Error en una dll que afecta todo

Hola @WALLY

Pero creaste la nueva cuenta con derechos de Administrador antes?

Por que en el reporte no se ve, incluso la cuenta Nabla que mencionas ni aparece.

Como crear cuenta de Usuario Administrador en Windows 7.

Y sin embargo habías ejecutado FRST desde allí.

Elimino los anteriores reportes en cuanto coloques un reporte de FRST pero en la nueva cuenta de Windows con derechos de Administrador que creaste o al menos que debías haber creado.

O mejor inicia en Modo Seguro puedes crear la nueva cuenta desde allí y ejecutar FRST desde allí (Que es la verdadera cuenta Administrador en Windows 7)

Es probable que te haya dado errores por que algún paso no quedo bien.

Salu2

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-06-2019
Ran by NABLA (administrator) on WALTER-PC (ECS GF7100/7050PVT-M3) (07-06-2019 00:11:35)
Running from C:\Users\NABLA.walter-PC\Desktop
Loaded Profiles: NABLA (Available Profiles: walter & UpdatusUser & NABLA & Invitado)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [5576512 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450667 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [226184 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [1545216 2015-09-02] () [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [602624 2014-11-11] (TechSmith Corporation) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.tsc2] => C:\Windows\system32\tsc2_codec32.dll [234496 2014-08-27] (TechSmith Corporation) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-03-08]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A59CCC-A585-4189-9603-53867104211A} - System32\Tasks\Driver Booster SkipUAC (walter) => C:\Program Files\IObit\Driver Booster\5.3.0\DriverBooster.exe
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {0A6468B5-80B8-4556-B8D5-28BEE0DDDCFC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {114429B2-BA48-40B1-BB70-6BA4DAD41D64} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {22D7B07A-FFDA-41E7-A08A-EACBC04462F1} - System32\Tasks\{52FEBD89-FBA4-449E-ACF6-50964B215D16} => msiexec.exe /package "C:\Users\walter\Desktop\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\Passware.Passware.Kit.Forensic.v13.5.8557.REPACK-BRD\passware-kit-forensic-32bit.msi"
Task: {2309619D-F02A-428C-85C8-148C4520A8B6} - System32\Tasks\ioloTUDsDownloader => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {236633DD-5F9F-4B3B-B3AF-EAB9BA494B24} - System32\Tasks\Opera scheduled Autoupdate 1535737370 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {2DA390BB-6F5F-447B-B365-73845EDEBF59} - System32\Tasks\{C87AB4CA-1F6E-4E8F-B93C-15AAEAE93580} => C:\Windows\system32\pcalua.exe -a "C:\Users\walter\Downloads\Compressed\Cursor_Installer\Cursor Installer.exe" -d C:\Users\walter\Downloads\Compressed\Cursor_Installer
Task: {32FF3E71-5F16-461C-8344-75A83AB8CAC6} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {3B0DD3DD-C7A1-4221-BA81-D3CCD22D7321} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C35D1BA-7EF8-4D00-B944-EFDD2C1D9911} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {45DD7267-F62B-4FAA-BA95-87587F6648EA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5DA1009A-015C-49C0-B1BD-B08C11301138} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [897528 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {60DD423D-AAFB-40A6-A79E-6FFBA3890AF9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2394504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {6660F89E-AA6D-4E1B-9131-5FA119C11A57} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_walter => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary)
Task: {6A60BAFF-1FE5-4D17-8BE4-C1E8726E8A17} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\activebridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1945712 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {8058733E-1769-4FE9-8BC1-D7CDA850AB09} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-03-17] (Google Inc -> Google Inc.)
