Error en una dll que afecta todo

CBS.txt (36,9 KB) lo ejecute despues del error creo , cuando se producen muvhas infecciones lo corro y borra todo y estabiliza el equipo, no fue asi enta ocacion

Hola:

Pues muy mal hecho, por algo decimos:

Combofix NO se debe ser usado sin supervisión.

Ademas si bien corre en 64 bits no es su entorno mas amigable, y ya no va en 8.1 y 10.


Hiciste los pasos tal como te puse desde la consola??, por que el archivo esta ilegible.

Salu2

si , pero le cambie la extexion a txt, si no no me lo deja subie, cambia a log la extencion a mi me funciona muy bien

Hola:

Tu crees que si fuera tan fácil no te diría que solo cambies la extensión y listo?

Dime que solo le cambiaste la extensión a una copia y que no arruinaste el archivo original?

Te escribí que sera largo y que no te lo dejaría subir al foro que tienes que usar un sitio de archivos en la nube.


Tu crees que se puede entender algo de esto:

Salu2

ahi esta

https://mega.nz/#!ubg2VYyR!7cK-yZGUxkp2a3MTqPG0S7Sm1b1iXS1zrftvtjZh8_M

Hola @WALLY

En el reporte se ven varias dll faltantes que no se pudieron reparar, por ello los errores.

1.- Descargue la herramienta SystemLook a su escritorio según la arquitectura de su Sistema Operativo: >>> Como saber si mi Windows es de 32 o 64 bits?.

2.- Haga doble clic al archivo SystemLook.exe para ejecutarlo.

Si usa Windows 7/8 o 10, presione clic derecho y seleccione Ejecutar como Administrador

Copie y pegue tal cual el texto del recuadro de aquí abajo en la ventana del programa y pulse en Look.

:filefind  
*browcli.dll*
*dwmcore.dll*
*dxgi.dll*
*ntdll.dll*
          

  • Espere hasta que finalice la búsqueda. (Esta puede demorarse)
  • Al terminar se abrirá el bloc de notas, con un reporte que debe copiar y pegar en su próxima respuesta.

Nota: Ese reporte también se guardará con el nombre SystemLook.txt en su escritorio.

Salu2

Lo haré esta noche , mucho trabajo ,gracias

Hola @WALLY

Perfecto por acá esperamos…:coffee:

Salu2

me aparece este error , creo saber lo que es pero no quiero meter la pataerror%20look%20

Hola:

Que crees que es?

Salu2

Hacer esto https://support.microsoft.com/es-cl/help/2977003/the-latest-supported-visual-c-downloads

Hola @WALLY

Explícate por que no te entiendo, instalaste recientemente Visual Basic o los desinstalaste, por que el error que da parece ser que interpreta que no lo tienes o se mal instalo.


Vuelve a ejecutar FRST como lo hiciste la primera vez y nos pegas los reportes frescos así puedo ver todos tus Visual instalados.

Nos comentas.

Salu2

no he instalado nada , solo creo que ese ese el problema , te sigo los pasos , realizare lo que indicas

Hola:

Vale, espero reportes, pero aclárame que hiciste del enlace por que no te entiendo.

Salu2

Te explico , yo creo que es un problema con las librerias de c++ y de eseenlace se pueden descargar , pero no he realizado nada aparte de lo que me indicas los reportes

