-27 20:10 - 2010-11-20 15:27 - 001110016 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\schedsvc.dll
2009-07-14 01:58 - 2009-07-14 03:41 - 000230400 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scrobj.dll
2009-07-14 01:58 - 2009-07-14 03:41 - 000202752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scrrun.dll
2018-12-30 01:02 - 2015-05-25 20:19 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\sechost.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000028160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\secur32.dll
2009-07-14 01:34 - 2009-07-14 03:41 - 000064512 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sens.dll
2009-07-14 01:34 - 2009-07-14 03:41 - 000015872 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SensApi.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 001900544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SETUPAPI.dll
2009-07-14 01:25 - 2009-07-14 03:33 - 000003072 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sfc.dll
2009-07-14 01:26 - 2009-07-14 03:41 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\sfc_os.DLL
2011-06-27 20:08 - 2010-11-20 15:27 - 000135168 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\shacct.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000196608 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\shdocvw.dll
2018-12-28 00:55 - 2016-08-29 17:31 - 014183424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SHELL32.dll
2009-07-14 01:55 - 2009-07-14 03:41 - 000010240 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SHFOLDER.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000448512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SHLWAPI.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000370688 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\shsvcs.dll
2009-07-14 01:51 - 2009-07-14 03:41 - 000030720 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\slc.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SndVolSSO.DLL
2009-07-14 02:10 - 2009-07-14 03:41 - 000027648 _____ (Microsoft Corporation) [File not signed] 
C:\Windows\System32\snmpapi.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 001435648 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Speech\Common\sapi.dll
2009-07-14 01:26 - 2009-07-14 03:41 - 000097792 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SPFILEQ.dll
2009-07-14 01:26 - 2009-07-14 03:41 - 000105472 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SPINF.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000039424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\winprint.dll
2009-07-14 02:39 - 2009-07-14 03:41 - 000057856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SPOOLSS.DLL
2011-06-27 20:10 - 2010-11-20 15:27 - 000244736 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sqmapi.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000340992 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\srchadmin.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000128000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\srvcli.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000236032 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\srvsvc.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SSCORE.DLL
2009-07-14 02:10 - 2009-07-14 03:41 - 000051200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SSDPAPI.dll
2009-07-14 02:10 - 2009-07-14 03:41 - 000193024 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ssdpsrv.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000135680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SSPICLI.DLL
2020-03-07 20:38 - 2019-02-21 06:07 - 000028672 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SspiSrv.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000257024 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\stobject.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000483840 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\StructuredQuery.dll
2009-07-14 01:37 - 2009-07-14 03:41 - 000524288 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\swprv.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000582656 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sxs.dll
2009-07-14 01:26 - 2009-07-14 03:41 - 000031744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sxssrv.DLL
2011-06-27 20:09 - 2010-11-20 15:27 - 002262528 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SyncCenter.dll
2013-11-29 14:45 - 2012-09-26 00:46 - 000095744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SYNCENG.dll
2009-07-14 02:22 - 2009-07-14 03:41 - 000073728 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Syncreg.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000200192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\syncui.dll
2018-12-30 00:53 - 2015-07-15 20:10 - 001743360 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\sysmain.dll
2009-07-14 01:52 - 2009-07-14 03:41 - 000023040 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SYSNTFY.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000473600 _____ (Microsoft Corporation) [File not signed]
C:\Windows\system32\taskcomp.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 001197056 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\taskschd.dll
2018-12-30 00:45 - 2016-02-05 20:56 - 000020480 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tbs.dll
2009-07-14 02:39 - 2009-07-14 03:41 - 000038912 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\tcpmib.dll
2009-07-14 02:39 - 2009-07-14 03:41 - 000195072 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\tcpmon.dll
2009-07-14 01:54 - 2009-07-14 03:41 - 000044544 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\themeservice.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000112640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\thumbcache.dll
2014-08-12 00:22 - 2011-12-30 08:26 - 000515584 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\timedate.cpl
2009-07-14 01:59 - 2009-07-14 03:41 - 000119808 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\trkwks.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000094208 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tspkg.DLL
2011-06-27 20:08 - 2010-11-20 15:27 - 000172544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\twext.dll
2018-12-30 00:45 - 2015-02-03 05:31 - 000215552 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UBPM.dll
2009-07-14 02:10 - 2009-07-14 03:41 - 000053248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\udhisapi.dll
2009-07-14 01:37 - 2009-07-14 03:41 - 000328704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\uDWM.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 000221184 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\UIAnimation.dll
2009-07-14 01:41 - 2009-07-14 03:41 - 000751104 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UIAutomationCore.DLL
2011-06-27 20:08 - 2010-11-20 15:27 - 000059904 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\umb.dll
2011-06-29 14:36 - 2011-05-24 13:42 - 000404480 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpnpmgr.dll
2009-07-14 01:27 - 2009-07-14 03:41 - 000163840 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpo.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000264192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\upnp.dll
2009-07-14 02:11 - 2009-07-14 03:41 - 000353792 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\upnphost.dll
2020-03-08 11:15 - 2020-03-08 11:15 - 001545728 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\urlmon.dll
2009-07-14 02:39 - 2009-07-14 03:41 - 000045056 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\usbmon.dll
2009-07-14 01:56 - 2009-07-14 03:41 - 000101376 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\usbui.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 001008128 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000109056 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USERENV.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000800256 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USP10.dll
2009-07-14 01:54 - 2009-07-14 03:41 - 000025088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UXINIT.dll
2009-07-14 01:37 - 2009-07-14 03:41 - 000038912 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\uxsms.dll
2009-07-14 01:55 - 2009-07-14 03:41 - 000332288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UxTheme.dll
2009-07-14 01:57 - 2009-07-14 03:41 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VERSION.dll
2009-07-14 01:25 - 2009-07-14 03:41 - 000021504 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VirtDisk.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000061952 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\vss_ps.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 001753088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VSSAPI.DLL
2009-07-14 01:36 - 2009-07-14 03:41 - 000076800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VssTrace.DLL
2009-07-14 01:47 - 2009-07-14 03:40 - 000440320 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\esscli.dll
2009-07-14 01:47 - 2009-07-14 03:40 - 000909312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\FastProx.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000078336 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\ncprov.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000451584 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\repdrvfs.dll
2009-07-14 01:37 - 2009-07-14 03:41 - 000190976 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\vsswmi.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 001225216 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemcore.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000266752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemdisp.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000505856 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemess.dll
2009-07-14 01:46 - 2009-07-14 03:41 - 000043520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemprox.dll
2009-07-14 01:46 - 2009-07-14 03:41 - 000064512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemsvc.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000191488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmidcprv.dll
2009-07-14 01:31 - 2009-07-14 03:41 - 000136192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\WmiPerfClass.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 000754176 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmiprvsd.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000242688 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wbem\wmisvc.dll