Task: {85188087-71DA-40B9-88C2-21DED51433A9} - System32\Tasks\Opera scheduled assistant Autoupdate 1547735215 => C:\Users\walter\AppData\Local\Programs\Opera\launcher.exe
Task: {8A95F761-04CD-482A-B3CC-C36935A0B15B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3193159865-2815699795-1142240979-1000 => C:\Users\walter\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-06-05] (Access Denied)  [File not signed]
Task: {AF0CC4C5-7851-4AB8-BF07-F015FF540C11} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files\Phoenix360\System Mechanic\SSDefs.exe [136928 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {AF1E1DD1-BD40-4415-AA74-480623C94119} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2019-05-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B1C36431-8593-4506-B64A-B46764920DC2} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files\Common Files\Phoenix360\ActiveCore\ActiveBridge.exe [679656 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {B28B9B36-DB2B-4445-9C54-043F1E054BB2} - System32\Tasks\AdobeGCInvoker-1.0-walter-PC-walter => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
Task: {B8CDB082-F74E-444E-A662-9EC509D5CD7E} - System32\Tasks\GlaryInitialize 5 => C:\Program Files\Glary Utilities 5\Initialize.exe [134648 2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Task: {C1FCB802-7CA2-434D-B95F-9E5FE8AC2BFA} - System32\Tasks\ioloSystemShield => C:\Program Files\Phoenix360\System Mechanic\SSTray.exe [655520 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {D59B049B-6A34-474A-8F73-5F5C300CACED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1913648 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8205082-44FE-4901-8F33-B14DBC41E54B} - System32\Tasks\ioloActiveCare => C:\Program Files\Phoenix360\System Mechanic\systemmechanic.exe [2403568 2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {E6E161FE-4D95-4525-8EBC-5DB590348769} - System32\Tasks\{A0D2A674-A307-4641-950C-55F1306EC06B} => C:\Users\walter\Desktop\Cool Edit Pro 2.1\Cool Edit Pro 2.1.exe
Task: {FA42F638-5940-4E2F-9C8D-6C1EABCC414F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FE367E9D-87DF-4EBA-A032-0D5737F0983F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{3100BEF9-6842-40A2-AC20-26F7B775D9E3}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15
Tcpip\..\Interfaces\{A1027262-0F84-4B8B-A726-084E896FEB10}: [DhcpNameServer] 200.83.1.4 190.160.0.14 200.30.192.15

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_122.dll [2019-05-18] (Adobe Systems Incorporated -> )
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-05-18] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-06-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: @wolfram.com/Mathematica -> C:\Program Files\Common Files\Wolfram Research\Browser\10.4.1.5514075\npmathplugin.dll [2016-04-11] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default [2019-06-07]
CHR Extension: (Presentaciones) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-07]
CHR Extension: (Documentos) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-07]
CHR Extension: (Google Drive) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-07]
CHR Extension: (YouTube) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-07]
CHR Extension: (Yahoo Partner) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdbpcigaolookbahgdofnimidinicfid [2019-06-07]
CHR Extension: (Hojas de cálculo) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-07]
CHR Extension: (Avast Online Security) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-07]
CHR Extension: (Gmail) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-07]
CHR Extension: (Chrome Media Router) - C:\Users\NABLA.walter-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07]
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