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-05-2019
Ran by walter (administrator) on WALTER-PC (ECS GF7100/7050PVT-M3) (31-05-2019 00:10:24)
Running from C:\Users\walter\Desktop
Loaded Profiles: walter & UpdatusUser (Available Profiles: walter & UpdatusUser & KOOL & Invitado)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Arcai.com) [File not signed] C:\Program Files\netcut\services\aips.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Foxit Software Incorporated -> Foxit Corporation) C:\Users\walter\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
(Mega Limited -> Mega Limited) C:\Users\walter\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\v114_ECS_D_6207.2V7_6099.8xp_G2.0V_RC_SDC\WDM\stacsv.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> ) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [5537600 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450667 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\system32\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-03-08]
ShortcutTarget: MEGAsync.lnk -> C:\Users\walter\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A59CCC-A585-4189-9603-53867104211A} - System32\Tasks\Driver Booster SkipUAC (walter) => C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {0A6468B5-80B8-4556-B8D5-28BEE0DDDCFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {114429B2-BA48-40B1-BB70-6BA4DAD41D64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {22D7B07A-FFDA-41E7-A08A-EACBC04462F1} - System32\Tasks\{52FEBD89-FBA4-449E-ACF6-50964B215D16} => msiexec.exe /package "C:\Users\walter\Desktop\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\passware-kit-forensic-32bit.msi"
Task: {2309619D-F02A-428C-85C8-148C4520A8B6} - System32\Tasks\ioloTUDsDownloader => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {236633DD-5F9F-4B3B-B3AF-EAB9BA494B24} - System32\Tasks\Opera scheduled Autoupdate 1535737370 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {2DA390BB-6F5F-447B-B365-73845EDEBF59} - System32\Tasks\{C87AB4CA-1F6E-4E8F-B93C-15AAEAE93580} => C:\Windows\system32\pcalua.exe -a "C:\Users\walter\Downloads\Compressed\Cursor_Installer\Cursor Installer.exe" -d C:\Users\walter\Downloads\Compressed\Cursor_Installer
Task: {32FF3E71-5F16-461C-8344-75A83AB8CAC6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {3B0DD3DD-C7A1-4221-BA81-D3CCD22D7321} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C35D1BA-7EF8-4D00-B944-EFDD2C1D9911} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {45DD7267-F62B-4FAA-BA95-87587F6648EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5DA1009A-015C-49C0-B1BD-B08C11301138} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [897528 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {60DD423D-AAFB-40A6-A79E-6FFBA3890AF9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {6660F89E-AA6D-4E1B-9131-5FA119C11A57} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_walter => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {6A60BAFF-1FE5-4D17-8BE4-C1E8726E8A17} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-05] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {8058733E-1769-4FE9-8BC1-D7CDA850AB09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {85188087-71DA-40B9-88C2-21DED51433A9} - System32\Tasks\Opera scheduled assistant Autoupdate 1547735215 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {8A95F761-04CD-482A-B3CC-C36935A0B15B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3193159865-2815699795-1142240979-1000 => C:\Users\walter\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-19] (Mega Limited -> Mega Limited)
Task: {AF0CC4C5-7851-4AB8-BF07-F015FF540C11} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files\Phoenix360\System Mechanic\SSDefs.exe [136928 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {AF1E1DD1-BD40-4415-AA74-480623C94119} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B1C36431-8593-4506-B64A-B46764920DC2} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\ActiveBridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {B28B9B36-DB2B-4445-9C54-043F1E054BB2} - System32\Tasks\AdobeGCInvoker-1.0-walter-PC-walter => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
Task: {B8CDB082-F74E-444E-A662-9EC509D5CD7E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [134648 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {C1FCB802-7CA2-434D-B95F-9E5FE8AC2BFA} - System32\Tasks\ioloSystemShield => C:\Program Files\Phoenix360\System Mechanic\SSTray.exe [655520 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {D59B049B-6A34-474A-8F73-5F5C300CACED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1951312 2019-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8205082-44FE-4901-8F33-B14DBC41E54B} - System32\Tasks\ioloActiveCare => C:\Program Files\Phoenix360\System Mechanic\systemmechanic.exe [2403568 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {E6E161FE-4D95-4525-8EBC-5DB590348769} - System32\Tasks\{A0D2A674-A307-4641-950C-55F1306EC06B} => C:\Users\walter\Desktop\Cool Edit Pro 2.1\Cool Edit Pro 2.1.exe
Task: {FA42F638-5940-4E2F-9C8D-6C1EABCC414F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE367E9D-87DF-4EBA-A032-0D5737F0983F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{3100BEF9-6842-40A2-AC20-26F7B775D9E3}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{A1027262-0F84-4B8B-A726-084E896FEB10}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = 
SearchScopes: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000 -> {87A6A1F2-3D80-47D5-8295-F35B7D64E501} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_192\bin\ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_192\bin\jp2ssv.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368 [2019-05-31]
FF user.js: detected! => C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\user.js [2019-04-26]
FF Homepage: Mozilla\Firefox\Profiles\li04kydz.default-1490757013368 -> hxxps://www.google.cl/
FF Session Restore: Mozilla\Firefox\Profiles\li04kydz.default-1490757013368 -> is enabled.
FF Extension: (Custom Google Visited Link Color) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-04-29]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2019-05-14]
FF Extension: (Rotate and Zoom Image) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-01-18]
FF Extension: (HTTP Directory Downloader) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2019-04-09]
FF Extension: (S3.Translator) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-11-18]
FF Extension: (Google Translator for Firefox) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\[email protected] [2018-12-02]
FF Extension: (Editor de documentos de Word) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\{51a33be5-1547-4a87-969e-dfea5ad04b7d}.xpi [2019-05-19]
FF Extension: (Flash Video Downloader) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\{a1be3447-d87d-409b-8721-d895935f65b8}.xpi [2019-05-17]
FF Extension: (Easy Video Downloader) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\Extensions\{cd04e15e-6b23-4648-860d-0057602a5c2a}.xpi [2019-05-17]
FF Extension: (Baidu Search Update) - C:\Users\walter\AppData\Roaming\Mozilla\Firefox\Profiles\li04kydz.default-1490757013368\features\{1d5ee2b1-f8d4-436a-b61d-3804634aeb6b}\[email protected] [2019-05-25]
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Firefox\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc3.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\SeaMonkey\Extensions: [[email protected]] - F:\Temp\~sfx00001228\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\walter\AppData\Roaming\IDM\idmmzcc5
FF Extension: (No Name) - C:\Users\walter\AppData\Roaming\IDM\idmmzcc5 [2019-05-25] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2019-05-18] (Adobe Systems Incorporated -> )
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.192.2 -> C:\Program Files\Java\jre1.8.0_192\bin\dtplugin\npDeployJava1.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.192.2 -> C:\Program Files\Java\jre1.8.0_192\bin\plugin2\npjp2.dll [2019-05-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\10.4.1.5514075\npmathplugin.dll [2016-04-11] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43856 2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
R2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Incorporated -> Foxit Software Inc.)
R2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
R2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75200 2018-03-24] (Alcorlink Corp. -> Alcorlink Corp.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [214736 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139352 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [166848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [29872 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 BTHidEnum; C:\Windows\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed]
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [299024 2012-04-09] (EldoS Corporation -> EldoS Corporation)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
R3 DLKRTE32; C:\Windows\System32\DRIVERS\DLKRTE32.sys [399360 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> D-Link Corp. )
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21496 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2017-04-22] (NTONYX Ltd. -> Eugene V. Muzychenko)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FETND62; C:\Windows\System32\DRIVERS\DLF62X86.SYS [45568 2009-11-23] (Microsoft Windows Hardware Compatibility Publisher -> D-Link )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (Microsoft Windows -> VIA Technologies, Inc. )
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [20480 2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [11520 2018-08-15] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [81160 2018-01-05] (GridinSoft, LLC -> GridinSoft LLC)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2017-03-24] (Glarysoft Ltd -> Glarysoft Ltd)
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2018-01-04] (Aladdin Knowledge Systems) [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [38224 2018-11-04] (SurfRight B.V. -> )
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-12] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [25120 2017-03-17] (IObit Information Technology -> IObit.com)
S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-11-22] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0023.sys [26208 2017-07-02] (SoftEther K.K. -> SoftEther VPN Project at University of Tsukuba, Japan.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [6528848 2019-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] () [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2011-02-08] (Samsung Electronics) [File not signed]
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [407552 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [27408 2018-01-05] (GridinSoft, LLC -> Windows (R) Win 7 DDK provider)
U1 aswbdisk; no ImagePath
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-31 00:10 - 2019-05-31 00:11 - 000033064 _____ C:\Users\walter\Desktop\FRST.txt
2019-05-31 00:09 - 2019-05-21 13:11 - 001793536 _____ (Farbar) C:\Users\walter\Desktop\FRST.exe
2019-05-30 22:04 - 2019-05-30 23:37 - 000000376 _____ C:\Users\walter\Desktop\SystemLook.txt
2019-05-30 22:03 - 2019-05-30 22:48 - 000139264 _____ C:\Users\walter\Desktop\SystemLook.exe
2019-05-30 21:57 - 2019-05-30 21:57 - 000000020 ___SH C:\Users\TEMP.walter-PC.002\ntuser.ini
2019-05-30 21:57 - 2019-05-30 21:57 - 000000000 _SHDL C:\Users\TEMP.walter-PC.002\Datos de programa
2019-05-30 21:57 - 2019-05-30 21:57 - 000000000 _SHDL C:\Users\TEMP.walter-PC.002\Configuración local
2019-05-30 21:57 - 2019-05-30 21:57 - 000000000 ____D C:\Users\TEMP.walter-PC.002
2019-05-30 21:57 - 2018-05-21 18:11 - 000000000 ____D C:\Users\TEMP.walter-PC.002\AppData\Roaming\IObit
2019-05-29 00:13 - 2019-05-29 00:13 - 000037781 _____ C:\Users\walter\Desktop\CBS.txt
2019-05-29 00:07 - 2019-05-29 00:07 - 000026073 _____ C:\Users\walter\Desktop\sfcdetails.txt
2019-05-28 20:02 - 2019-05-28 20:03 - 000000000 ____D C:\Users\walter\Desktop\otros
2019-05-28 19:55 - 2019-05-28 20:03 - 000000000 ____D C:\Users\walter\Desktop\limpiar
2019-05-27 23:49 - 2019-05-27 23:49 - 002110064 _____ ( ) C:\Users\walter\Desktop\cuestionator-programas-gratis-net_0392601713.exe
2019-05-27 23:12 - 2019-05-28 07:17 - 000000000 ____D C:\KVRT_Data
2019-05-27 22:22 - 2019-05-27 22:22 - 000311176 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-26 13:45 - 2014-04-06 20:27 - 003722496 _____ (Foxit Software Company) C:\Users\walter\Desktop\Portable Foxit PDF Editor 2.0.1011.exe
2019-05-26 13:20 - 2019-05-26 13:59 - 000000000 ____D C:\Users\walter\Desktop\1 medio
2019-05-25 23:45 - 2019-05-25 23:45 - 007666296 _____ (ESET spol. s r.o.) C:\Users\walter\Desktop\esetonlinescanner_esl.exe
2019-05-25 23:18 - 2019-05-25 23:20 - 098130888 _____ (PortableApps.com) C:\Users\walter\FirefoxPortable_67.0_English.paf.exe
2019-05-25 23:15 - 2019-05-25 23:15 - 000000000 ____D C:\Users\KOOL\AppData\Roaming\Sun
2019-05-25 23:15 - 2019-05-25 23:15 - 000000000 ____D C:\Users\KOOL\AppData\LocalLow\Sun
2019-05-25 23:09 - 2019-05-25 23:09 - 000001367 _____ C:\Users\KOOL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-05-25 23:09 - 2019-05-25 23:09 - 000000282 __RSH C:\Users\KOOL\ntuser.pol
2019-05-25 23:09 - 2019-05-25 23:09 - 000000020 ___SH C:\Users\KOOL\ntuser.ini
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\KOOL\Datos de programa