2009-07-14 01:47 - 2009-07-14 03:41 - 000137216 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmiutils.dll
2011-06-27 20:07 - 2010-11-20 15:27 - 000529408 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbemcomn.dll
2020-03-07 21:01 - 2015-01-09 05:14 - 000091136 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdi.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000036352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdiasqmmodule.dll
2020-03-07 20:38 - 2019-02-21 06:07 - 000210432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdigest.DLL
2011-06-27 20:09 - 2010-11-20 15:24 - 000217088 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdmaud.drv
2009-07-14 01:28 - 2009-07-14 03:41 - 000271360 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WDSCORE.dll
2020-03-07 19:31 - 2016-03-09 21:00 - 000396800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\webio.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 001158656 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\webservices.dll
2009-07-14 01:41 - 2009-07-14 03:41 - 000484352 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wer.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 001281024 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\werconcpl.dll
2009-07-14 01:40 - 2009-07-14 03:41 - 000084480 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wercplsupport.dll
2009-07-14 01:46 - 2009-07-14 03:41 - 000428032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wevtapi.dll
2011-06-27 20:10 - 2010-11-20 15:27 - 001646080 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wevtsvc.dll
2009-07-14 02:35 - 2009-07-14 03:41 - 000043520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wiarpc.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000580096 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wiaservc.dll
2009-07-14 02:35 - 2009-07-14 03:41 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wiatrace.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000751104 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\win32spl.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 001424384 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WindowsCodecs.dll
2020-03-08 11:02 - 2020-03-08 11:02 - 000245248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\windowscodecsext.dll
2018-12-28 00:53 - 2016-05-11 19:02 - 000444928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINHTTP.dll
2020-03-08 11:15 - 2020-03-08 11:15 - 002426880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WININET.dll
2009-07-14 02:18 - 2009-07-14 03:41 - 000217600 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINMM.dll
2009-07-14 01:21 - 2009-07-14 03:41 - 000026112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINNSI.DLL
2009-07-14 01:53 - 2009-07-14 03:41 - 000028672 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\winrnr.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000501248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WinSATAPI.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000217600 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WinSCard.dll
2011-06-27 20:09 - 2010-11-20 15:24 - 000442368 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\winspool.drv
2020-03-07 20:38 - 2019-02-21 06:07 - 000215552 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\winsrv.DLL
2018-12-28 00:51 - 2014-07-17 04:07 - 000235520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINSTA.dll
2020-03-07 20:38 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINTRUST.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000071680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wkscli.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000118784 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wkssvc.dll
2009-07-14 02:07 - 2009-07-14 03:41 - 000114176 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Wlanapi.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000414720 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WLANMSM.DLL
2009-07-14 02:07 - 2009-07-14 03:41 - 000448000 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WLANSEC.dll
2009-07-14 02:07 - 2009-07-14 03:41 - 000886784 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wlansvc.dll
2009-07-14 02:07 - 2009-07-14 03:41 - 000010752 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wlanutil.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000312832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WLDAP32.dll
2009-07-14 02:07 - 2009-07-14 03:41 - 000108544 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wlgpclnt.dll
2009-07-14 01:52 - 2009-07-14 03:41 - 000010752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wls0wndh.dll
2018-12-28 00:56 - 2015-12-08 21:07 - 001393152 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WMALFXGFXDSP.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000636416 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wmdrmdev.dll
2020-03-07 20:38 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wmp.dll
2020-03-07 20:38 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wmploc.dll
2018-12-28 00:56 - 2015-12-08 21:07 - 001026048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wmpmde.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000481280 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wmpps.dll
2009-07-14 01:52 - 2009-07-14 03:41 - 000014848 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WMsgAPI.dll
2014-08-12 01:31 - 2012-12-07 15:20 - 000441856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Wpc.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000115200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wpdshserviceobj.dll
2018-12-28 00:53 - 2016-05-11 19:02 - 000296448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WS2_32.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000063488 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WSCAPI.dll
2009-07-14 01:48 - 2009-07-14 03:41 - 000146432 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wscinterop.dll
2009-07-14 01:48 - 2009-07-14 03:41 - 000097280 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wscsvc.dll
2009-07-14 01:48 - 2009-07-14 03:38 - 001162240 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wscui.cpl
2011-06-27 20:09 - 2010-11-20 15:27 - 000577536 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wsdapi.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000026112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WSDCHNGR.DLL
2009-07-14 02:39 - 2009-07-14 03:41 - 000224768 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WSDMon.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wshbth.dll
2009-07-14 01:21 - 2009-07-14 03:41 - 000013824 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wship6.dll
2009-07-14 01:21 - 2009-07-14 03:41 - 000013312 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wshtcpip.dll
2011-06-27 20:08 - 2010-11-20 15:27 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wsnmp32.dll
2009-07-14 02:10 - 2009-07-14 03:41 - 000018432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WSOCK32.dll
2009-07-14 02:17 - 2009-07-14 03:41 - 000054272 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WTSAPI32.dll
2020-03-07 20:31 - 2016-05-13 23:53 - 000709120 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wuapi.dll
2018-12-24 11:09 - 2012-07-26 05:08 - 000194048 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WUDFPlatform.dll
2018-12-24 11:09 - 2012-07-26 05:08 - 000084992 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wudfsvc.dll
2009-07-14 02:12 - 2009-07-14 03:41 - 000368640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wwanapi.dll
2009-07-14 02:12 - 2009-07-14 03:41 - 000036352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wwapi.dll
2014-08-12 00:45 - 2011-06-16 07:49 - 000199680 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\XmlLite.dll
2009-07-14 01:59 - 2009-07-14 03:41 - 000059392 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\XOLEHLP.dll
2011-06-27 20:09 - 2010-11-20 15:27 - 000366080 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\zipfldr.dll
2018-12-30 00:45 - 2015-04-24 20:17 - 000633856 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\COMCTL32.dll
2018-12-30 00:45 - 2015-04-24 20:12 - 002030592 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
2018-12-30 00:45 - 2015-07-30 19:55 - 002166784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18946_none_2b27281071eac12c\gdiplus.dll
2011-06-16 08:29 - 2016-11-14 14:30 - 018634216 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvwgf2umx.dll
2011-06-16 07:35 - 2008-12-20 16:01 - 000249856 _____ (SRS Labs, Inc.) [File not signed] C:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68 [256]
AlternateDataStreams: C:\ProgramData\Temp:40B19B5E [146]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [116]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [266]
AlternateDataStreams: C:\ProgramData\Temp:EB2C187A [130]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\49923755.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\49923755.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.centamnetworks.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKLM -> {ECE612E3-0E8B-41A2-803A-3EAD6DA9DCE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {ECE612E3-0E8B-41A2-803A-3EAD6DA9DCE0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: No Name -> {064447BA-BC23-4927-8A96-E1DE59A2BABF} -> No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {38287f1a-ae11-4b05-9aaf-76d1d9d85ff6} -> No File
BHO: No Name -> {56955c42-97ce-49ff-837e-a521a48d0982} -> No File
BHO: No Name -> {923D1B49-E4D1-4A11-9D97-533DE797657F} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {deeab39f-2cfe-45be-b70e-94da160e75bc} -> No File
BHO: No Name -> {ebcf8409-3dd3-47b7-8b50-bf01a495b9ef} -> No File
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2010-11-20] (Microsoft Corporation) [File not signed]
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-20] (Microsoft Corporation) [File not signed]
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2016-07-01] (Microsoft Corporation) [File not signed]
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2016-07-01] (Microsoft Corporation) [File not signed]
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll [2009-07-14] (Microsoft Corporation) [File not signed]
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2010-11-20] (Microsoft Corporation) [File not signed]
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll [2010-11-20] (Microsoft Corporation) [File not signed]
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll [2020-03-08] (Microsoft Corporation) [File not signed]
Handler: WSWSVCUchrome - No CLSID Value