S2 AIPS; C:\Program Files\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5584416 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [359864 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-18] (Dropbox, Inc -> Dropbox, Inc.)
S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43856 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
S2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [370792 2010-01-21] (NVIDIA Corporation -> )
S2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1647808 2016-06-21] (Foxit Software Incorporated -> Foxit Software Inc.)
S2 HuaweiHiSuiteService.exe; C:\Program Files\HiSuite\HandSetService\HuaweiHiSuiteService.exe [154432 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [167528 2010-01-21] (NVIDIA Corporation -> )
S2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [75200 2018-03-24] (Alcorlink Corp. -> Alcorlink Corp.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34488 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [173232 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225608 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [171520 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [56296 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [214736 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [139352 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [100984 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [783024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [403680 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [167568 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [312248 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [29872 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [10804 2005-04-30] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [23000 2005-05-31] (IVT Corporation) [File not signed]
S3 BTHidEnum; C:\Windows\System32\DRIVERS\vbtenum.sys [11860 2005-04-30] () [File not signed]
R0 BTHidMgr; C:\Windows\System32\Drivers\BTHidMgr.sys [28271 2005-04-30] (IVT Corporation) [File not signed]
S3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [299024 2012-04-09] (EldoS Corporation -> EldoS Corporation)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider)
S3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
R3 DLKRTE32; C:\Windows\System32\DRIVERS\DLKRTE32.sys [399360 2011-08-04] (Microsoft Windows Hardware Compatibility Publisher -> D-Link Corp. )
S1 ElRawDisk; C:\Windows\system32\drivers\rsdrv.sys [22312 2009-02-12] (EldoS Corporation -> EldoS Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [21496 2016-01-14] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10208 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2017-04-22] (NTONYX Ltd. -> Eugene V. Muzychenko)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FETND62; C:\Windows\System32\DRIVERS\DLF62X86.SYS [45568 2009-11-23] (Microsoft Windows Hardware Compatibility Publisher -> D-Link )
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (Microsoft Windows -> VIA Technologies, Inc. )
R3 gHidPnp; C:\Windows\System32\Drivers\gHidPnp.Sys [20480 2018-09-06] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gMouUsb; C:\Windows\System32\DRIVERS\gMouUsb.sys [11520 2018-08-15] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 GridinSoftInetSecurityDriver; C:\Windows\System32\DRIVERS\gsInetSecurity.sys [81160 2018-01-05] (GridinSoft, LLC -> GridinSoft LLC)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17472 2017-03-24] (Glarysoft Ltd -> Glarysoft Ltd)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [693760 2006-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
S2 Haspnt; C:\Windows\system32\drivers\Haspnt.sys [47616 2018-01-04] (Aladdin Knowledge Systems) [File not signed]
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [38224 2018-11-04] (SurfRight B.V. -> )
S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-11-12] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S1 IMFCameraProtect; C:\Windows\system32\drivers\IMFCameraProtect.sys [25120 2017-03-17] (IObit Information Technology -> IObit.com)