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\KOOL\Configuración local
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 ____D C:\Users\KOOL\AppData\Roaming\Adobe
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 ____D C:\Users\KOOL
2019-05-25 23:09 - 2018-05-21 18:11 - 000000000 ____D C:\Users\KOOL\AppData\Roaming\IObit
2019-05-25 10:08 - 2019-05-25 10:08 - 078857952 _____ (PortableApps.com) C:\Users\walter\firefox-portable-60-0-1.exe
2019-05-25 09:56 - 2019-05-25 09:56 - 000001969 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-05-25 09:56 - 2019-05-25 09:56 - 000001969 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-05-25 00:07 - 2019-05-25 00:07 - 000000000 ____D C:\Users\WAFIMA\AppData\Roaming\Sun
2019-05-25 00:07 - 2019-05-25 00:07 - 000000000 ____D C:\Users\WAFIMA\AppData\LocalLow\Sun
2019-05-25 00:01 - 2019-05-25 09:54 - 000000000 ____D C:\Users\WAFIMA
2019-05-25 00:01 - 2019-05-25 00:01 - 000000000 _SHDL C:\Users\WAFIMA\Datos de programa
2019-05-25 00:01 - 2019-05-25 00:01 - 000000000 _SHDL C:\Users\WAFIMA\Configuración local
2019-05-25 00:01 - 2019-05-25 00:01 - 000000000 ____D C:\Users\WAFIMA\AppData\Roaming\Adobe
2019-05-25 00:01 - 2018-05-21 18:11 - 000000000 ____D C:\Users\WAFIMA\AppData\Roaming\IObit
2019-05-24 22:47 - 2019-05-24 22:47 - 000000259 _____ C:\DelFix.txt
2019-05-24 22:47 - 2019-05-24 22:47 - 000000000 ____D C:\Windows\ERUNT
2019-05-24 21:58 - 2019-05-24 21:58 - 000000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2019-05-24 21:40 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Online Scanner 1.0
2019-05-24 21:40 - 2019-05-24 21:40 - 000000000 ____D C:\Users\walter\Documents\FlashDownloads
2019-05-24 21:40 - 2019-05-24 21:40 - 000000000 ____D C:\Program Files\ZGWSoft
2019-05-24 21:12 - 2019-05-24 21:12 - 000000000 ____D C:\Users\walter\Downloads\HTTP Directory
2019-05-24 21:00 - 2019-05-24 21:00 - 000673610 _____ () C:\Windows\unins001.exe
2019-05-24 21:00 - 2019-05-24 21:00 - 000001965 _____ C:\Windows\unins001.dat
2019-05-24 20:58 - 2019-05-24 20:58 - 000432336 _____ C:\Users\walter\Desktop\swf-catcher-3.0.zip
2019-05-24 20:32 - 2019-05-24 20:47 - 000000000 ____D C:\Users\walter\Desktop\economia
2019-05-24 17:40 - 2019-05-24 17:40 - 000002169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-24 17:40 - 2019-05-24 17:40 - 000002169 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-05-24 17:38 - 2019-05-24 17:38 - 001151544 _____ (Google LLC) C:\Users\walter\Desktop\ChromeSetup.exe
2019-05-24 17:07 - 2019-05-24 17:07 - 000006082 _____ C:\Users\walter\Downloads\Apache Tomcat _ 5.5.36 - Informe de error.htm
2019-05-24 17:07 - 2019-05-24 17:07 - 000000000 ____D C:\Users\walter\Downloads\Apache Tomcat _ 5.5.36 - Informe de error_files
2019-05-23 20:42 - 2019-05-23 20:49 - 000000141 _____ C:\Users\walter\Desktop\Nuevo documento de texto (2).txt
2019-05-22 23:58 - 2019-05-22 23:58 - 063448936 _____ (Malwarebytes ) C:\Users\walter\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10710.exe
2019-05-22 01:08 - 2019-05-25 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
2019-05-22 01:08 - 2019-05-23 00:26 - 000000000 ____D C:\Program Files\WinThruster
2019-05-22 00:49 - 2019-05-22 00:51 - 000000000 ____D C:\Users\walter\Desktop\Camila
2019-05-22 00:09 - 2019-05-22 00:11 - 000000000 ____D C:\Users\walter\Desktop\winthruster key
2019-05-21 23:06 - 2019-05-21 23:18 - 000000000 ____D C:\Users\walter\AppData\Roaming\WinThruster
2019-05-21 18:26 - 2019-05-23 00:26 - 000000000 ____D C:\Users\walter\AppData\Roaming\Solvusoft
2019-05-21 13:12 - 2019-05-31 00:10 - 000000000 ____D C:\FRST
2019-05-21 13:07 - 2019-05-21 13:38 - 000000000 ____D C:\Users\walter\Desktop\limpiar disco
2019-05-21 12:10 - 2019-05-21 12:10 - 000000000 ____D C:\Users\walter\Desktop\WinThrusterleiva
2019-05-21 11:08 - 2019-05-21 11:08 - 000000000 __SHD C:\found.008
2019-05-21 01:05 - 2019-05-21 01:05 - 000000000 ____D C:\Users\walter\Desktop\Megitas
2019-05-21 00:53 - 2019-05-21 00:53 - 000063017 _____ C:\Users\walter\Documents\Untitled1.lst
2019-05-20 23:54 - 2019-05-20 23:54 - 000031744 _____ C:\Users\walter\Documents\Rescue.asd
2019-05-20 23:43 - 2019-05-29 00:37 - 000000000 ____D C:\Users\walter\Desktop\Problemas
2019-05-20 22:36 - 2019-05-20 22:36 - 000000000 ____D C:\Users\walter\Desktop\mp3 auto
2019-05-20 21:39 - 2019-05-20 21:39 - 000001006 _____ C:\Users\walter\Desktop\ZaraRadio.lnk
2019-05-20 18:40 - 2019-05-21 11:14 - 000000000 ____D C:\Users\TEMP.walter-PC\AppData\Roaming\IObit
2019-05-20 18:40 - 2019-05-21 11:14 - 000000000 ____D C:\Users\TEMP.walter-PC
2019-05-20 17:53 - 2019-05-20 17:53 - 000000000 ____D C:\Users\walter\Impostazioni locali
2019-05-20 16:53 - 2019-05-20 16:53 - 000386484 _____ C:\Users\walter\Downloads\Prueba de Probabilidades.pdf
2019-05-20 16:52 - 2019-05-20 16:52 - 000171549 _____ C:\Users\walter\Downloads\Prueba-N-1-Inecuaciones-4-A.pdf
2019-05-20 16:52 - 2019-05-20 16:52 - 000171549 _____ C:\Users\walter\Downloads\407190140-Prueba-N-1-Inecuaciones-4-A.pdf
2019-05-20 16:51 - 2019-05-20 16:51 - 000111634 _____ C:\Users\walter\Downloads\Guia-N-5-de-Racionales.pdf
2019-05-20 16:50 - 2019-05-20 16:50 - 001115451 _____ C:\Users\walter\Downloads\Prueba-N-1-Remedial-docx.pdf
2019-05-20 16:49 - 2019-05-20 16:49 - 000118189 _____ C:\Users\walter\Downloads\Prueba-de-Vectores-y-Ecuacion-Vectorial.pdf
2019-05-20 16:48 - 2019-05-20 16:48 - 000090200 _____ C:\Users\walter\Downloads\Guia-Funcion-Probabilidades-3-10.pdf
2019-05-20 16:47 - 2019-05-20 16:47 - 000085331 _____ C:\Users\walter\Downloads\Guia-Funcion-Probabilidades-1.pdf
2019-05-20 16:45 - 2019-05-20 16:45 - 000677166 _____ C:\Users\walter\Downloads\M1T07.pdf
2019-05-20 16:18 - 2019-05-20 16:18 - 000000000 ____D C:\Users\walter\AppData\Roaming\VOS
2019-05-20 10:35 - 2019-05-20 13:29 - 000000000 ____D C:\Users\walter\Desktop\Nueva carpeta (3)
2019-05-20 10:23 - 2019-05-20 16:17 - 000000000 ____D C:\Users\walter\Desktop\Nueva carpeta
2019-05-19 23:29 - 2019-05-19 23:29 - 000892416 _____ (Farbar) C:\Users\walter\Desktop\MiniToolBox.exe
2019-05-19 20:03 - 2019-05-19 23:24 - 000000000 ____D C:\Users\walter\Desktop\Nueva carpeta (2)
2019-05-19 18:01 - 2019-05-21 18:21 - 000000000 ____D C:\Users\walter\Desktop\4 medios
2019-05-19 17:32 - 2019-05-28 04:06 - 000000000 ____D C:\Windows\Minidump
2019-05-19 16:28 - 2019-05-21 11:55 - 000000000 ____D C:\Users\walter\Desktop\ntdll
2019-05-19 15:24 - 2019-05-19 15:29 - 000000000 ____D C:\Users\TEMP.walter-PC.003
2019-05-19 13:04 - 2019-05-19 13:04 - 000027951 _____ C:\ComboFix.txt
2019-05-19 10:36 - 2019-05-26 00:50 - 000000000 ____D C:\Users\walter\Desktop\Propiedades
2019-05-19 06:22 - 2019-05-19 06:21 - 000000076 _____ C:\registro.bat
2019-05-19 01:13 - 2019-05-20 20:11 - 000000000 ____D C:\Users\walter\Desktop\RESUMEN
2019-05-18 20:19 - 2019-05-23 00:26 - 000000000 ____D C:\Users\walter\Desktop\no tocar
2019-05-18 17:30 - 2019-05-18 17:30 - 000001750 _____ C:\AiOLog.txt
2019-05-18 17:29 - 2019-05-19 06:29 - 000000000 ____D C:\Windows\system32\Adobe
2019-05-18 17:29 - 2019-05-18 17:30 - 000005380 _____ C:\Windows\unins000.dat
2019-05-18 17:29 - 2019-05-18 17:29 - 001207319 _____ C:\Windows\unins000.exe
2019-05-18 17:29 - 2017-04-01 20:44 - 003450616 _____ (Red Hat) C:\Windows\system32\cygwin1.dll
2019-05-18 17:29 - 2017-01-26 07:25 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2019-05-18 17:29 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2019-05-18 17:29 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2019-05-18 17:29 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2019-05-18 17:29 - 2014-01-31 03:14 - 001055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll
2019-05-18 17:29 - 2014-01-25 14:30 - 000131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll
2019-05-18 17:29 - 2012-06-14 15:36 - 000107520 _____ C:\Windows\system32\zlib1.dll
2019-05-18 17:29 - 2012-04-03 17:11 - 000138752 _____ C:\Windows\system32\libpng15.dll
2019-05-18 17:29 - 2011-10-12 04:09 - 004033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll
2019-05-18 17:29 - 2010-06-27 18:44 - 000053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
2019-05-18 17:29 - 2010-03-18 21:21 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\msdia100.dll
2019-05-18 17:29 - 2008-08-26 07:40 - 000162304 _____ C:\Windows\system32\libpng13.dll
2019-05-18 17:29 - 2005-05-06 14:52 - 000103424 _____ (GNU <www.gnu.org>) C:\Windows\system32\libintl3.dll
2019-05-18 17:29 - 1994-11-17 14:00 - 000210944 _____ C:\Windows\system\msvcrt10.dll
2019-05-18 17:02 - 2019-05-18 17:02 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-05-18 17:02 - 2019-05-18 17:02 - 000000000 ____D C:\Program Files\Common Files\Java
2019-05-18 17:02 - 2019-05-18 17:01 - 000096632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2019-05-18 17:01 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-05-18 17:00 - 2019-05-18 17:00 - 000000000 ____D C:\Program Files\Java
2019-05-18 16:49 - 2019-05-18 16:49 - 000000000 ____D C:\Users\walter\Documents\SWF Decompiler Intro
2019-05-18 16:46 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2019-05-18 16:46 - 2019-05-18 16:46 - 000000000 ____D C:\Program Files\Common Files\SourceTec
2019-05-18 16:45 - 2019-05-18 16:45 - 000000000 ____D C:\Program Files\SourceTec
2019-05-18 15:08 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2019-05-18 15:08 - 2019-05-18 15:08 - 000000000 ____D C:\Program Files\StreamTransport
2019-05-18 15:08 - 2009-10-27 19:31 - 003982240 _____ (Adobe Systems, Inc.) C:\Windows\system32\Flash10d.ocx
2019-05-18 14:54 - 2019-05-18 14:54 - 000005104 _____ C:\ProgramData\ktqkcacn.tot
2019-05-18 14:54 - 2019-05-18 14:54 - 000000016 _____ C:\ProgramData\mntemp
2019-05-18 14:28 - 2019-05-18 14:28 - 000000000 ____D C:\Users\walter\Documents\MEGAsync Downloads
2019-05-18 13:36 - 2019-05-23 18:55 - 000000000 ____D C:\Users\walter\Desktop\error
2019-05-18 13:04 - 2019-05-18 13:04 - 000000000 ____D C:\found.007
2019-05-18 12:58 - 2016-08-10 10:55 - 000406912 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2019-05-16 20:35 - 2019-05-30 23:54 - 000016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2019-05-14 00:05 - 2019-05-14 00:09 - 011290946 _____ C:\Users\walter\Downloads\UCE8451_01.pdf
2019-05-13 23:42 - 2019-05-13 23:43 - 057200210 _____ C:\Users\walter\Downloads\Probabilidad-y-estadstica-isc.pdf
2019-05-13 23:37 - 2019-05-13 23:37 - 000980325 _____ C:\Users\walter\Downloads\M2T03.pdf
2019-05-12 01:18 - 2019-05-26 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
2019-05-12 01:18 - 2019-05-26 00:15 - 000000000 ____D C:\Program Files\netcut
2019-05-12 01:18 - 2006-09-21 13:59 - 000389120 _____ () C:\Windows\system32\actskn43.ocx
2019-05-11 23:44 - 2019-05-11 23:44 - 000000000 ____D C:\Users\walter\Downloads\eMule
2019-05-11 19:21 - 2019-05-18 19:54 - 000000000 ____D C:\Users\walter\Downloads\opera autoupdate
2019-05-11 19:15 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-05-07 15:51 - 2019-05-07 15:51 - 000043856 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-05-07 15:51 - 2019-05-07 15:51 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-05-07 15:51 - 2019-05-07 15:51 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-05-07 15:51 - 2019-05-07 15:51 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-05-05 11:41 - 2019-05-05 11:41 - 000000000 ____D C:\Users\walter\Downloads\Descargas mayo
2019-05-05 11:08 - 2019-05-20 15:42 - 000000000 ____D C:\Users\walter\Desktop\VAC
2019-05-05 01:08 - 2019-05-05 01:08 - 000001155 _____ C:\Users\walter\Desktop\cdbxpp.exe - Acceso directo.lnk
2019-05-05 00:54 - 2019-05-05 00:54 - 000000760 _____ C:\Users\walter\Desktop\Escritorio Mayo.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-30 22:53 - 2009-07-14 00:34 - 000025248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-30 22:53 - 2009-07-14 00:34 - 000025248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-30 22:03 - 2018-12-23 21:57 - 000312248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-30 21:59 - 2018-01-14 12:03 - 000000000 ____D C:\Users\walter\AppData\LocalLow\Mozilla
2019-05-30 21:58 - 2016-07-18 20:21 - 000000000 ____D C:\Program Files\Dropbox
2019-05-30 21:55 - 2018-08-26 12:50 - 000000000 ____D C:\Program Files\TeamViewer
2019-05-30 21:54 - 2018-01-04 00:05 - 008405015 _____ C:\Windows\hlktmp
2019-05-30 21:54 - 2016-09-23 19:04 - 000000000 ____D C:\ProgramData\Foxit Software
2019-05-30 21:54 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-28 19:50 - 2017-01-22 16:34 - 000000000 ____D C:\oo
2019-05-27 22:22 - 2019-02-19 16:18 - 000214736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-27 22:22 - 2019-01-17 10:00 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-27 22:22 - 2019-01-17 09:59 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-27 22:22 - 2019-01-17 09:59 - 000056296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-27 22:22 - 2019-01-17 09:59 - 000034488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000783024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000403680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000173232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000139352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-26 20:24 - 2011-04-11 21:30 - 000755032 _____ C:\Windows\system32\perfh00A.dat
2019-05-26 20:24 - 2011-04-11 21:30 - 000161608 _____ C:\Windows\system32\perfc00A.dat
