Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-06-2019
Ran by NABLA (administrator) on WALTER-PC (ECS GF7100/7050PVT-M3) (07-06-2019 00:11:35)
Running from C:\Users\NABLA.walter-PC\Desktop
Loaded Profiles: NABLA (Available Profiles: walter & UpdatusUser & NABLA & Invitado)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [5576512 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450667 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\system32\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-03-08]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01A59CCC-A585-4189-9603-53867104211A} - System32\Tasks\Driver Booster SkipUAC (walter) => C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {0A6468B5-80B8-4556-B8D5-28BEE0DDDCFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {114429B2-BA48-40B1-BB70-6BA4DAD41D64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {22D7B07A-FFDA-41E7-A08A-EACBC04462F1} - System32\Tasks\{52FEBD89-FBA4-449E-ACF6-50964B215D16} => msiexec.exe /package "C:\Users\walter\Desktop\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\passware-kit-forensic-32bit.msi"
Task: {2309619D-F02A-428C-85C8-148C4520A8B6} - System32\Tasks\ioloTUDsDownloader => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {236633DD-5F9F-4B3B-B3AF-EAB9BA494B24} - System32\Tasks\Opera scheduled Autoupdate 1535737370 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {2DA390BB-6F5F-447B-B365-73845EDEBF59} - System32\Tasks\{C87AB4CA-1F6E-4E8F-B93C-15AAEAE93580} => C:\Windows\system32\pcalua.exe -a "C:\Users\walter\Downloads\Compressed\Cursor_Installer\Cursor Installer.exe" -d C:\Users\walter\Downloads\Compressed\Cursor_Installer
Task: {32FF3E71-5F16-461C-8344-75A83AB8CAC6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {3B0DD3DD-C7A1-4221-BA81-D3CCD22D7321} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C35D1BA-7EF8-4D00-B944-EFDD2C1D9911} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {45DD7267-F62B-4FAA-BA95-87587F6648EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5DA1009A-015C-49C0-B1BD-B08C11301138} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [897528 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {60DD423D-AAFB-40A6-A79E-6FFBA3890AF9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {6660F89E-AA6D-4E1B-9131-5FA119C11A57} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_walter => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {6A60BAFF-1FE5-4D17-8BE4-C1E8726E8A17} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1945712 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {8058733E-1769-4FE9-8BC1-D7CDA850AB09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {85188087-71DA-40B9-88C2-21DED51433A9} - System32\Tasks\Opera scheduled assistant Autoupdate 1547735215 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {8A95F761-04CD-482A-B3CC-C36935A0B15B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3193159865-2815699795-1142240979-1000 => C:\Users\walter\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-06-05] (Access Denied) [File not signed]
Task: {AF0CC4C5-7851-4AB8-BF07-F015FF540C11} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files\Phoenix360\System Mechanic\SSDefs.exe [136928 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {AF1E1DD1-BD40-4415-AA74-480623C94119} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B1C36431-8593-4506-B64A-B46764920DC2} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\ActiveBridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {B28B9B36-DB2B-4445-9C54-043F1E054BB2} - System32\Tasks\AdobeGCInvoker-1.0-walter-PC-walter => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
Task: {B8CDB082-F74E-444E-A662-9EC509D5CD7E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [134648 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {C1FCB802-7CA2-434D-B95F-9E5FE8AC2BFA} - System32\Tasks\ioloSystemShield => C:\Program Files\Phoenix360\System Mechanic\SSTray.exe [655520 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {D59B049B-6A34-474A-8F73-5F5C300CACED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8205082-44FE-4901-8F33-B14DBC41E54B} - System32\Tasks\ioloActiveCare => C:\Program Files\Phoenix360\System Mechanic\systemmechanic.exe [2403568 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {E6E161FE-4D95-4525-8EBC-5DB590348769} - System32\Tasks\{A0D2A674-A307-4641-950C-55F1306EC06B} => C:\Users\walter\Desktop\Cool Edit Pro 2.1\Cool Edit Pro 2.1.exe
Task: {FA42F638-5940-4E2F-9C8D-6C1EABCC414F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE367E9D-87DF-4EBA-A032-0D5737F0983F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{3100BEF9-6842-40A2-AC20-26F7B775D9E3}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{A1027262-0F84-4B8B-A726-084E896FEB10}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2019-05-18] (Adobe Systems Incorporated -> )
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\10.4.1.5514075\npmathplugin.dll [2016-04-11] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default [2019-06-07]
CHR Extension: (Presentaciones) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-07]
CHR Extension: (Documentos) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-07]
CHR Extension: (Google Drive) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-07]
CHR Extension: (YouTube) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-07]
CHR Extension: (Yahoo Partner) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdbpcigaolookbahgdofnimidinicfid [2019-06-07]
CHR Extension: (Hojas de cálculo) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-07]
CHR Extension: (Avast Online Security) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-07]
CHR Extension: (Gmail) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07]
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43856 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
S2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
S2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Incorporated -> Foxit Software Inc.)
S2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
S2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75200 2018-03-24] (Alcorlink Corp. -> Alcorlink Corp.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [214736 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139352 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167568 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [29872 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 BTHidEnum; C:\Windows\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed]
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [299024 2012-04-09] (EldoS Corporation -> EldoS Corporation)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
R3 DLKRTE32; C:\Windows\System32\DRIVERS\DLKRTE32.sys [399360 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> D-Link Corp. )
S1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21496 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2017-04-22] (NTONYX Ltd. -> Eugene V. Muzychenko)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FETND62; C:\Windows\System32\DRIVERS\DLF62X86.SYS [45568 2009-11-23] (Microsoft Windows Hardware Compatibility Publisher -> D-Link )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (Microsoft Windows -> VIA Technologies, Inc. )
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [20480 2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [11520 2018-08-15] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [81160 2018-01-05] (GridinSoft, LLC -> GridinSoft LLC)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2017-03-24] (Glarysoft Ltd -> Glarysoft Ltd)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
S2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2018-01-04] (Aladdin Knowledge Systems) [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [38224 2018-11-04] (SurfRight B.V. -> )
S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-12] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [25120 2017-03-17] (IObit Information Technology -> IObit.com)
S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-11-22] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0023.sys [26208 2017-07-02] (SoftEther K.K. -> SoftEther VPN Project at University of Tsukuba, Japan.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [6528848 2019-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] () [File not signed]
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2011-02-08] (Samsung Electronics) [File not signed]
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [407552 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [27408 2018-01-05] (GridinSoft, LLC -> Windows (R) Win 7 DDK provider)
U1 aswbdisk; no ImagePath
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]