S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [81768 2015-11-22] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0023.sys [26208 2017-07-02] (SoftEther K.K. -> SoftEther VPN Project at University of Tsukuba, Japan.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [17160 2015-03-05] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13064 2016-11-24] (MiniTool Solution Ltd -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [6528848 2019-01-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [17920 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [76288 2013-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Nuvoton Technology Corp.)
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [390784 2006-05-03] () [File not signed]
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2011-02-08] (Samsung Electronics) [File not signed]
S3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [407552 2009-06-11] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tpg86win7; C:\Windows\System32\DRIVERS\tpg86win7.sys [491112 2012-02-22] (Realtek Semiconductor Corp -> TP-LINK TECHNOLOGIES CO., LTD)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [27408 2018-01-05] (GridinSoft, LLC -> Windows (R) Win 7 DDK provider)
U1 aswbdisk; no ImagePath
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-07 00:11 - 2019-06-07 00:12 - 000031158 _____ C:\Users\NABLA.walter-PC\Desktop\FRST.txt
2019-06-07 00:11 - 2019-06-07 00:10 - 001770496 _____ (Farbar) C:\Users\NABLA.walter-PC\Desktop\FRST.exe
2019-06-07 00:10 - 2019-06-07 00:11 - 000030862 _____ C:\Users\NABLA.walter-PC\Downloads\FRST.txt
2019-06-07 00:10 - 2019-06-07 00:10 - 001770496 _____ (Farbar) C:\Users\NABLA.walter-PC\Downloads\FRST.exe
2019-06-07 00:02 - 2019-06-07 00:02 - 000094528 _____ C:\Windows\ntbtlog.txt
2019-06-06 21:12 - 2019-06-06 21:12 - 000000020 ___SH C:\Users\TEMP.walter-PC.000\ntuser.ini
2019-06-06 21:12 - 2019-06-06 21:12 - 000000000 _SHDL C:\Users\TEMP.walter-PC.000\Datos de programa
2019-06-06 21:12 - 2019-06-06 21:12 - 000000000 _SHDL C:\Users\TEMP.walter-PC.000\Configuración local
2019-06-06 21:12 - 2019-06-06 21:12 - 000000000 _SHDL C:\Users\TEMP.walter-PC.000\AppData\Local\Historial
2019-06-06 21:12 - 2019-06-06 21:12 - 000000000 _SHDL C:\Users\TEMP.walter-PC.000\AppData\Local\Datos de programa
2019-06-06 21:12 - 2019-06-06 21:12 - 000000000 _SHDL C:\Users\TEMP.walter-PC.000\AppData\Local\Archivos temporales de Internet
2019-06-06 21:12 - 2019-06-06 21:12 - 000000000 ____D C:\Users\TEMP.walter-PC.000
2019-06-06 21:12 - 2018-05-21 18:11 - 000000000 ____D C:\Users\TEMP.walter-PC.000\AppData\Roaming\IObit
2019-06-06 21:08 - 2019-06-06 21:08 - 000152312 _____ C:\Windows\Minidump\060619-24398-01.dmp
2019-06-06 20:55 - 2019-06-06 23:16 - 000000000 ____D C:\Users\walter\Desktop\Curso Banco
2019-06-06 16:59 - 2019-06-06 16:59 - 000000000 ____D C:\Users\NABLA.walter-PC\AppData\Roaming\AVAST Software
2019-06-06 16:55 - 2019-06-07 00:11 - 000000000 ____D C:\Users\NABLA.walter-PC\AppData\Local\Google
2019-06-06 16:55 - 2019-06-06 16:56 - 000000000 ____D C:\Users\NABLA.walter-PC\AppData\Local\Dropbox
2019-06-06 16:54 - 2019-06-06 16:55 - 000000000 ____D C:\Users\NABLA.walter-PC
2019-06-06 16:54 - 2019-06-06 16:54 - 000001367 _____ C:\Users\NABLA.walter-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-06-06 16:54 - 2019-06-06 16:54 - 000000282 __RSH C:\Users\NABLA.walter-PC\ntuser.pol
2019-06-06 16:54 - 2019-06-06 16:54 - 000000020 ___SH C:\Users\NABLA.walter-PC\ntuser.ini
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 _SHDL C:\Users\NABLA.walter-PC\Datos de programa
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 _SHDL C:\Users\NABLA.walter-PC\Configuración local
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 _SHDL C:\Users\NABLA.walter-PC\AppData\Local\Historial
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 _SHDL C:\Users\NABLA.walter-PC\AppData\Local\Datos de programa