2019-05-26 20:24 - 2010-11-20 17:01 - 001695218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-26 20:24 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2019-05-26 00:17 - 2017-03-13 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Password Remover v3.1
2019-05-26 00:17 - 2017-03-13 22:35 - 000000000 ____D C:\Program Files\PDF Password Remover v3.1
2019-05-26 00:14 - 2018-06-02 20:21 - 000000000 ____D C:\Program Files\KMSpico
2019-05-26 00:13 - 2018-06-02 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-05-26 00:10 - 2017-04-22 18:04 - 000000000 ____D C:\Program Files\Free Sound Recorder
2019-05-25 23:20 - 2016-07-13 22:53 - 000000000 ____D C:\Users\walter
2019-05-25 18:24 - 2016-11-05 19:23 - 000000000 ____D C:\Users\walter\AppData\Roaming\vlc
2019-05-25 11:25 - 2018-01-21 19:44 - 000000025 _____ C:\Users\walter\CurrentSong.txt
2019-05-25 10:08 - 2016-07-14 00:47 - 000000000 ____D C:\Program Files\CCleaner
2019-05-25 09:54 - 2019-01-27 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sparkol VideoScribe
2019-05-25 09:54 - 2019-01-09 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2019-05-25 09:54 - 2018-11-24 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica 11.2
2019-05-25 09:54 - 2018-11-24 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-05-25 09:54 - 2018-03-04 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2019-05-25 09:54 - 2018-02-18 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Doctor
2019-05-25 09:54 - 2018-01-16 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinBoard 4.8.0
2019-05-25 09:54 - 2018-01-05 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
2019-05-25 09:54 - 2018-01-02 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2019-05-25 09:54 - 2017-12-30 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2019-05-25 09:54 - 2017-05-13 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2019-05-25 09:54 - 2017-04-22 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2019-05-25 09:54 - 2017-01-13 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyExtender
2019-05-25 09:54 - 2016-12-24 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2019-05-25 09:54 - 2016-10-21 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual MP3 Splitter & Joiner
2019-05-25 09:54 - 2016-08-27 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lupas Rename 2000
2019-05-25 09:54 - 2016-07-19 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2019-05-25 09:52 - 2016-10-31 12:57 - 000000000 ____D C:\Users\Max Ram
2019-05-25 09:51 - 2019-04-13 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-05-25 09:51 - 2019-04-09 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebCopier
2019-05-25 09:51 - 2019-04-05 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.5
2019-05-25 09:51 - 2019-01-27 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoScribe
2019-05-25 09:51 - 2019-01-25 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoolUtils
2019-05-25 09:51 - 2019-01-22 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-05-25 09:51 - 2019-01-18 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HAZARES
2019-05-25 09:51 - 2019-01-08 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Word
2019-05-25 09:51 - 2019-01-08 15:16 - 000000000 ____D C:\Users\walter\AppData\Roaming\IDM
2019-05-25 09:51 - 2019-01-01 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Enterprise
2019-05-25 09:51 - 2018-12-23 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-05-25 09:51 - 2018-12-21 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover
2019-05-25 09:51 - 2018-12-08 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2019-05-25 09:51 - 2018-12-05 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPP
2019-05-25 09:51 - 2018-12-05 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2019-05-25 09:51 - 2018-12-04 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-05-25 09:51 - 2018-11-08 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Francisko Parejo, Software
2019-05-25 09:51 - 2018-10-21 22:46 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-25 09:51 - 2018-10-14 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZaraRadio
2019-05-25 09:51 - 2018-09-06 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Card Reader Windows 7 Patch
2019-05-25 09:51 - 2018-09-06 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-05-25 09:51 - 2018-09-05 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific Notebook 5.5
2019-05-25 09:51 - 2018-08-18 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 7
2019-05-25 09:51 - 2018-08-05 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific WorkPlace 5.5
2019-05-25 09:51 - 2018-07-18 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Math Editor
2019-05-25 09:51 - 2018-05-17 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZOOK MBOX to PDF Converter
2019-05-25 09:51 - 2018-05-17 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turgs MBOX Wizard
2019-05-25 09:51 - 2018-04-28 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2019-05-25 09:51 - 2018-03-30 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2019-05-25 09:51 - 2018-03-24 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-05-25 09:51 - 2018-03-24 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2019-05-25 09:51 - 2018-03-06 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyotek WebCopy
2019-05-25 09:51 - 2018-03-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
2019-05-25 09:51 - 2018-02-28 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ENFUNS Updater
2019-05-25 09:51 - 2018-02-25 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-05-25 09:51 - 2018-02-25 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
2019-05-25 09:51 - 2018-02-25 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2019-05-25 09:51 - 2018-02-03 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
2019-05-25 09:51 - 2018-02-02 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD2one V2
2019-05-25 09:51 - 2018-01-31 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2019-05-25 09:51 - 2018-01-25 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2019-05-25 09:51 - 2018-01-24 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMP Font Viewer
2019-05-25 09:51 - 2018-01-11 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainbow Folders
2019-05-25 09:51 - 2018-01-06 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICC for Windows
2019-05-25 09:51 - 2018-01-05 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2019-05-25 09:51 - 2018-01-02 21:39 - 000000000 ____D C:\Program Files\Resource Hacker
2019-05-25 09:51 - 2017-12-15 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2019-05-25 09:51 - 2017-06-03 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-05-25 09:51 - 2017-05-08 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Video Downloader
2019-05-25 09:51 - 2017-05-06 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2019-05-25 09:51 - 2017-04-22 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder
2019-05-25 09:51 - 2017-04-04 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindThatWord
2019-05-25 09:51 - 2017-03-25 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kentico 10.0
2019-05-25 09:51 - 2017-03-24 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-05-25 09:51 - 2017-03-23 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capturador de Links
2019-05-25 09:51 - 2017-03-09 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batch Picture Resizer
2019-05-25 09:51 - 2017-02-28 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2019-05-25 09:51 - 2017-02-19 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro
2019-05-25 09:51 - 2017-02-19 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridMove
2019-05-25 09:51 - 2017-02-13 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2019-05-25 09:51 - 2017-01-31 22:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-25 09:51 - 2017-01-17 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VBA Password Recovery Lastic
2019-05-25 09:51 - 2017-01-12 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2019-05-25 09:51 - 2017-01-02 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2019-05-25 09:51 - 2016-11-08 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IHMC Concept Map Tools
2019-05-25 09:51 - 2016-11-05 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2019-05-25 09:51 - 2016-10-06 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VaxaSoftware
2019-05-25 09:51 - 2016-09-29 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2019-05-25 09:51 - 2016-09-24 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-05-25 09:51 - 2016-09-23 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2019-05-25 09:51 - 2016-09-08 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Join Multiple DjVu Files Into One Software
2019-05-25 09:51 - 2016-08-22 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
2019-05-25 09:51 - 2016-08-01 22:12 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2019-05-25 09:51 - 2016-07-29 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoCAM Messenger
2019-05-25 09:51 - 2016-07-27 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teleport Pro
2019-05-25 09:51 - 2016-07-26 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-05-25 09:51 - 2016-07-20 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock CursorXP
2019-05-25 09:51 - 2016-07-20 00:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Magnifying Glass
2019-05-25 09:51 - 2016-07-19 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
2019-05-25 09:51 - 2016-07-19 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
2019-05-25 09:51 - 2016-07-14 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-25 09:51 - 2016-07-14 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-05-25 09:51 - 2016-07-13 23:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-05-25 09:51 - 2009-07-14 00:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-05-25 09:51 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\registration
2019-05-25 09:50 - 2017-05-07 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2019-05-25 09:50 - 2016-07-18 22:55 - 000000000 ____D C:\Program Files\Google
2019-05-24 22:51 - 2016-09-11 22:18 - 000000000 ____D C:\Users\walter\AppData\LocalLow\Temp
2019-05-24 22:34 - 2016-08-15 18:30 - 000000000 ____D C:\Program Files\Adobe
2019-05-24 22:33 - 2011-04-11 21:39 - 000000000 ____D C:\Windows\ShellNew
2019-05-24 22:26 - 2018-03-30 02:14 - 000000000 ____D C:\Program Files\Nero
2019-05-24 22:17 - 2016-07-17 02:36 - 000000000 ____D C:\Program Files\IObit
2019-05-24 22:16 - 2016-07-17 02:36 - 000000000 ____D C:\Users\walter\AppData\Roaming\IObit
2019-05-24 22:16 - 2016-07-17 02:36 - 000000000 ____D C:\ProgramData\IObit
2019-05-24 22:12 - 2016-07-17 02:36 - 000000000 ____D C:\Users\walter\AppData\LocalLow\IObit
2019-05-24 21:54 - 2009-07-13 22:04 - 000000690 _____ C:\Windows\win.ini
2019-05-24 17:40 - 2019-03-17 16:34 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 21:07 - 2018-03-24 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2019-05-20 23:53 - 2016-07-17 02:21 - 000000000 ____D C:\Users\walter\AppData\Roaming\Thinstall
2019-05-20 21:37 - 2018-01-05 18:55 - 000000000 ____D C:\Users\walter\AppData\Roaming\AIMP
2019-05-20 18:41 - 2018-12-09 18:15 - 000000000 ____D C:\Users\walter\AppData\Local\Apps\2.0
2019-05-19 13:04 - 2016-08-07 20:20 - 000000000 ____D C:\Qoobox
2019-05-19 13:01 - 2009-07-13 22:04 - 000000256 _____ C:\Windows\system.ini
2019-05-19 00:56 - 2018-08-31 13:42 - 000000000 ____D C:\Users\walter\AppData\Roaming\Opera Software
2019-05-19 00:45 - 2017-01-09 21:32 - 000000000 ____D C:\Windows\pss
2019-05-19 00:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Msdtc
2019-05-18 20:05 - 2018-09-11 20:15 - 000000000 ____D C:\Windows\{250C4DEB-CBB8-4CDE-B145-19501A8C92C0}
2019-05-18 20:05 - 2018-09-03 04:55 - 000000000 ____D C:\Windows\{D74B6370-D583-4762-BAD4-1B952A92363E}
2019-05-18 20:05 - 2018-08-25 13:00 - 000000000 ____D C:\Windows\{DAFF9106-893A-4EDF-BE3E-71D72BF9F4CE}
2019-05-18 20:05 - 2018-08-24 01:04 - 000000000 ____D C:\Windows\{ADF9326E-1B4A-4F13-8D05-D1A4A787157D}
2019-05-18 20:05 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\Help
2019-05-18 20:04 - 2018-10-30 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Edit Pro 2.1
2019-05-18 20:04 - 2017-01-13 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-05-18 18:00 - 2016-07-14 17:23 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-18 17:29 - 2016-07-30 18:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-18 17:29 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system
2019-05-18 17:28 - 2016-07-30 18:21 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-05-18 17:28 - 2016-07-30 18:21 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-05-18 13:34 - 2009-07-13 22:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-18 13:32 - 2017-01-11 08:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-05-18 00:14 - 2019-01-29 23:27 - 000000000 ____D C:\Users\walter\AppData\Roaming\WordKutools
2019-05-17 22:39 - 2018-01-29 20:04 - 000000000 ____D C:\Users\walter\AppData\Roaming\Psiphon3
2019-05-14 00:22 - 2017-07-23 20:42 - 000000000 _____ C:\Windows\system32\last.dump
2019-05-11 19:01 - 2019-01-08 16:18 - 000002097 _____ C:\Users\walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-05-05 01:10 - 2019-04-07 13:54 - 000000000 ____D C:\Users\walter\Desktop\Guias de Pre
2019-05-05 01:08 - 2019-04-27 01:06 - 000000000 ____D C:\Users\walter\Desktop\CDBurnerXP-4.5.3.4746