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7944 more sites.

IE trusted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\123simsen.com -> www.123simsen.com

There are 7944 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-11 20:02 - 2020-10-09 00:25 - 000453803 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 telemetry.malwarebytes.com
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 15604 more lines.


2015-04-21 18:31 - 2015-12-07 01:16 - 000000374 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\PROGRAMDATA\ORACLE\JAVA\JAVAPATH;C:\PROGRAM FILES (X86)\PC CONNECTIVITY SOLUTION\;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\NVIDIA CORPORATION\PHYSX\COMMON;C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\COMMON FILES\ULEAD SYSTEMS\MPEG;C:\PROGRAM FILES (X86)\PINNACLE\SHARED FILES\;C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\AGL;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\USERS\DJ\APPDATA\LOCAL\SMARTBAR\APPLICATION\;c:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 186.16.16.16 - 186.17.17.17
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AeLookupSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AVG => 2
MSCONFIG\Services: avg9emc => 2
MSCONFIG\Services: avg9wd => 2
MSCONFIG\Services: avgfws9 => 2
MSCONFIG\Services: AVGIDSAgent => 2
MSCONFIG\Services: avgm => 3
MSCONFIG\Services: AVGSecureBrowserElevationService => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HyperDeskCustomThemeEnabler => 2
MSCONFIG\Services: ibtsiva => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: KinoniSvc => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PandaAgent => 2
MSCONFIG\Services: PAVFNSVR => 2
MSCONFIG\Services: PavPrSrv => 2
MSCONFIG\Services: PAVSRV => 2
MSCONFIG\Services: PCToolsSSDMonitorSvc => 2
MSCONFIG\Services: PSIMSVC => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: PSI_SVC_2_x64 => 2
MSCONFIG\Services: PskSvcRetail => 2
MSCONFIG\Services: Red Giant Service => 2
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TPSrv => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: ZuneNetworkSvc => 3
MSCONFIG\Services: ZuneWlanCfgSvc => 3
MSCONFIG\startupreg: 4436898 => "C:\Users\dj\AppData\Local\Temp\is-DKEUC.tmp\Marbula.exe" /VERYSILENT
MSCONFIG\startupreg: 633769 => "C:\Users\dj\AppData\Roaming\thdgb4ae30o\deckv5scrya.exe" /VERYSILENT
MSCONFIG\startupreg: 8454674 => "C:\Users\dj\AppData\Roaming\zcr4dm5fg2o\25libasqzjp.exe" /VERYSILENT
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVGUI.exe => "C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui
MSCONFIG\startupreg: Chromium => "c:\users\dj\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: uTorrent => "C:\Users\dj\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{158FE3B8-B798-4DAF-8C78-D0604A0F3FCB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE => No File
FirewallRules: [{BE601F2E-6A0D-49B1-B390-3CAA9D6F6BB5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe => No File
FirewallRules: [{95B0AF0D-8788-4E75-996F-8D521FF3D524}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe => No File
FirewallRules: [{2CD68FA3-BA0D-4AD3-BB96-27BD5312E9E7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe => No File
FirewallRules: [{5163B543-6614-4D01-9984-E82EAE16EF84}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe => No File
FirewallRules: [{07200BE2-F0B8-4214-A9B0-1FB418409F57}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe => No File
FirewallRules: [{E64EF037-7D5C-43F2-B311-9FCD842993A4}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe => No File
FirewallRules: [{1C38EDFC-A3C2-44A2-AF19-04710E49145E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe => No File
FirewallRules: [{34218581-1862-470C-87EC-7A59B294BB77}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe => No File
FirewallRules: [{7E382DAC-B262-478D-923B-BE52BF1A590D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe => No File
FirewallRules: [{4A306059-3959-4E4B-9632-A02C44642A44}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe => No File
FirewallRules: [{69872E08-8104-401C-B2A6-A59D93FC44A5}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe => No File
FirewallRules: [{6C1642A2-E384-4E9D-8CED-4E0D19918F41}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QP.exe => No File
FirewallRules: [{CAFD4DDF-4D66-45E4-A279-AFD7CE8F2828}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\QPService.exe => No File
FirewallRules: [{C33B1CFD-738F-4FD9-8D04-961035E08899}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe => No File
FirewallRules: [{1AFC7958-A9F8-4A6C-9816-2B09167F3FF6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe => No File
FirewallRules: [{E69ABE41-B261-43C0-96A6-9C24838ED1EC}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe => No File
FirewallRules: [{E9A3F010-BFC2-47EB-80F1-A5D3879FC40B}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe => No File
FirewallRules: [{DED4CB08-025E-4E5F-9E35-86B74145423A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe => No File
FirewallRules: [{CEBBE1F1-45A2-4604-AAD1-4142D8F5FAF9}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe => No File
FirewallRules: [{BC96D55C-DDF0-408B-9A41-967038426C93}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgam.exe => No File
FirewallRules: [{F12D2AD5-AE41-4646-B0BA-170376F001FF}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgdiagex.exe => No File
FirewallRules: [{5E948DC3-8B9C-49CF-918F-A824FA4CA385}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgemc.exe => No File
FirewallRules: [{BBE590DE-5FD2-4759-AEA7-B96AF423568E}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgupd.exe => No File
FirewallRules: [{8BA4ECF9-9DA0-44AA-BB02-172F5B42590C}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgnsa.exe => No File
FirewallRules: [{83D690C6-4EF0-44A2-AABB-A4ACBCCA740E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe => No File
FirewallRules: [{AF2BA7AD-7BA0-4D98-9D4F-03ADAB3878BD}] => (Allow) C:\WINDOWS\SYSTEM32\svchost.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{ED77939C-CCF1-4D52-AFB0-BCEB4E97F63E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe => No File
FirewallRules: [{CFC8C5F0-537A-4468-8564-B4108C060E55}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe => No File
FirewallRules: [{0A609EFC-976D-4D7F-BB87-B82792AFA753}] => (Allow) C:\Program Files (x86)\Codemasters\DiRT 3\dirt3_game.exe => No File
FirewallRules: [{25B489CE-B5AE-4456-A256-805DAEED3B91}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{F93391A8-0ABE-4B2D-B30B-964D4D3E6B4E}] => (Allow) C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.) [File not signed]