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 _SHDL C:\Users\NABLA.walter-PC\AppData\Local\Archivos temporales de Internet
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 ____D C:\Users\NABLA.walter-PC\AppData\Roaming\Adobe
2019-06-06 16:54 - 2019-06-06 16:54 - 000000000 ____D C:\Users\NABLA.walter-PC\AppData\Local\VirtualStore
2019-06-06 16:54 - 2018-05-21 18:11 - 000000000 ____D C:\Users\NABLA.walter-PC\AppData\Roaming\IObit
2019-06-06 13:34 - 2019-06-06 13:34 - 000000000 ____D C:\Windows\system32\%LOCALAPPDATA%
2019-06-06 13:30 - 2019-06-06 13:30 - 000000000 ____D C:\Users\Nabla\Downloads\Andy
2019-06-06 13:30 - 2019-06-06 13:30 - 000000000 ____D C:\Users\Nabla\Downloads\A2A41B60D51F4C04BC94B4C94F7B6DC0.TMP
2019-06-06 13:30 - 2019-06-06 13:30 - 000000000 ____D C:\Users\Nabla\Downloads\.oracle_jre_usage
2019-06-06 13:30 - 2019-06-06 13:30 - 000000000 ____D C:\Users\Nabla\Downloads\.imagej
2019-06-06 13:30 - 2019-06-06 13:30 - 000000000 ____D C:\Users\Nabla\Downloads\.cache
2019-06-06 13:30 - 2019-06-06 13:30 - 000000000 ____D C:\Users\Nabla\Downloads\.android
2019-06-06 09:08 - 2019-06-06 09:08 - 001214184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-06-06 09:07 - 2019-06-06 09:07 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-05 17:35 - 2019-06-05 17:35 - 000000935 _____ C:\Users\Public\Desktop\Cool Edit Pro 2.1.lnk
2019-06-05 17:35 - 2019-06-05 17:35 - 000000935 _____ C:\ProgramData\Desktop\Cool Edit Pro 2.1.lnk
2019-06-05 09:32 - 2019-06-05 09:35 - 000073905 _____ C:\Users\Nabla\Desktop\Addition.txt
2019-06-05 09:31 - 2019-06-05 09:35 - 000083503 _____ C:\Users\Nabla\Desktop\FRST.txt
2019-06-05 09:30 - 2019-06-05 09:30 - 001770496 _____ C:\Users\Nabla\Downloads\FRST.exe
2019-06-05 09:28 - 2019-06-05 13:35 - 000000000 ____D C:\Users\Nabla\AppData\LocalLow\Mozilla
2019-06-05 09:27 - 2019-06-05 09:28 - 000000000 ____D C:\Users\Nabla\AppData\Roaming\Mozilla
2019-06-05 09:27 - 2019-06-05 09:27 - 000000000 ____D C:\Users\Nabla\AppData\Local\Mozilla
2019-06-05 09:21 - 2019-06-05 09:30 - 001770496 _____ C:\Users\Nabla\Desktop\FRST.exe
2019-06-05 00:32 - 2019-06-05 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-06-05 00:00 - 2019-05-21 13:11 - 001793536 _____ C:\Users\walter\Desktop\FRST.exe
2019-06-04 17:35 - 2019-06-06 20:51 - 000000000 ____D C:\Users\walter\Desktop\Libro
2019-06-04 14:59 - 2019-06-04 15:00 - 000000000 ____D C:\ProgramData\Mozilla
2019-06-04 08:11 - 2019-06-04 08:11 - 000043856 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-06-04 08:11 - 2019-06-04 08:11 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-06-04 08:11 - 2019-06-04 08:11 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-06-04 08:11 - 2019-06-04 08:11 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-06-03 23:34 - 2019-06-03 23:34 - 000000000 ____D C:\Users\Nabla\AppData\Roaming\AVAST Software
2019-06-03 23:34 - 2019-06-03 23:34 - 000000000 ____D C:\Users\Nabla\AppData\Local\CEF
2019-06-03 23:03 - 2019-06-02 19:19 - 000000032 _____ C:\Users\Nabla\CurrentSong.txt
2019-06-03 23:03 - 2019-05-25 23:20 - 098130888 _____ (PortableApps.com) C:\Users\Nabla\FirefoxPortable_67.0_English.paf.exe
2019-06-03 23:03 - 2019-05-25 10:08 - 078857952 _____ C:\Users\Nabla\firefox-portable-60-0-1.exe
2019-06-03 23:03 - 2019-04-16 23:19 - 000000218 _____ C:\Users\Nabla\.recently-used.xbel
2019-06-03 23:03 - 2018-12-05 20:54 - 000000000 _____ C:\Users\Nabla\pspp.jnl
2019-06-03 23:03 - 2018-10-05 17:54 - 000000011 _____ C:\Users\Nabla\setup04.ini
2019-06-03 23:03 - 2018-09-17 19:04 - 000000011 _____ C:\Users\Nabla\setup03.ini
2019-06-03 23:03 - 2018-04-10 21:36 - 000000115 _____ C:\Users\Nabla\.gtk-bookmarks
2019-06-03 23:03 - 2017-05-06 14:36 - 000019808 _____ C:\Users\Nabla\mbam-log-2017-05-06 (15-19-15).xml
2019-06-03 23:03 - 2017-03-25 21:47 - 047251456 _____ C:\Users\Nabla\Kentico10.mdf