==================== Files in the root of some directories =======

2018-07-18 20:52 - 2018-07-28 17:26 - 000000262 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-24 23:46 - 2018-09-06 22:08 - 000000004 _____ () C:\ProgramData\lock.dat
2019-05-25 10:08 - 2019-05-25 10:08 - 078857952 _____ (PortableApps.com) C:\Users\walter\firefox-portable-60-0-1.exe
2019-05-25 23:18 - 2019-05-25 23:20 - 098130888 _____ (PortableApps.com) C:\Users\walter\FirefoxPortable_67.0_English.paf.exe
2018-01-20 13:32 - 2018-01-20 13:32 - 000000132 _____ () C:\Users\walter\AppData\Roaming\Prefs. de formato AIFF de Adobe CS6
2019-05-30 21:56 - 2019-05-30 21:56 - 000000000 _____ () C:\Users\walter\AppData\Local\BITE040.tmp
2019-01-08 23:00 - 2019-01-09 20:22 - 000004608 _____ () C:\Users\walter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-03-24 00:10 - 2018-03-24 00:10 - 000000001 _____ () C:\Users\walter\AppData\Local\llftool.4.40.agreement
2018-12-05 20:59 - 2018-12-05 20:59 - 000000135 _____ () C:\Users\walter\AppData\Local\psppirerc
2018-12-05 21:00 - 2018-12-05 21:00 - 000000218 _____ () C:\Users\walter\AppData\Local\recently-used.xbel
2017-04-09 15:00 - 2019-04-22 00:16 - 000007606 _____ () C:\Users\walter\AppData\Local\resmon.resmoncfg
2018-08-23 23:14 - 2018-08-23 23:14 - 000000003 _____ () C:\Users\walter\AppData\Local\wbem.ini
2018-12-05 20:53 - 2018-12-05 20:53 - 000000000 _____ () C:\Users\walter\AppData\Local\xlstat.open