FirewallRules: [{6DCB4BB7-AABB-403B-BF11-20025CE61BC9}] => (Allow) LPort=1542
FirewallRules: [{0559199C-9980-4553-BF69-540999B97039}] => (Allow) LPort=1542
FirewallRules: [{2433592C-5F86-4A57-A955-A447EB200A21}] => (Allow) LPort=53
FirewallRules: [{E217AF86-687F-4958-B5CE-B56EA381DA72}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{CA60298F-37BE-4B0E-9DB5-FCB003364555}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe => No File
FirewallRules: [{8F140E87-6617-4755-AA54-00F73F3DF8B2}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe => No File
FirewallRules: [{06634104-87CE-4AD9-8153-61E7DF2805AD}] => (Allow) C:\Program Files (x86)\FrostWire 5\FrostWire.exe => No File
FirewallRules: [{6B7964F5-86AA-4B96-A379-1B5E88F372F4}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe => No File
FirewallRules: [{480C6C95-8FE5-40A4-A6A4-6EA4D75C74CD}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe => No File
FirewallRules: [{D7B4E220-20BD-4BE7-BFB3-0EDF6B285C4F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe => No File
FirewallRules: [{16AB61B9-F99D-4A46-8870-CC12ADA7A492}] => (Allow) LPort=2869
FirewallRules: [{B023E2C1-A419-490A-A574-B7F30323203D}] => (Allow) LPort=1900
FirewallRules: [{70A21C19-1B46-4235-AEEB-665AE053B156}] => (Allow) C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe => No File
FirewallRules: [{E0E22E19-FE71-4F43-A711-21345E8E4680}] => (Allow) C:\Program Files (x86)\Ubisoft\Driver San Francisco\Driver.exe => No File
FirewallRules: [{95193EBF-1C64-4C39-8B22-A2C6303F5040}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{13EBEE39-60DD-45C0-9181-3913401D19E7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{6A41E1B4-D70C-4646-81B4-A4A9A2AEF84E}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\2\VsoDownloader.exe => No File
FirewallRules: [{239E0F93-71A3-4768-BFDC-6C62888D86B8}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\2\VsoDownloader.exe => No File
FirewallRules: [{BC13F4DF-59A5-4555-8D49-023F5C9ED49F}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\YouTube Downloader Suite.exe => No File
FirewallRules: [{B53ED95A-8016-48B9-B746-CC276D3FE276}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\YouTube Downloader Suite.exe => No File
FirewallRules: [{B141BA1A-A777-43EF-9484-91688D8BA951}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\ApowersoftAC.dll => No File
FirewallRules: [{A6A8AC5A-D635-4838-9A3E-0D73434B2B3B}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\ApowersoftAC.dll => No File
FirewallRules: [{D19FD5AA-7B58-4595-9DE3-A24B59A53A62}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\ApowersoftPlayer.dll => No File
FirewallRules: [{C634A106-AF28-4040-8398-382176CE074B}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\ApowersoftPlayer.dll => No File
FirewallRules: [{D59EA245-A770-4D1E-8216-4A25E965514C}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\YouTube-Downloader-Suite.exe => No File
FirewallRules: [{E0EAF816-710A-4EE3-B8C9-6D99B7D39126}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\YouTubeDownloaderSuite.exe => No File
FirewallRules: [{D385447C-3F07-49AD-9E45-4D4B36896332}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\ApowersoftSrv.dll => No File
FirewallRules: [{E1D085AE-7BBD-4E2D-9A21-746AC90DA474}] => (Allow) C:\Program Files (x86)\Apowersoft\YouTube Downloader Suite\ApowersoftDump.dll => No File
FirewallRules: [{92D3281A-AC21-497E-8135-FF8D62F83B69}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe => No File
FirewallRules: [{C1FC42E2-B302-4E32-927B-806DB5D761C2}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe => No File
FirewallRules: [{E4B71FB5-5526-4181-8596-69737330CB86}] => (Allow) LPort=4481
FirewallRules: [{9BBB6AB0-A936-4678-A368-2DCCA154A00A}] => (Allow) LPort=4481
FirewallRules: [{07496372-4467-48AD-B5F4-EC9540090FA6}] => (Allow) LPort=4482
FirewallRules: [{11FEADC1-83FF-4A9B-9CEA-3E68E59228AC}] => (Allow) LPort=4482
FirewallRules: [{F5C1C20A-0B58-4C9B-9920-56F365C9E912}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FAEC095-E4D0-4944-AA2A-50F308504FB1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2437358-CF59-41E2-94AC-5F0188586549}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AA5058B-6056-48CA-BDED-89AE5CA64216}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8C019C4-A5E5-47C2-A3DD-042002310187}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66FB1091-423A-4D80-9C47-A86BE71321DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8615DF96-0C34-4B8D-A413-C8C6BAB48B5C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60E0AF54-373E-4827-8ED3-7045D8001048}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{190A1EC5-1A35-482C-9AF1-2C2F415A93A8}] => (Allow) %ProgramFiles%\Zune\Zune.exe => No File
FirewallRules: [{0AFF08F3-CD61-42D5-9DEF-C70490101B4A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{992ED70C-C349-48D2-A2B0-012F81FA2DF1}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{8C0B4AB8-B9BF-41BF-89DB-6D3A88EF3E1F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{ADE667DD-FBA5-4701-B6CC-678D0B88E351}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{B99F56C5-36C6-43C9-B73E-B576E4AFA7D7}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{81D916BA-E150-459C-80F0-D9CD32E89107}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{1C5C5C40-880E-4DF7-AC30-56582609163E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{054F541F-09F6-4A6B-B641-86296EB2337E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe => No File
FirewallRules: [{F167EDA5-4C4B-4AEB-8BB3-66DE99703848}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe => No File
FirewallRules: [{7ECE0B4A-4321-4DEB-AB02-ADA8A25BA48B}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe => No File
FirewallRules: [{6DE0CE70-588D-4CCD-B591-41126CE53597}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{5F4932A7-3375-4546-8574-7258B7FE6E52}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{2342C1A3-6437-4A89-BAED-C36EAC642914}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{9A3E2843-DE70-4EC4-9A98-61458E630DFF}] => (Allow) C:\Program Files (x86)\Secure Driver Updater\SDU.exe => No File
FirewallRules: [{D7518BB2-2F20-4CFB-8721-5761C08F10E6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06AA627B-ADCA-4CBC-8137-7BD4B5621BA1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{D9B91137-9EFA-43AF-B3A4-03CC05D881D8}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{20FEB31F-A4E1-4A87-A7F4-6F8A916D3E96}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{EB78B970-7915-44D8-AA76-9D669D56A5C5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File