2019-06-03 23:03 - 2017-03-25 21:47 - 010616832 _____ C:\Users\Nabla\Kentico10_log.ldf
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ___RD C:\Users\Nabla\OneDrive
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\licman
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\is-PBCQP.tmp
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\is-IJC90.tmp
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\Impostazioni locali
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\EREnt
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\DxReport
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\Downloads\opera autoupdate
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\Downloads\HTTP Directory
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\Downloads\eMule
2019-06-03 23:01 - 2019-06-02 00:31 - 005268845 _____ C:\Users\Nabla\Downloads\Cuestionator_2_3.rar
2019-06-03 23:01 - 2019-05-24 17:07 - 000006082 _____ C:\Users\Nabla\Downloads\Apache Tomcat _ 5.5.36 - Informe de error.htm
2019-06-03 23:01 - 2019-05-20 16:53 - 000386484 _____ C:\Users\Nabla\Downloads\Prueba de Probabilidades.pdf
2019-06-03 23:01 - 2019-05-20 16:52 - 000171549 _____ C:\Users\Nabla\Downloads\Prueba-N-1-Inecuaciones-4-A.pdf
2019-06-03 23:01 - 2019-05-20 16:52 - 000171549 _____ C:\Users\Nabla\Downloads\407190140-Prueba-N-1-Inecuaciones-4-A.pdf
2019-06-03 23:01 - 2019-05-20 16:51 - 000111634 _____ C:\Users\Nabla\Downloads\Guia-N-5-de-Racionales.pdf
2019-06-03 23:01 - 2019-05-20 16:50 - 001115451 _____ C:\Users\Nabla\Downloads\Prueba-N-1-Remedial-docx.pdf
2019-06-03 23:01 - 2019-05-20 16:49 - 000118189 _____ C:\Users\Nabla\Downloads\Prueba-de-Vectores-y-Ecuacion-Vectorial.pdf
2019-06-03 23:01 - 2019-05-20 16:48 - 000090200 _____ C:\Users\Nabla\Downloads\Guia-Funcion-Probabilidades-3-10.pdf
2019-06-03 23:01 - 2019-05-20 16:47 - 000085331 _____ C:\Users\Nabla\Downloads\Guia-Funcion-Probabilidades-1.pdf
2019-06-03 23:01 - 2019-05-20 16:45 - 000677166 _____ C:\Users\Nabla\Downloads\M1T07.pdf
2019-06-03 23:01 - 2019-05-14 00:09 - 011290946 _____ C:\Users\Nabla\Downloads\UCE8451_01.pdf
2019-06-03 23:01 - 2019-05-13 23:43 - 057200210 _____ C:\Users\Nabla\Downloads\Probabilidad-y-estadstica-isc.pdf
2019-06-03 23:01 - 2019-05-13 23:37 - 000980325 _____ C:\Users\Nabla\Downloads\M2T03.pdf
2019-06-03 23:00 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\Downloads\Descargas mayo
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 __SHD C:\Users\Nabla\Documents\Mis vídeos
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 __SHD C:\Users\Nabla\Documents\Mis imágenes
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 __SHD C:\Users\Nabla\Documents\Mi música
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Downloads\Cuestionator_2_3
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Downloads\Apache Tomcat _ 5.5.36 - Informe de error_files
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\Wolfram Mathematica
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\SWF Decompiler Intro
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\Plantillas personalizadas de Office
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\MEGAsync Downloads
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\Freemake
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\FlashDownloads
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Documents\Camtasia Studio
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Desktop\z macro
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Desktop\WinThrusterleiva
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Desktop\winthruster key
2019-06-03 23:00 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Desktop\VAC
2019-06-03 23:00 - 2019-06-02 08:05 - 028187322 _____ C:\Users\Nabla\Desktop\IN3401_material_docente_02-06-2019.zip
2019-06-03 23:00 - 2019-06-02 00:18 - 000001988 _____ C:\Users\Nabla\Desktop\Fixlog.txt