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-23 20:04
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-05-2019
Ran by walter (31-05-2019 00:11:58)
Running from C:\Users\walter\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2016-07-14 02:53:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3193159865-2815699795-1142240979-500 - Administrator - Disabled)
Invitado (S-1-5-21-3193159865-2815699795-1142240979-501 - Limited - Enabled) => C:\Users\TEMP.walter-PC.000
KOOL (S-1-5-21-3193159865-2815699795-1142240979-1011 - Administrator - Enabled) => C:\Users\KOOL
UpdatusUser (S-1-5-21-3193159865-2815699795-1142240979-1001 - Limited - Enabled) => C:\Users\TEMP.walter-PC.002
walter (S-1-5-21-3193159865-2815699795-1142240979-1000 - Administrator - Enabled) => C:\Users\walter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Activador Windows 7 (HKLM\...\Activador Windows 7) (Version:  - )
Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\{3BD13111-2F32-4AB7-B9BB-16E07C9AA894}) (Version: 12.3.4.204 - Adobe Systems, Inc)
Advanced PDF Password Recovery (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Advanced PDF Password Recovery) (Version: 5.0 - ElcomSoft Co. Ltd.)
Advanced RAR Repair v1.2 (HKLM\...\Advanced RAR Repair v1.2) (Version:  - )
AIMP (HKLM\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
AirDroid 3.3.5.3 (HKLM\...\AirDroid) (Version: 3.3.5.3 - Sand Studio)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
AMP Font Viewer (HKLM\...\AMP Font Viewer) (Version:  - )
AnyTrans (HKLM\...\AnyTrans) (Version: 6.3.3.0 - iMobie Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Batch Picture Resizer 7.2 (HKLM\...\Batch Picture Resizer_is1) (Version: 7.2 - SoftOrbits)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
Capturador de Links versión 2.0 creada por Luciano Aibar (HKLM\...\Capturador de Links_is1) (Version: 2.0 creada por Luciano Aibar - )
Card Reader Patch 1.0 for Windows 7 (HKLM\...\Card Reader Windows 7 Patch_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Cyotek WebCopy version 1.3.0.405 (HKLM\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.3.0.405 - Cyotek Ltd)
Descargador de Video de Apowersoft V6.2.4 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.4 - APOWERSOFT LIMITED)
Dexpot (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Dexpot) (Version: 1.6.14 - Dexpot GbR)
DFX (HKLM\...\DFX) (Version: 12.023.0.0 - Power Technology)
DGE-560T Gigabit PCI Express Ethernet Adapter (HKLM\...\{6E01C07D-A44B-406E-A0DC-DEF62181E6E7}) (Version: 7.47.706.2011 - D-Link)
Diagnóstico de impresoras Samsung (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Direct Video Downloader version 2.12 (HKLM\...\{5FB07C70-45DA-45C9-AAD3-F805D4C463D5}_is1) (Version: 2.12 - Major Share, MajorShare.com)
D-Link DFE-520TX (HKLM\...\{9629C9A1-74F7-4DD0-B99B-9066925E63F8}) (Version:  - D-Link) Hidden
D-Link DFE-520TX (HKLM\...\InstallShield_{9629C9A1-74F7-4DD0-B99B-9066925E63F8}) (Version:  - D-Link)
D-Link DFE-530TX+ (HKLM\...\{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}) (Version:  - D-Link) Hidden
D-Link DFE-530TX+ (HKLM\...\InstallShield_{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}) (Version:  - D-Link)
Driver Easy 5.6.5 (HKLM\...\DriverEasy_is1) (Version: 5.6.5 - Easeware)
Dropbox (HKLM\...\Dropbox) (Version: 72.4.136 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Duplicate Cleaner Pro 4.0.4 (HKLM\...\Duplicate Cleaner Pro) (Version: 4.0.4 - DigitalVolcano Software Ltd)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink Instal)
DVD2one V2.4.2 (HKLM\...\DVD2one V2) (Version: 2.4.2 - Eximius B.V.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Partition Master 12.5 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
f.lux (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\Flux) (Version:  - f.lux Software LLC)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FindThatWord 0.1 (HKLM\...\{1409F1B5-726C-47D5-9642-A6B4716E2823}_is1) (Version:  - Jonny and Ieuan Jones)
Flash Online Scanner 1.0 (HKLM\...\Flash Online Scanner_is1) (Version:  - ZGW Software, Inc.)
FLOW3D Version 9.3.2 (HKLM\...\{28D7F279-2398-489E-87A9-D03AAAE8ADDA}) (Version: 9.3.2 - Flow Science, Inc.) Hidden
FLOW3D Version 9.3.2 (HKLM\...\InstallShield_{28D7F279-2398-489E-87A9-D03AAAE8ADDA}) (Version: 9.3.2 - Flow Science, Inc.)
Folder Size 3.4.0.0 (HKLM\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
FormatFactory 3.8.0.0 (HKLM\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
ForSamplingUpdate (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\7bec5a913a80bf0f) (Version: 1.3.2.3 - ForSampling)
Foxit PDF Preview Handler (HKLM\...\{6FE22909-D0D6-4111-ABCE-7F8D986C4A2A}) (Version: 1.0.0 - Tim Heuer)
Foxit PhantomPDF Business (HKLM\...\{4699E810-3A23-11E6-97B8-000C2992F709}) (Version: 8.0.0.624 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Free Sound Recorder v10.8.8 (HKLM\...\Free Sound Recorder_is1) (Version:  - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.)
Free Video to DVD Converter (HKLM\...\Free Video to DVD Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.341.0 - International GeoGebra Institute)
Glary Utilities PRO 5.79 (HKLM\...\Glary Utilities 5) (Version: 5.79.0.100 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 3.1.29 - GridinSoft LLC)
GridMove V1.19.57 (HKLM\...\GridMove_is1) (Version:  - DonationCoder.com)
HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - )
HAZARES (HKLM\...\ST6UNST #1) (Version:  - )
HidenGate (HKLM\...\{6AE85624-C2DA-4547-B0EF-8B424A03252B}_is1) (Version: 1.0.0.5 - DLTG)
HiSuite (HKLM\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
ICC for Windows 1.0 beta 9.8.10 (HKLM\...\{CFF71C5A-D887-429C-A1F6-FD395C1823E8}_is1) (Version: 1.0 - Internet Chess Club, Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6099.6 - IDT)
iExplorer 3.7.5.1 (HKLM\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
IHMC Concept Map Tools 2.9.1 - walter (HKLM\...\IHMC Concept Map Tools 2.9.1 - walter) (Version:  - )
IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
Java 8 Update 192 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180192F0}) (Version: 8.0.1920.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Join Multiple DjVu Files Into One Software (HKLM\...\Join Multiple DjVu Files Into One Software_is1) (Version:  - Sobolsoft)
JPEG Recovery Pro 5.0 (HKLM\...\JPEG Recovery Pro5.0) (Version: 5.0 - e.World Technology Limited)
KeyExtender 3.99 (HKLM\...\KeyExtender_is1) (Version:  - EasySoft)
K-Lite Codec Pack 14.5.2 Full (HKLM\...\KLiteCodecPack_is1) (Version: 14.5.2 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Kutools for Word versión 8.9.0 (HKLM\...\{E9A0AD37-5BA2-4E60-85F1-8B785CF2FBF5}_is1) (Version: 8.9.0 - ExtendOffice)
Lupas Rename 2000 v5.0 Release (HKLM\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Math Editor version 1.0.6.6 (HKLM\...\{1250D241-20C3-40C9-BBA8-6D537A8021FA}_is1) (Version: 1.0.6.6 - MathiVersity)
MathType 7 (HKLM\...\DSMT7) (Version: 7.1.2 - WIRIS)
Max Recorder (HKLM\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Merlín Generador de Ejercicios (HKLM\...\Merlín Generador de Ejercicios_is1) (Version:  - )
Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{10C4E843-C226-3FDF-9DD6-F4E3275E734D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft OneDrive (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{F95C77E7-7194-4EAF-AB58-1E270838ED0C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{DEDD3877-0BDD-4A02-A50B-FCB8E540D308}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 64.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 64.0 (x86 es-ES)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NetCut 2.1.4 (HKLM\...\NetCut_is1) (Version:  - arcai.com)
NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ontrack EasyRecovery Enterprise (HKLM\...\{AE695CA4-8847-4462-98CC-023874D29E72}_is1) (Version: 11.5.0.0 - Kroll Ontrack Inc.)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Panel de control de NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - IDT MEDIA  (11/27/2008 5.10.6099.8) (HKLM\...\7196607E1A8892CB0B39A0ADD6D36FAC68564EFF) (Version: 11/27/2008 5.10.6099.8 - IDT)
Paquete de controladores de Windows - Microsoft (msisadrv) System  (06/21/2006 6.1.7600.16385) (HKLM\...\F7107071B470B397C7CF356FEFEA5750761B2484) (Version: 06/21/2006 6.1.7600.16385 - Microsoft)
Paquete de controladores de Windows - NVIDIA (NVNET) Net  (10/30/2009 73.1.9.1) (HKLM\...\F8F98893BBD0749D6052A2993F0180943FB5E5C3) (Version: 10/30/2009 73.1.9.1 - NVIDIA)
Paquete de controladores de Windows - Ralink Corporation (BlueletAudio) MEDIA  (12/19/2012 9.2.1.0002) (HKLM\...\D32C584A1BE4E34101249FD90E0D04E489A0A05D) (Version: 12/19/2012 9.2.1.0002 - Ralink Corporation)
PDF Password Remover v3.1 (HKLM\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
Picture Doctor 3.1 (HKLM\...\Picture Doctor_is1) (Version: 3.1 - SoftOrbits)
PSPP (HKLM\...\PSPP) (Version: 0.10.1 - Free Software Foundation, Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team)
Rainbow Folders (HKLM\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski)
RAR Password Recovery v1.1 RC16 (remove only) (HKLM\...\Intelore - RAR Password Recovery) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Remo Recover (HKLM\...\{993DAF7C-A5F8-42EA-81D4-DAE3C9D2D1F7}_is1) (Version: 3.0.0.113 - Remo Software)
Remove Empty Directories version 2.2 (HKLM\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Resource Hacker Version 4.5.30 (HKLM\...\ResourceHacker_is1) (Version:  - )
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version:  - Punk Software)
Rybka 4 (HKLM\...\{9CAF9762-B107-4E7B-A459-68F083298C58}) (Version: 12.0.0 - ChessBase) Hidden
Rybka 4 (HKLM\...\{F9683839-1A7F-4874-91B7-64CDF4AC4679}) (Version: 12.0.0 - ChessBase)
Samsung ML-2160 Series (HKLM\...\Samsung ML-2160 Series) (Version: 1.26 (16-08-2017) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 XPS (HKLM\...\Samsung Universal Print Driver 2 XPS) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
Scientific Notebook 5.5 (HKLM\...\{E066DE16-50F3-4A8C-953C-E67118894B2F}) (Version: 5.50 - MacKichan Software)
Sothink SWF Catcher for Internet Explorer (HKLM\...\{7FC84AD6-D939-41A0-A3DF-FB9B511FF275}_is1) (Version: 3.0 - SourceTec Software Co., LTD)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sparkol VideoScribe (HKLM\...\{0998FB32-1208-49AC-A8C8-2B462FE040EF}) (Version: 2.3.2002 - Sparkol) Hidden
Sparkol VideoScribe (HKLM\...\Sparkol VideoScribe 2.3.2002) (Version: 2.3.2002 - Sparkol)
Stellar Phoenix Windows Data Recovery - Home (HKLM\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd)
StreamTransport version: 1.0.2.1700 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Syncios Data Transfer 1.6.5 (HKLM\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.6.5 - Anvsoft, Inc.)
System Mechanic (HKLM\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 18.0.2.486 - iolo technologies, LLC)
TeamViewer 14 (HKLM\...\TeamViewer) (Version: 14.2.2558 - TeamViewer)
Teleport Pro (HKLM\...\Teleport Pro) (Version: 1.70 - Tennyson Maxwell Information Systems, Inc.)
TL-WN725N_WN723N Controlador (HKLM\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.21a - Ghisler Software GmbH)
Total Video Converter 3.61 100319 (HKLM\...\Total Video Converter 3.61_is1) (Version:  - EffectMatrix Inc.)
TotalAudioConverter (HKLM\...\Total Audio Converter_is1) (Version: 5.1 - Softplicity, Inc.)
Turgs MBOX Wizard (HKLM\...\Turgs MBOX Wizard_is1) (Version:  - Turgs)
United States (English and Talossan) (HKLM\...\{630CB9BF-D268-4270-B6C9-4C0D5330E4E2}) (Version: 1.0.3.40 - keyboards.jargon-file.org)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VBA Password Recovery Lastic 1.2 (HKLM\...\VBA Password Recovery Lastic_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vector Magic (HKLM\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VideoCAM Messenger (HKLM\...\{57383270-6F61-4DC8-A9B8-C1745FC29F38}) (Version: 4.21.0.000 - KYE)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual MP3 Splitter & Joiner 9.1 (HKLM\...\Visual MP3 Splitter & Joiner_is1) (Version:  - ManiacTools.com)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WallpaperSuite (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\WallpaperSuite) (Version: 1.0.0.1 - WallpaperSuite)
WebCopier 5.3 (HKLM\...\{0C72BD21-2BBB-43E6-8EEB-C8BE42FE90E5}_is1) (Version:  - MaximumSoft Corp.)
WhatsApp (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\WhatsApp) (Version: 0.2.7315 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\...\WinDirStat) (Version:  - )
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
WinHTTrack Website Copier 3.48-22 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wolfram Extras 10.4 (5514075) (HKLM\...\A-WIN-Extras 10.4.1 5514075_is1) (Version: 10.4.1 - Wolfram Research, Inc.)
Wolfram Mathematica 10.4 (M-WIN-L 10.4.1 5514214) (HKLM\...\M-WIN-L 10.4.1 5514214_is1) (Version: 10.4.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11.2 (M-WIN-L 11.2.0 5822651) (HKLM\...\M-WIN-L 11.2.0 5822651_is1) (Version: 11.2.0 - Wolfram Research, Inc.)
WolframScript (A-WIN32-WolframScript 11.2.0 2017091001) (HKLM\...\{90D12C2B-666B-422D-91CF-531112BA0823}) (Version: 11.2.44 - Wolfram Research, Inc.)
Wondershare Data Recovery(Build 6.0.1.9) (HKLM\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.0.1.9 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
ZaraRadio 1.6.2 (HKLM\...\ZaraRadio_is1) (Version:  - ZaraSoft)
ZOOK MBOX to PDF Converter (HKLM\...\ZOOK MBOX to PDF Converter_is1) (Version:  - ZOOK)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000_Classes\CLSID\{68D44A27-FFB6-4B89-A3E5-7B0E50A7AB33}\InprocServer32 -> C:\Program Files\Ultracopier\PluginLoader\catchcopy-v0002\catchcopy32.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000_Classes\CLSID\{F09690BD-582D-4439-B6ED-5C2545D2F424}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3193159865-2815699795-1142240979-1000_Classes\CLSID\{F7B8E2CA-97DF-4974-BDF1-3D93EDC93A5E}\InprocServer32 -> C:\Users\walter\AppData\Local\WallpaperSuite\WallpaperSuiteLib.dll => No File
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects: Virtual Storage Mount Notification -> {5FF49FE8-B332-4CB9-B102-FB6951629E55} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2018-01-05] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x86.dll [2016-06-17] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\Phoenix360\System Mechanic\x86\Incinerator.dll [2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Program Files\CoolUtils\TotalAudioConverter\axTotalConverter.dll [2015-01-28] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} =>  -> No File
ContextMenuHandlers3: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2018-01-05] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\Phoenix360\System Mechanic\x86\Incinerator.dll [2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