==================== Restore Points =========================

Check "VSS" service


==================== Faulty Device Manager Devices ============

Name: AVG AVI Loader Driver x64
Description: AVG AVI Loader Driver x64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AvgLdx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (10/11/2020 12:40:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


System errors:
=============
Error: (10/11/2020 12:37:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 41 time(s).

Error: (10/11/2020 12:37:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.

Error: (10/11/2020 12:37:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 40 time(s).

Error: (10/11/2020 12:37:11 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.

Error: (10/11/2020 12:36:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 39 time(s).

Error: (10/11/2020 12:36:38 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.

Error: (10/11/2020 12:34:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 38 time(s).

Error: (10/11/2020 12:34:49 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.


CodeIntegrity:
===================================

Date: 2020-10-11 00:22:04.928
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-11 00:22:04.881
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-11 00:19:35.305
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-11 00:19:35.258
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-11 00:17:18.302
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-11 00:17:18.271
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-11 00:05:11.269
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-10-11 00:05:11.222
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\MarvinBus64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: Hewlett-Packard F.1D 10/05/2010
Motherboard: Hewlett-Packard 365C
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 35%
Total physical RAM: 8182.87 MB
Available physical RAM: 5283.96 MB
Total Virtual: 16363.88 MB
Available Virtual: 13135.42 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:297.9 GB) (Free:196.26 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (DATA) (Fixed) (Total:633.42 GB) (Free:137.97 GB) NTFS

\\?\Volume{ea950372-e81c-11ea-aff4-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DA4BBF62)
Partition 1: (Active) - (Size=203 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=633.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ======================= 

ESO ES TODO…

QUEDO AGUARDANDO… SALUDOS

Hola

FRST debe estar en el escritorio pero que no esté dentro de ninguna carpeta si no fallará el siguiente paso.

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación :warning: con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {19736cea-c740-11e0-ad2c-b6b7f73a5b37} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {19736cf8-c740-11e0-ad2c-b6b7f73a5b37} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {231b0a8b-edd6-11e4-bc30-00269ef9b1be} - F:\dlusb_launcherC120.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {30836291-fc33-11e4-967a-00269ef9b1be} - F:\Startme.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {38a3490f-efdf-11e2-a9db-fb1408114598} - I:\Windows\Install.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {e92740ea-d3e6-11e4-b455-00269ef9b1be} - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {eca17917-dd9d-11e0-9d38-0023140b7bf4} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {f6c28fdf-8398-11e3-b188-a0e8f0db155e} - J:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {72AD0D5A-9088-4727-A79E-4E140CA2A8A5} - \SpyHunter4Startup -> No File <==== ATTENTION
Task: {7431F99F-EB20-4970-BE93-9E18A274EC0C} - System32\Tasks\{0382E760-B78D-4503-9B59-AAB8487FB55D} => C:\Windows\system32\pcalua.exe -a C:\Users\dj\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=adks <==== ATTENTION
Task: {7A2AA004-C22B-4850-9652-C108993825F3} - no filepath
Task: {880575E4-033C-4C71-BB2D-03ADCC7DD2DC} - System32\Tasks\{9B7ACCF5-C408-46EF-BEEA-17ABBDDF6341} => C:\Windows\system32\pcalua.exe -a C:\Users\dj\AppData\Local\Temp\bc3dbd07-3e6f-426b-94e8-634ff0ef9606\InstallShieldUninstaller.exe -d C:\Users\dj\Downloads <==== ATTENTION
Task: {9B7AA255-2DAC-477C-8D2E-F996FF48F44F} - no filepath
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [50688 2009-07-14] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {D638C166-4003-47D3-8178-FB92A9228855} - no filepath
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
S4 avg9emc; "C:\Program Files (x86)\AVG\AVG9\avgemc.exe" [X]
S4 avg9wd; "C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe" [X]
S4 avgfws9; "C:\Program Files (x86)\AVG\AVG9\avgfws9.exe" [X]
S4 GameConsoleService; "C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe" [X]
S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S4 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S2 PSI_SVC_2_x64; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S4 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
S3 TBS; %SystemRoot%\System32\tbssvc.dll [X]
S2 weoprvduct; C:\Users\dj\AppData\Local\fasefan.exe produco weoprvduct [X]
S4 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S2 WsDrvInst; C:\Program Files\Wondershare\Wondershare Dr.Fone para iOS\Library\DriverInstaller\DriverInstall.exe [X]
S4 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S4 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]
S3 ALSysIO; \??\C:\Users\dj\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 AVGIDSDriverw7a; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys [X]
S3 AVGIDSFilterw7a; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
U4 ekrn; no ImagePath
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 NUMARK_NC06; System32\Drivers\nc06_usb.sys [X]
S3 NUMARK_NC06_MIDI; system32\drivers\nc06midi.sys [X]
S3 NUMARK_NC06_WDM; system32\drivers\nc06_wdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 sdfhgdf; system32\DRIVERS\sdfhgdf.sys [X]
S3 XDJ-AEROAudio; system32\drivers\XDJ-AEROAudio64.sys [X]
S3 XONE_DX; System32\Drivers\XONE_DX.sys [X]
S3 XONE_DXM; system32\drivers\XONE_DXM.sys [X]
S3 XONE_DX_WDM; system32\drivers\XONE_DXW.sys [X]
S3 zlportio; \??\C:\Program Files (x86)\Laser Controller\zlportio.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2020-10-10 21:10 - 2020-10-11 12:15 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-05-25 08:13 - 2019-05-25 08:13 - 000000000 _____ () C:\Users\dj\AppData\Local\oobelibMkey.log
2015-11-07 19:31 - 2015-11-07 19:31 - 000000000 _____ () C:\Users\dj\AppData\Local\{3B39B971-16B2-42C1-A4A8-698A3D2645C7}
2020-08-27 00:10 - 2020-08-27 00:10 - 000000000 _____ () C:\Users\dj\AppData\Local\{5827666D-36D1-4B80-BBA4-98BF20A7A222}
2015-11-06 01:04 - 2015-11-06 01:04 - 000000000 _____ () C:\Users\dj\AppData\Local\{6D61232A-0AF5-4BD2-8956-1C775FAC5676}
2018-07-13 02:48 - 2018-07-13 02:48 - 000000000 _____ () C:\Users\dj\AppData\Local\{8229AD89-9DC8-4C65-8D93-25D67996EBCB}
2017-12-15 16:26 - 2017-12-15 16:26 - 000000000 _____ () C:\Users\dj\AppData\Local\{B6DB3797-C2D0-4885-8131-CD414BB7A5E7}
2020-07-22 16:39 - 2020-07-22 16:39 - 000000000 _____ () C:\Users\dj\AppData\Local\{C3C629D2-0AFD-4CDF-A54A-A98BF0A35E26}
2017-03-06 02:30 - 2017-03-06 02:30 - 000000000 _____ () C:\Users\dj\AppData\Local\{D6D2F376-A24C-4917-902F-0CD8BBC3C35D}
2018-08-01 18:23 - 2018-08-01 18:23 - 000000000 _____ () C:\Users\dj\AppData\Local\{EF0739FD-6430-45B1-B494-371B6E0D05A0}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files 
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68 [256]
AlternateDataStreams: C:\ProgramData\Temp:40B19B5E [146]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [116]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [266]
AlternateDataStreams: C:\ProgramData\Temp:EB2C187A [130]
SearchScopes: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: No Name -> {064447BA-BC23-4927-8A96-E1DE59A2BABF} -> No File
BHO: No Name -> {38287f1a-ae11-4b05-9aaf-76d1d9d85ff6} -> No File
BHO: No Name -> {56955c42-97ce-49ff-837e-a521a48d0982} -> No File
BHO: No Name -> {923D1B49-E4D1-4A11-9D97-533DE797657F} -> No File
BHO: No Name -> {deeab39f-2cfe-45be-b70e-94da160e75bc} -> No File
BHO: No Name -> {ebcf8409-3dd3-47b7-8b50-bf01a495b9ef} -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.