2019-06-03 23:00 - 2019-06-01 16:39 - 000000000 _____ C:\Users\Nabla\Desktop\Nuevo documento de texto.txt
2019-06-03 23:00 - 2019-06-01 16:22 - 004427240 _____ C:\Users\Nabla\Desktop\Windows-ISO-Downloader.exe
2019-06-03 23:00 - 2019-06-01 15:07 - 000000769 _____ C:\Users\Nabla\Desktop\Escritorio JUNIO.lnk
2019-06-03 23:00 - 2019-06-01 00:02 - 391417131 _____ C:\Users\Nabla\Documents\capture-1.trec
2019-06-03 23:00 - 2019-05-31 00:51 - 005726609 _____ C:\Users\Nabla\Desktop\fileshare_hp3.6.151.rar
2019-06-03 23:00 - 2019-05-27 23:49 - 002110064 _____ C:\Users\Nabla\Desktop\cuestionator-programas-gratis-net_0392601713.exe
2019-06-03 23:00 - 2019-05-24 20:58 - 000432336 _____ C:\Users\Nabla\Desktop\swf-catcher-3.0.zip
2019-06-03 23:00 - 2019-05-24 17:38 - 001151544 _____ C:\Users\Nabla\Desktop\ChromeSetup.exe
2019-06-03 23:00 - 2019-05-23 20:49 - 000000141 _____ C:\Users\Nabla\Desktop\Nuevo documento de texto (2).txt
2019-06-03 23:00 - 2019-05-22 23:58 - 063448936 _____ C:\Users\Nabla\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10710.exe
2019-06-03 23:00 - 2019-05-21 00:53 - 000063017 _____ C:\Users\Nabla\Documents\Untitled1.lst
2019-06-03 23:00 - 2019-05-20 23:54 - 000031744 _____ C:\Users\Nabla\Documents\Rescue.asd
2019-06-03 23:00 - 2019-05-20 21:39 - 000001006 _____ C:\Users\Nabla\Desktop\ZaraRadio.lnk
2019-06-03 23:00 - 2019-05-05 01:08 - 000001155 _____ C:\Users\Nabla\Desktop\cdbxpp.exe - Acceso directo.lnk
2019-06-03 23:00 - 2019-05-05 00:54 - 000000760 _____ C:\Users\Nabla\Desktop\Escritorio Mayo.lnk
2019-06-03 23:00 - 2019-04-27 23:42 - 000003072 ____H C:\Users\Nabla\Documents\photothumb.db
2019-06-03 23:00 - 2018-11-23 20:11 - 000399760 ____H C:\Users\Nabla\Desktop\~WRL0292.tmp
2019-06-03 23:00 - 2018-07-10 19:19 - 000087552 ___SH C:\Users\Nabla\Documents\Thumbs.db
2019-06-03 23:00 - 2018-01-27 17:19 - 000005120 ____H C:\Users\Nabla\Desktop\photothumb.db
2019-06-03 23:00 - 2014-04-06 20:27 - 003722496 _____ C:\Users\Nabla\Desktop\Portable Foxit PDF Editor 2.0.1011.exe
2019-06-03 22:58 - 2019-06-03 23:00 - 000000000 ____D C:\Users\Nabla\Desktop\RESUMEN
2019-06-03 22:58 - 2019-06-03 22:58 - 000000000 ____D C:\Users\Nabla\Desktop\reportes
2019-06-03 22:57 - 2019-06-03 22:58 - 000000000 ____D C:\Users\Nabla\Desktop\Propiedades
2019-06-03 22:57 - 2019-06-03 22:57 - 000000000 ____D C:\Users\Nabla\Desktop\Problemas
2019-06-03 22:57 - 2019-06-03 22:57 - 000000000 ____D C:\Users\Nabla\Desktop\otros
2019-06-03 22:57 - 2019-06-03 22:57 - 000000000 ____D C:\Users\Nabla\Desktop\Nueva carpeta (5)
2019-06-03 22:44 - 2019-06-03 22:55 - 000000000 ____D C:\Users\Nabla\Desktop\Nueva carpeta (4)
2019-06-03 22:44 - 2019-06-03 22:44 - 000000000 ____D C:\Users\Nabla\Desktop\Nueva carpeta (3)
2019-06-03 22:44 - 2019-06-03 22:44 - 000000000 ____D C:\Users\Nabla\Desktop\Nueva carpeta (2)
2019-06-03 22:42 - 2019-06-03 22:43 - 000000000 ____D C:\Users\Nabla\Desktop\Nueva carpeta
2019-06-03 22:42 - 2019-06-03 22:42 - 000000000 ____D C:\Users\Nabla\Desktop\ntdll
2019-06-03 22:42 - 2019-06-03 22:42 - 000000000 ____D C:\Users\Nabla\Desktop\no tocar
2019-06-03 22:42 - 2019-06-03 22:42 - 000000000 ____D C:\Users\Nabla\Desktop\mp3 auto
2019-06-03 22:42 - 2019-06-03 22:42 - 000000000 ____D C:\Users\Nabla\Desktop\Megitas
2019-06-03 22:41 - 2019-06-03 22:42 - 000000000 ____D C:\Users\Nabla\Desktop\limpiar final
2019-06-03 22:41 - 2019-06-03 22:41 - 000000000 ____D C:\Users\Nabla\Desktop\li04kydz.default-1490757013368
2019-06-03 22:41 - 2019-06-03 22:41 - 000000000 ____D C:\Users\Nabla\Desktop\Guias de Pre
2019-06-03 22:40 - 2019-06-03 22:41 - 000000000 ____D C:\Users\Nabla\Desktop\error
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Desktop\economia
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Desktop\Curso
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Desktop\CDBurnerXP-4.5.3.4746
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Desktop\Camila
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Desktop\4 medios