Shortcut: C:\Users\walter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic
Shortcut: C:\Users\walter\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехрlоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2019-01-25 22:25 - 2015-01-28 05:19 - 002426880 _____ () [File not signed] C:\Program Files\CoolUtils\TotalAudioConverter\axTotalConverter.dll
2017-06-08 10:14 - 2017-06-08 10:14 - 001095680 ____N () [File not signed] C:\Program Files\GridinSoft Anti-Malware\shellext.dll
2010-07-04 17:32 - 2010-07-04 17:32 - 000010752 _____ () [File not signed] C:\Program Files\Unlocker\UnlockerCOM.dll
2017-09-10 16:51 - 2017-09-10 16:51 - 000798208 _____ () [File not signed] C:\Users\walter\AppData\Local\MEGAsync\libsodium.dll
2016-08-01 22:10 - 2011-04-11 01:26 - 000024064 _____ () [File not signed] C:\Windows\System32\spexsl.dll
2017-03-23 22:00 - 2017-07-21 02:18 - 001663488 _____ () [File not signed] C:\Windows\system32\spool\drivers\w32x86\3\ssj1mUM.dll
2016-11-05 11:01 - 2016-11-05 11:01 - 000184320 _____ () [File not signed] C:\Windows\W7FBC\dll.dll
2019-05-12 01:18 - 2011-07-28 17:35 - 000262144 _____ (Arcai.com) [File not signed] C:\Program Files\netcut\services\AIPS.exe
2016-02-17 23:16 - 2016-02-17 23:16 - 023927296 _____ (FFmpeg Project) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\avcodec-57.dll
2016-02-17 23:16 - 2016-02-17 23:16 - 006306816 _____ (FFmpeg Project) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\avformat-57.dll
2016-02-17 23:16 - 2016-02-17 23:16 - 000599552 _____ (FFmpeg Project) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\avutil-55.dll
2016-02-17 23:16 - 2016-02-17 23:16 - 000287232 _____ (FFmpeg Project) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\swresample-2.dll
2016-02-17 23:16 - 2016-02-17 23:16 - 000513024 _____ (FFmpeg Project) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\swscale-4.dll
2013-06-17 13:31 - 2013-06-17 13:31 - 000076288 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_103.dll
2018-12-12 06:32 - 2018-12-12 06:32 - 000154432 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe
2007-03-30 18:34 - 2007-03-30 18:34 - 000036864 _____ (Malwarebytes) [File not signed] C:\Program Files\FileASSASSIN\FileASSASSINExt.dll
2009-08-18 10:24 - 2009-08-18 10:24 - 000134144 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2019-05-18 17:03 - 2019-05-18 17:03 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2016-07-29 00:52 - 2016-07-29 00:52 - 002447000 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvapi.dll
2009-06-10 17:19 - 2016-07-29 00:59 - 015373760 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvd3dum.dll
2017-09-10 15:08 - 2017-09-10 15:08 - 000061952 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\cares.dll
2018-04-02 13:21 - 2018-04-02 13:21 - 000275456 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\libcurl.dll
2018-04-02 13:38 - 2019-01-21 19:22 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\LIBEAY32.dll
2018-04-02 13:38 - 2019-01-21 19:22 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\SSLEAY32.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 02:37 - 2017-09-14 02:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\platforms\qwindows.dll
2017-09-25 10:30 - 2017-09-25 10:30 - 004641792 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\Qt5Core.dll
2017-09-14 02:32 - 2017-09-14 02:32 - 005016576 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\Qt5Gui.dll
2017-09-14 02:30 - 2017-09-14 02:30 - 000851968 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\Qt5Network.dll
2017-09-14 02:42 - 2017-09-14 02:42 - 000255488 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\Qt5Svg.dll
2017-09-14 02:35 - 2017-09-14 02:35 - 004433920 _____ (The Qt Company Ltd) [File not signed] C:\Users\walter\AppData\Local\MEGAsync\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34832260.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\34832260.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2019-05-19 13:00 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3193159865-2815699795-1142240979-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\walter\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.83.1.4 - 190.160.0.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\startupfolder: C:^Users^walter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^walter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GridMove.lnk => C:\Windows\pss\GridMove.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
MSCONFIG\startupreg: GoogleChromeAutoLaunch_11DBF98E3701C5FADC062621FC200949 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: snpstd => C:\Windows\vsnpstd.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\walter\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: WallpaperSuite => "C:\Users\walter\AppData\Local\WallpaperSuite\WallpaperSuite.exe" /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9D528238-A67C-4542-B304-B9C26C507C97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7633E2E6-43C5-4E67-AF97-0E5987669B35}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7214D9B-24B9-47F6-AC6B-48FEB982036D}] => (Allow) C:\Users\walter\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EEECE71-AC0B-4FB5-9F90-FA6536FAB701}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C57A84DA-4A6E-44C1-94D0-A624B12D55AC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{E18BBB95-9360-4CE4-AD13-8170DD1EAEE1}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{FCC4EF3A-4C0D-4A8E-87CE-7D53599F21D8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{3F573BE9-7998-4945-B98A-F7853D89E496}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{8FECA01F-BAB3-4C4A-ACDD-18544392BB7E}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{002FDF83-B5E4-4FCD-B531-3ECCBD0DB544}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{1CCD4EBE-8433-4D70-9327-AA1B497897ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C7B8F4D-F22D-4CF2-B7A6-1496F409D9D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B5C59195-FA21-4687-A6FE-8B61853FF233}] => (Allow) C:\Program Files\Samsung\Samsung Universal Print Driver 2 XPS\PrinterSelector\SUPDApp.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{9AF422B9-3B7C-4AF3-A266-EC09F2EEB260}H:\emule\emule.exe] => (Allow) H:\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{00FF2FD2-6BCE-43C8-B206-41107C23C278}H:\emule\emule.exe] => (Allow) H:\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [TCP Query User{EF635342-D557-4B41-953A-7D79301A6BBC}C:\program files\airdroid\airdroid.exe] => (Allow) C:\program files\airdroid\airdroid.exe (TONGBU TECHNOLOGY (HK) LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{85BAB95E-A9B3-4C30-8A27-EA61D1BFE073}C:\program files\airdroid\airdroid.exe] => (Allow) C:\program files\airdroid\airdroid.exe (TONGBU TECHNOLOGY (HK) LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{FF1278F5-0111-4812-B0E3-1EA77599448C}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{B3918105-1138-4FE6-97D4-23C3E6999AA8}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0C92ECB-FB86-446F-BEA2-1ECEE4C7EEDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D5B0E551-759D-4869-849A-93ABA001F047}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A02E2879-144E-4990-AB27-47293DD0104B}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{234E0D55-E191-4A8A-97B8-F5ABCCF5565A}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{08E15151-163C-4610-90AE-862583646A8D}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{577938D4-C31F-439E-AED7-4794E9248DA3}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{00786891-1D65-4D2F-AB02-15153D59D1B8}] => (Block) LPort=445
FirewallRules: [{AEF91E5C-1E27-4F07-9C4C-D78FDE98A8EB}] => (Block) LPort=445
FirewallRules: [{345DB848-D70D-4B87-8E49-F6724F9D645B}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{90E96FF0-BA32-4D00-B6CE-0401E1688305}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{7CC7824D-F7E1-496A-998F-AE2F4C23C5B7}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{F647CDE6-08D4-400D-BFEA-E1172EBD21D6}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{41B2D383-4682-4CFF-927A-9EFC5DF34608}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time) [File not signed]
FirewallRules: [{3D11CDC5-C4FA-43E4-B421-3EC95F75C93A}] => (Allow) C:\Users\walter\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{59F1BBAD-3C26-4DC5-A04B-F714E256EC62}] => (Allow) C:\Users\walter\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{6F445E50-811B-404E-A2DB-959F03F5F4A6}] => (Allow) C:\Program Files\AnvSoft\Syncios Data Transfer\SynciosTransfer.exe (Anvsoft Inc. -> Syncios Data Transfer)
FirewallRules: [{BF770E88-6035-4A73-9CA9-14DB700DFF91}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABD765DC-5FF6-41C3-AFA2-1BF009D32836}] => (Allow) LPort=1688
FirewallRules: [{D2224E21-822D-4397-9ABA-B936B200108D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{BDEF680C-0727-444E-AE58-EE916C61B515}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{78259EF6-F897-43D7-9688-EC601B81B98B}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{157DCBBD-ED26-4EB1-8F39-49496BDE4E2B}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3872B16B-36D2-4F3E-B4EC-404EEC582D22}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{05E1BB3F-1D86-4CC8-AEB6-E01213D3BDC9}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9D598E7-1956-4C1C-BBD7-F6936298397B}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{38685AD7-D089-4A26-9C46-F2B9662A30D9}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A275B686-717D-4503-A285-024A7C716ACF}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{97657A26-90B8-43FE-B58E-0994DF52EF4D}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7CFCE1DE-D9B8-49C5-B418-001F0F080644}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C04C8C5F-7769-43CC-AEE9-9A84A12EEAAC}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5834B863-0A9B-40E0-9473-E425752FAB87}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9E3672B9-4825-489A-8F43-B164224C81DD}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{488CB36F-CBDB-429C-85EC-D8CEBCF55DE5}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6E23D790-0EAF-495A-AAA0-B87F9F4626AB}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{879EE372-8F17-40C3-9DA5-1AFED27354FF}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2FB5F4D3-B71B-42FD-897C-583C18CE6DEF}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2794003E-E903-4F2D-8EE5-E235F9A97183}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3028F535-6860-475B-BDCE-2FDEE390E697}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F51C90BB-895D-4174-BA6D-0A80A6B04995}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{615CBA1C-661D-4561-A992-E08FC3E06FA8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{311D2FE8-B6AD-40F9-BBC2-2DADB441AB41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A995ED0F-C1E1-4544-B1BF-01B4296D454D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{AD12BEFA-4416-425D-A0F5-E154FA30F06A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{3F88A0A6-8759-4862-A69F-66C119B64B62}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{F3E1613F-1F06-405E-918F-56ED1B9E45D8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{42955922-3BC1-4726-9777-235642BFEC43}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{AFB3E3CD-E3E0-498D-A8D1-5905EA703F2A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{BCAD9AA3-39ED-49DD-B345-10B2B465CEF9}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{ED6D9985-2040-471F-A2B8-E92C3FFF7523}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9455A99E-EF7A-47F6-B89E-DA08854C2EE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F233FC03-0279-4DC4-AA9C-BFA163334EE7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7915EC1D-826E-40C9-A9E9-6CC26ECF496E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{54DF77C4-EADC-4968-91CC-323B2A8C1E3B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8061EFFC-F134-4919-8701-B0E2DFBFCCDD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{21887D48-231D-4756-9016-FD860BD5B77A}D:\13 abril\portable foxit pdf editor 2.0.1011.exe] => (Block) D:\13 abril\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{1CE1FDBC-7415-44E1-9534-88212AE50D2F}D:\13 abril\portable foxit pdf editor 2.0.1011.exe] => (Block) D:\13 abril\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{570FC8B1-1283-41DA-859E-E048AA8E9623}C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [UDP Query User{6B3DC682-C666-4E2E-9F51-3803CCA45004}C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [{44606FC4-32FF-4657-ACAA-4F68C9FE84F2}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{C533C36C-E349-4096-B1A3-50B8CB2E5784}E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [UDP Query User{457F5B43-97A5-41E0-AD96-29A07813E808}E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [TCP Query User{40D6354D-CD07-4935-A3FC-05CF140CC499}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [UDP Query User{D7671610-5D8F-477C-BDE3-A6CF9000D2B3}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [{46929318-5DE8-4CA2-BC34-E7C0F55652FF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{8EDB451E-8A41-402D-895C-9AB532280EC6}C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [UDP Query User{805F1B4D-F3AB-44D6-828F-9909CE69E0D2}C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]