Y ahora inicia en modo seguro para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX/Corregir y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

buenas…

luego de reiniciar en modo normal, después del proceso FRST en modo seguro, se planto como siempre por 20 minutos exactamente… después de esos 20 minutos reanudo las tareas normalmente… (este problema de congelarse luego del inicio por lapsos de hasta 1 hora, aveces menos, tengo desde hace mucho tiempo… como 5 años… No le daba mucha importancia porque casi nunca apago la NB, pero ahora estoy considerando el problema porque mi bacteria ya esta con defectos)

Como soy Dj y uso esta Nb como herramienta indispensable, seria genial que funcione correctamente al terminar el inicio… Lo raro es que el cursor nunca se cuelga y puedo hacer click en cualquier icono, que al reaundar realiza todas las ordenes que le di, y ya funciona de lujo todo el sistema…

insisto con esto, una ves que se recupera de ese estado “colgado” todo funciona hiper veloz y nunca tuve conflicto con los programas que uso habitualmente excepto COREL VIDEOSTUDIO… y siempre tuve una buena respuesta aunque realizaba múltiples procesos super pesados al mismo tiempo y no quiero cambiar de maquina por eso…

hace cuestión de 3 semanas empece a tener problemas con el WINDOWS EXPLORER que de cuelga y reinicia de repente