==================== Restore Points =========================

27-05-2019 19:18:27 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther VPN Project
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA nForce Ethernet 
Description: NVIDIA nForce Networking Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVNET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2019 11:37:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SystemLook.exe, versión: 0.0.0.0, marca de tiempo: 0x4e33b721
Nombre del módulo con errores: SystemLook.exe, versión: 0.0.0.0, marca de tiempo: 0x4e33b721
Código de excepción: 0x40000015
Desplazamiento de errores: 0x000157dd
Id. del proceso con errores: 0x1450
Hora de inicio de la aplicación con errores: 0x01d5175b70949490
Ruta de acceso de la aplicación con errores: C:\Users\walter\Desktop\SystemLook.exe
Ruta de acceso del módulo con errores: C:\Users\walter\Desktop\SystemLook.exe
Id. del informe: 758a46f0-8355-11e9-864f-00030d000001

Error: (05/30/2019 09:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Dropbox.exe, versión: 73.4.118.0, marca de tiempo: 0x5ce3ea60
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24000, marca de tiempo: 0x5a4996cd
Código de excepción: 0xe00f0003
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0x1690
Hora de inicio de la aplicación con errores: 0x01d5175472268360
Ruta de acceso de la aplicación con errores: C:\Program Files\Dropbox\Client_73.4.118\Dropbox.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\KERNELBASE.dll
Id. del informe: b5e383f0-8347-11e9-864f-00030d000001

Error: (05/30/2019 09:57:51 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: walter-PC)
Description: Windows no encuentra el perfil local y está iniciando la sesión con un perfil temporal. Los cambios que se efectúen en este perfil se perderán cuando se cierre la sesión.

Error: (05/30/2019 09:57:51 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: walter-PC)
Description: Windows hizo una copia de seguridad de este perfil de usuario. Windows intentará automáticamente usar la copia de seguridad del perfil la próxima vez que este usuario inicie sesión.

Error: (05/30/2019 09:56:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SSTray.exe, versión: 18.0.2.486, marca de tiempo: 0x5bae5516
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24000, marca de tiempo: 0x5a4996cd
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0xf50
Hora de inicio de la aplicación con errores: 0x01d51753e23915b0
Ruta de acceso de la aplicación con errores: C:\Program Files\Phoenix360\System Mechanic\SSTray.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\KERNELBASE.dll
Id. del informe: 59c5e950-8347-11e9-864f-00030d000001

Error: (05/30/2019 09:56:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: SSTray.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.IO.FileLoadException
   en System.Reflection.RuntimeAssembly._nLoad(System.Reflection.AssemblyName, System.String, System.Security.Policy.Evidence, System.Reflection.RuntimeAssembly, System.Threading.StackCrawlMark ByRef, IntPtr, Boolean, Boolean, Boolean)
   en System.Reflection.RuntimeAssembly.nLoad(System.Reflection.AssemblyName, System.String, System.Security.Policy.Evidence, System.Reflection.RuntimeAssembly, System.Threading.StackCrawlMark ByRef, IntPtr, Boolean, Boolean, Boolean)
   en System.Reflection.RuntimeAssembly.InternalLoadAssemblyName(System.Reflection.AssemblyName, System.Security.Policy.Evidence, System.Reflection.RuntimeAssembly, System.Threading.StackCrawlMark ByRef, IntPtr, Boolean, Boolean, Boolean)
   en System.Reflection.RuntimeAssembly.InternalLoadFrom(System.String, System.Security.Policy.Evidence, Byte[], System.Configuration.Assemblies.AssemblyHashAlgorithm, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
   en System.Reflection.Assembly.LoadFrom(System.String)
   en Phoenix360.Shared.SharedHelper.AppResolveEventHandler(System.Object, System.ResolveEventArgs)
   en System.AppDomain.OnAssemblyResolveEvent(System.Reflection.RuntimeAssembly, System.String)

Información de la excepción: System.IO.FileLoadException
   en iolo.Controller.EntitlementController..cctor()

Información de la excepción: System.TypeInitializationException
   en iolo.Controller.EntitlementController.get_Instance()
   en iolo.SSTray.SSTrayApp..ctor()
   en iolo.SSTray.Program.Main(System.String[])

Error: (05/30/2019 09:55:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (05/28/2019 11:38:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Dropbox.exe, versión: 73.4.118.0, marca de tiempo: 0x5ce3ea60
Nombre del módulo con errores: KERNELBASE.dll, versión: 6.1.7601.24000, marca de tiempo: 0x5a4996cd
Código de excepción: 0xe00f0003
Desplazamiento de errores: 0x0000845d
Id. del proceso con errores: 0x1464
Hora de inicio de la aplicación con errores: 0x01d515cfed006000
Ruta de acceso de la aplicación con errores: C:\Program Files\Dropbox\Client_73.4.118\Dropbox.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\KERNELBASE.dll
Id. del informe: 30ba8a00-81c3-11e9-ad4b-00030d000001


System errors:
=============
Error: (05/30/2019 09:55:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
dsbwncfk

Error: (05/30/2019 09:54:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DgiVecp no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el dispositivo especificado.

Error: (05/28/2019 07:26:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: El siguiente controlador de inicio del sistema o de inicio del arranque no se cargó correctamente: 
dsbwncfk

Error: (05/28/2019 07:25:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio DgiVecp no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el dispositivo especificado.

Error: (05/28/2019 07:22:40 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Experiencia con aplicaciones se cerró con el siguiente error: 
Acceso denegado.

Error: (05/28/2019 07:22:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Experiencia con aplicaciones se cerró con el siguiente error: 
Acceso denegado.

Error: (05/28/2019 07:22:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Experiencia con aplicaciones se cerró con el siguiente error: 
Acceso denegado.

Error: (05/28/2019 07:18:22 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: No se puede iniciar un servidor DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Error 
"5"
al iniciar este comando:
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


CodeIntegrity:
===================================

Date: 2018-10-15 18:23:37.767
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-15 18:23:37.690
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-15 18:23:37.582
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-13 13:22:58.324
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-13 13:22:58.309
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-13 13:22:58.309
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-08 22:06:11.771
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-08 22:06:11.755
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 080015 05/16/2008
Motherboard: ECS GF7100/7050PVT-M3
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 92%
Total physical RAM: 2815.24 MB
Available physical RAM: 200.66 MB
Total Virtual: 5630.48 MB
Available Virtual: 2332.76 MB

==================== Drives ================================

Drive c: (walter) (Fixed) (Total:100.72 GB) (Free:29.15 GB) NTFS
Drive d: (210916-1) (Fixed) (Total:910.16 GB) (Free:770.49 GB) NTFS
Drive e: (210916-2) (Fixed) (Total:910.16 GB) (Free:231.85 GB) NTFS
Drive f: (210916-3) (Fixed) (Total:974.08 GB) (Free:427.89 GB) NTFS
Drive g: (ws250709 [musica-video-ima]) (Fixed) (Total:185.55 GB) (Free:23.68 GB) NTFS
Drive h: (ws-07-10-2016) (Fixed) (Total:145.84 GB) (Free:101.48 GB) NTFS
Drive i: (260614 UTILIDADES) (Fixed) (Total:6.72 GB) (Free:0.82 GB) NTFS
Drive l: (280418 FORMULARIOS) (Fixed) (Total:5 GB) (Free:0.63 GB) NTFS
Drive n: (WSIVOLI-30122018) (Removable) (Total:14.32 GB) (Free:3.28 GB) NTFS
Drive o: (WS 18-05-2019) (Fixed) (Total:21.83 GB) (Free:14.94 GB) NTFS

\\?\Volume{965bd5ae-496b-11e6-90d8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00290029)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=364.9 GB) - (Type=0F Extended)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 03DD17B9)

Partition: GPT.

========================================================
Disk: 3 (Size: 14.3 GB) (Disk ID: 07531EA5)
Partition 1: (Not Active) - (Size=14.3 GB) - (Type=07 NTFS)
======== End of Addition.txt ============================
============

Hola @WALLY

Por lo que puedo ver tienes todos los Visual C++ instalados :thinking:

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM\...\{dd1e9bde-2ad6-4e92-8c07-7d4723eab8b8}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)

Lo que me preocupa de tu equipo es todos los errores que se van sumando, el problema del perfil temporal aun persiste.

Lo de las dll erróneas y ahora lo del Visual.

El enlace a los reportes no es necesario están colgados perfectamente en el tema.

Busca que en tu escritorio se ve un archivo SystemLook.txt y ve que hay dentro y si contiene alguna información lo pegas en próxima respuesta.

Salu2

Eso es todo

SystemLook 30.07.11 by jpshortstuff Log created at 22:49 on 30/05/2019 by walter Administrator - Elevation successful

========== filefind ==========

Searching for “browcli.dll