abrí COREL VIDEOSTUDIO para probar los procesos y aun se relentiza por momentos…

pego el informe del paso anterior…

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-10-2020
Ran by dj (11-10-2020 21:48:44) Run:1
Running from C:\Users\dj\Desktop
Loaded Profiles: dj
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {19736cea-c740-11e0-ad2c-b6b7f73a5b37} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {19736cf8-c740-11e0-ad2c-b6b7f73a5b37} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {231b0a8b-edd6-11e4-bc30-00269ef9b1be} - F:\dlusb_launcherC120.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {30836291-fc33-11e4-967a-00269ef9b1be} - F:\Startme.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {38a3490f-efdf-11e2-a9db-fb1408114598} - I:\Windows\Install.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {e92740ea-d3e6-11e4-b455-00269ef9b1be} - K:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {eca17917-dd9d-11e0-9d38-0023140b7bf4} - I:\AutoRun.exe
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\...\MountPoints2: {f6c28fdf-8398-11e3-b188-a0e8f0db155e} - J:\Startme.exe
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {72AD0D5A-9088-4727-A79E-4E140CA2A8A5} - \SpyHunter4Startup -> No File <==== ATTENTION
Task: {7431F99F-EB20-4970-BE93-9E18A274EC0C} - System32\Tasks\{0382E760-B78D-4503-9B59-AAB8487FB55D} => C:\Windows\system32\pcalua.exe -a C:\Users\dj\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=adks <==== ATTENTION
Task: {7A2AA004-C22B-4850-9652-C108993825F3} - no filepath
Task: {880575E4-033C-4C71-BB2D-03ADCC7DD2DC} - System32\Tasks\{9B7ACCF5-C408-46EF-BEEA-17ABBDDF6341} => C:\Windows\system32\pcalua.exe -a C:\Users\dj\AppData\Local\Temp\bc3dbd07-3e6f-426b-94e8-634ff0ef9606\InstallShieldUninstaller.exe -d C:\Users\dj\Downloads <==== ATTENTION
Task: {9B7AA255-2DAC-477C-8D2E-F996FF48F44F} - no filepath
Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [50688 2009-07-14] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {D638C166-4003-47D3-8178-FB92A9228855} - no filepath
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka]
S4 avg9emc; "C:\Program Files (x86)\AVG\AVG9\avgemc.exe" [X]
S4 avg9wd; "C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe" [X]
S4 avgfws9; "C:\Program Files (x86)\AVG\AVG9\avgfws9.exe" [X]
S4 GameConsoleService; "C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe" [X]
S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S4 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S2 PSI_SVC_2_x64; "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [X]
S4 ServiceLayer; "C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe" [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
S3 TBS; %SystemRoot%\System32\tbssvc.dll [X]
S2 weoprvduct; C:\Users\dj\AppData\Local\fasefan.exe produco weoprvduct [X]
S4 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [X]
S2 WsDrvInst; C:\Program Files\Wondershare\Wondershare Dr.Fone para iOS\Library\DriverInstaller\DriverInstall.exe [X]
S4 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [X]
S4 ZuneWlanCfgSvc; "C:\Program Files\Zune\ZuneWlanCfgSvc.exe" [X]
S3 ALSysIO; \??\C:\Users\dj\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 AVGIDSDriverw7a; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys [X]
S3 AVGIDSFilterw7a; \??\C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTCOM; system32\DRIVERS\btcomport.sys [X]
S3 BTCOMBUS; System32\Drivers\btcombus.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
U4 ekrn; no ImagePath
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 mod7700; system32\DRIVERS\mod7700.sys [X]
S3 NUMARK_NC06; System32\Drivers\nc06_usb.sys [X]
S3 NUMARK_NC06_MIDI; system32\drivers\nc06midi.sys [X]
S3 NUMARK_NC06_WDM; system32\drivers\nc06_wdm.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 sdfhgdf; system32\DRIVERS\sdfhgdf.sys [X]
S3 XDJ-AEROAudio; system32\drivers\XDJ-AEROAudio64.sys [X]
S3 XONE_DX; System32\Drivers\XONE_DX.sys [X]
S3 XONE_DXM; system32\drivers\XONE_DXM.sys [X]
S3 XONE_DX_WDM; system32\drivers\XONE_DXW.sys [X]
S3 zlportio; \??\C:\Program Files (x86)\Laser Controller\zlportio.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
2020-10-10 21:10 - 2020-10-11 12:15 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-05-25 08:13 - 2019-05-25 08:13 - 000000000 _____ () C:\Users\dj\AppData\Local\oobelibMkey.log
2015-11-07 19:31 - 2015-11-07 19:31 - 000000000 _____ () C:\Users\dj\AppData\Local\{3B39B971-16B2-42C1-A4A8-698A3D2645C7}
2020-08-27 00:10 - 2020-08-27 00:10 - 000000000 _____ () C:\Users\dj\AppData\Local\{5827666D-36D1-4B80-BBA4-98BF20A7A222}
2015-11-06 01:04 - 2015-11-06 01:04 - 000000000 _____ () C:\Users\dj\AppData\Local\{6D61232A-0AF5-4BD2-8956-1C775FAC5676}
2018-07-13 02:48 - 2018-07-13 02:48 - 000000000 _____ () C:\Users\dj\AppData\Local\{8229AD89-9DC8-4C65-8D93-25D67996EBCB}
2017-12-15 16:26 - 2017-12-15 16:26 - 000000000 _____ () C:\Users\dj\AppData\Local\{B6DB3797-C2D0-4885-8131-CD414BB7A5E7}
2020-07-22 16:39 - 2020-07-22 16:39 - 000000000 _____ () C:\Users\dj\AppData\Local\{C3C629D2-0AFD-4CDF-A54A-A98BF0A35E26}
2017-03-06 02:30 - 2017-03-06 02:30 - 000000000 _____ () C:\Users\dj\AppData\Local\{D6D2F376-A24C-4917-902F-0CD8BBC3C35D}
2018-08-01 18:23 - 2018-08-01 18:23 - 000000000 _____ () C:\Users\dj\AppData\Local\{EF0739FD-6430-45B1-B494-371B6E0D05A0}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files 
AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68 [256]
AlternateDataStreams: C:\ProgramData\Temp:40B19B5E [146]
AlternateDataStreams: C:\ProgramData\Temp:56E2E879 [116]
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 [266]
AlternateDataStreams: C:\ProgramData\Temp:EB2C187A [130]
SearchScopes: HKU\S-1-5-21-3994139564-2437849967-1822899332-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = 
BHO: No Name -> {064447BA-BC23-4927-8A96-E1DE59A2BABF} -> No File
BHO: No Name -> {38287f1a-ae11-4b05-9aaf-76d1d9d85ff6} -> No File
BHO: No Name -> {56955c42-97ce-49ff-837e-a521a48d0982} -> No File
BHO: No Name -> {923D1B49-E4D1-4A11-9D97-533DE797657F} -> No File
BHO: No Name -> {deeab39f-2cfe-45be-b70e-94da160e75bc} -> No File
BHO: No Name -> {ebcf8409-3dd3-47b7-8b50-bf01a495b9ef} -> No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19736cea-c740-11e0-ad2c-b6b7f73a5b37} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19736cf8-c740-11e0-ad2c-b6b7f73a5b37} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{231b0a8b-edd6-11e4-bc30-00269ef9b1be} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30836291-fc33-11e4-967a-00269ef9b1be} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38a3490f-efdf-11e2-a9db-fb1408114598} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e92740ea-d3e6-11e4-b455-00269ef9b1be} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eca17917-dd9d-11e0-9d38-0023140b7bf4} => removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f6c28fdf-8398-11e3-b188-a0e8f0db155e} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{72AD0D5A-9088-4727-A79E-4E140CA2A8A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72AD0D5A-9088-4727-A79E-4E140CA2A8A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7431F99F-EB20-4970-BE93-9E18A274EC0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7431F99F-EB20-4970-BE93-9E18A274EC0C}" => removed successfully
C:\Windows\System32\Tasks\{0382E760-B78D-4503-9B59-AAB8487FB55D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0382E760-B78D-4503-9B59-AAB8487FB55D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A2AA004-C22B-4850-9652-C108993825F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A2AA004-C22B-4850-9652-C108993825F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{880575E4-033C-4C71-BB2D-03ADCC7DD2DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{880575E4-033C-4C71-BB2D-03ADCC7DD2DC}" => removed successfully
C:\Windows\System32\Tasks\{9B7ACCF5-C408-46EF-BEEA-17ABBDDF6341} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9B7ACCF5-C408-46EF-BEEA-17ABBDDF6341}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B7AA255-2DAC-477C-8D2E-F996FF48F44F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B7AA255-2DAC-477C-8D2E-F996FF48F44F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0250F3F-6480-484F-B719-42F659AC64D5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0250F3F-6480-484F-B719-42F659AC64D5}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\QueueReporting" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D638C166-4003-47D3-8178-FB92A9228855}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D638C166-4003-47D3-8178-FB92A9228855}" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\makcojoppodhcgmmchohadhpkicoafka => removed successfully
HKLM\System\CurrentControlSet\Services\avg9emc => removed successfully
avg9emc => service removed successfully
HKLM\System\CurrentControlSet\Services\avg9wd => removed successfully
avg9wd => service removed successfully
HKLM\System\CurrentControlSet\Services\avgfws9 => removed successfully
avgfws9 => service removed successfully
HKLM\System\CurrentControlSet\Services\GameConsoleService => removed successfully
GameConsoleService => service removed successfully
HKLM\System\CurrentControlSet\Services\HP Health Check Service => removed successfully
HP Health Check Service => service removed successfully
HKLM\System\CurrentControlSet\Services\NAUpdate => removed successfully
NAUpdate => service removed successfully
HKLM\System\CurrentControlSet\Services\PSI_SVC_2_x64 => removed successfully
PSI_SVC_2_x64 => service removed successfully
HKLM\System\CurrentControlSet\Services\ServiceLayer => removed successfully
ServiceLayer => service removed successfully
HKLM\System\CurrentControlSet\Services\SwitchBoard => removed successfully
SwitchBoard => service removed successfully
"HKLM\System\CurrentControlSet\Services\TBS" => removed successfully
TBS => service removed successfully
HKLM\System\CurrentControlSet\Services\weoprvduct => removed successfully
weoprvduct => service removed successfully
HKLM\System\CurrentControlSet\Services\wlidsvc => removed successfully
wlidsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\WMZuneComm => removed successfully
WMZuneComm => service removed successfully
HKLM\System\CurrentControlSet\Services\WsDrvInst => removed successfully
WsDrvInst => service removed successfully
HKLM\System\CurrentControlSet\Services\ZuneNetworkSvc => removed successfully
ZuneNetworkSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\ZuneWlanCfgSvc => removed successfully
ZuneWlanCfgSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\ALSysIO => removed successfully
ALSysIO => service removed successfully
HKLM\System\CurrentControlSet\Services\AVGIDSDriverw7a => removed successfully
AVGIDSDriverw7a => service removed successfully
HKLM\System\CurrentControlSet\Services\AVGIDSFilterw7a => removed successfully
AVGIDSFilterw7a => service removed successfully
HKLM\System\CurrentControlSet\Services\BT => removed successfully
BT => service removed successfully
HKLM\System\CurrentControlSet\Services\BTCOM => removed successfully
BTCOM => service removed successfully
HKLM\System\CurrentControlSet\Services\BTCOMBUS => removed successfully
BTCOMBUS => service removed successfully
HKLM\System\CurrentControlSet\Services\Btcsrusb => removed successfully
Btcsrusb => service removed successfully
HKLM\System\CurrentControlSet\Services\ekrn => removed successfully
ekrn => service removed successfully
HKLM\System\CurrentControlSet\Services\hwdatacard => removed successfully
hwdatacard => service removed successfully
HKLM\System\CurrentControlSet\Services\hwusbdev => removed successfully
hwusbdev => service removed successfully
HKLM\System\CurrentControlSet\Services\mod7700 => removed successfully
mod7700 => service removed successfully
HKLM\System\CurrentControlSet\Services\NUMARK_NC06 => removed successfully
NUMARK_NC06 => service removed successfully
HKLM\System\CurrentControlSet\Services\NUMARK_NC06_MIDI => removed successfully
NUMARK_NC06_MIDI => service removed successfully
HKLM\System\CurrentControlSet\Services\NUMARK_NC06_WDM => removed successfully
NUMARK_NC06_WDM => service removed successfully
HKLM\System\CurrentControlSet\Services\pccsmcfd => removed successfully
pccsmcfd => service removed successfully
"HKLM\System\CurrentControlSet\Control\Class\{4F919108-4ADF-11D5-882D-00B0D02FE381}\\LowerFilters" => removed successfully
HKLM\System\CurrentControlSet\Services\sdfhgdf => removed successfully
sdfhgdf => service removed successfully
HKLM\System\CurrentControlSet\Services\XDJ-AEROAudio => removed successfully
XDJ-AEROAudio => service removed successfully
HKLM\System\CurrentControlSet\Services\XONE_DX => removed successfully
XONE_DX => service removed successfully
HKLM\System\CurrentControlSet\Services\XONE_DXM => removed successfully
XONE_DXM => service removed successfully
HKLM\System\CurrentControlSet\Services\XONE_DX_WDM => removed successfully
XONE_DX_WDM => service removed successfully
HKLM\System\CurrentControlSet\Services\zlportio => removed successfully
zlportio => service removed successfully
HKLM\System\CurrentControlSet\Services\ZTEusbmdm6k => removed successfully
ZTEusbmdm6k => service removed successfully
HKLM\System\CurrentControlSet\Services\ZTEusbnmea => removed successfully
ZTEusbnmea => service removed successfully
HKLM\System\CurrentControlSet\Services\ZTEusbser6k => removed successfully
ZTEusbser6k => service removed successfully
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => moved successfully
C:\Users\dj\AppData\Local\oobelibMkey.log => moved successfully
C:\Users\dj\AppData\Local\{3B39B971-16B2-42C1-A4A8-698A3D2645C7} => moved successfully
C:\Users\dj\AppData\Local\{5827666D-36D1-4B80-BBA4-98BF20A7A222} => moved successfully
C:\Users\dj\AppData\Local\{6D61232A-0AF5-4BD2-8956-1C775FAC5676} => moved successfully
C:\Users\dj\AppData\Local\{8229AD89-9DC8-4C65-8D93-25D67996EBCB} => moved successfully
C:\Users\dj\AppData\Local\{B6DB3797-C2D0-4885-8131-CD414BB7A5E7} => moved successfully
C:\Users\dj\AppData\Local\{C3C629D2-0AFD-4CDF-A54A-A98BF0A35E26} => moved successfully
C:\Users\dj\AppData\Local\{D6D2F376-A24C-4917-902F-0CD8BBC3C35D} => moved successfully
C:\Users\dj\AppData\Local\{EF0739FD-6430-45B1-B494-371B6E0D05A0} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UltraISO => removed successfully
HKLM\Software\Classes\CLSID\{AD392E40-428C-459F-961E-9B147782D099} => removed successfully
C:\Windows\System32 => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully
C:\ProgramData\Temp => ":1AAB2E68" ADS removed successfully
C:\ProgramData\Temp => ":40B19B5E" ADS removed successfully
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully
C:\ProgramData\Temp => ":EB2C187A" ADS removed successfully
HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{064447BA-BC23-4927-8A96-E1DE59A2BABF} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38287f1a-ae11-4b05-9aaf-76d1d9d85ff6} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56955c42-97ce-49ff-837e-a521a48d0982} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{923D1B49-E4D1-4A11-9D97-533DE797657F} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{deeab39f-2cfe-45be-b70e-94da160e75bc} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ebcf8409-3dd3-47b7-8b50-bf01a495b9ef} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3994139564-2437849967-1822899332-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration


========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


An error occurred while attempting to contact the  Windows Firewall service. Make sure that the service is running and try your request again.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


An error occurred while attempting to contact the  Windows Firewall service. Make sure that the service is running and try your request again.


========= End of CMD: =========


========= netsh int ipv4 reset =========

There's no user specified settings to be reset.


========= End of CMD: =========


========= netsh int ipv6 reset =========

There's no user specified settings to be reset.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6320161 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 140 B
Edge => 0 B
Chrome => 488973873 B
Firefox => 242753922 B
Opera => 757616 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 58624567 B
systemprofile32 => 58753066 B
LocalService => 58885377 B
NetworkService => 70408203 B
dj => 71931093 B

RecycleBin => 26700 B
EmptyTemp: => 1016.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:49:36 ====

quedo atento… saludos!!