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Desktop\1 medio
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\Andy
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\A2A41B60D51F4C04BC94B4C94F7B6DC0.TMP
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\.oracle_jre_usage
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\.imagej
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\.cache
2019-06-03 22:40 - 2019-06-03 22:40 - 000000000 ____D C:\Users\Nabla\.android
2019-06-02 23:26 - 2019-06-02 23:27 - 000000000 ____D C:\Users\walter\AppData\Local\BitTorrentHelper
2019-06-02 00:36 - 2019-06-02 00:37 - 000013030 _____ C:\PDOXUSRS.NET
2019-06-02 00:36 - 2019-06-02 00:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evaluador
2019-06-02 00:35 - 2019-06-02 00:36 - 000000000 ____D C:\Evaluator
2019-06-02 00:35 - 2019-06-02 00:35 - 000000000 ____D C:\Users\walter\Downloads\Cuestionator_2_3
2019-06-02 00:35 - 2019-06-02 00:35 - 000000000 ____D C:\Program Files\Borland
2019-06-02 00:35 - 1998-02-06 21:37 - 000299520 _____ (InstallShield Corporation, Inc.) C:\Windows\uninst.exe
2019-06-02 00:31 - 2019-06-02 00:31 - 005268845 _____ C:\Users\walter\Downloads\Cuestionator_2_3.rar
2019-06-02 00:30 - 2019-06-02 00:30 - 000000000 ____D C:\Program Files\Common Files\Java
2019-06-02 00:29 - 2019-06-02 00:29 - 000000000 ____D C:\Program Files\Common Files\Oracle
2019-06-02 00:15 - 2015-07-09 13:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-06-02 00:15 - 2012-07-04 18:14 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2019-06-01 17:16 - 2019-06-01 17:16 - 000000000 ____D C:\Users\walter\A2A41B60D51F4C04BC94B4C94F7B6DC0.TMP
2019-06-01 15:07 - 2019-06-01 15:07 - 000000769 _____ C:\Users\walter\Desktop\Escritorio JUNIO.lnk
2019-06-01 14:03 - 2014-11-12 03:46 - 000354944 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2019-06-01 14:03 - 2007-02-01 08:43 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2019-06-01 00:02 - 2019-06-01 00:02 - 391417131 _____ C:\Users\walter\Documents\capture-1.trec
2019-05-30 21:56 - 2019-05-30 21:56 - 000000000 _____ C:\Users\walter\AppData\Local\BITE040.tmp
2019-05-27 23:12 - 2019-05-28 07:17 - 000000000 ____D C:\KVRT_Data
2019-05-27 22:22 - 2019-05-27 22:22 - 000311176 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-26 13:45 - 2014-04-06 20:27 - 003722496 _____ C:\Users\walter\Desktop\Portable Foxit PDF Editor 2.0.1011.exe
2019-05-25 23:46 - 2019-05-25 23:46 - 000000000 ____D C:\Users\walter\AppData\Local\ESET
2019-05-25 23:18 - 2019-05-25 23:20 - 098130888 _____ (PortableApps.com) C:\Users\walter\FirefoxPortable_67.0_English.paf.exe
2019-05-25 23:15 - 2019-05-25 23:15 - 000000000 ____D C:\Users\Nabla\AppData\Roaming\Sun
2019-05-25 23:15 - 2019-05-25 23:15 - 000000000 ____D C:\Users\Nabla\AppData\LocalLow\Sun
2019-05-25 23:10 - 2019-06-03 23:25 - 000000000 ____D C:\Users\Nabla\AppData\Local\Dropbox
2019-05-25 23:09 - 2019-06-03 23:03 - 000000000 ____D C:\Users\Nabla
2019-05-25 23:09 - 2019-05-25 23:09 - 000001367 _____ C:\Users\Nabla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-05-25 23:09 - 2019-05-25 23:09 - 000000282 __RSH C:\Users\Nabla\ntuser.pol
2019-05-25 23:09 - 2019-05-25 23:09 - 000000020 ___SH C:\Users\Nabla\ntuser.ini
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\Nabla\Datos de programa
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\Nabla\Configuración local
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\Nabla\AppData\Local\Historial
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\Nabla\AppData\Local\Datos de programa
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 _SHDL C:\Users\Nabla\AppData\Local\Archivos temporales de Internet
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 ____D C:\Users\Nabla\AppData\Roaming\Adobe
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 ____D C:\Users\Nabla\AppData\Local\VirtualStore
2019-05-25 23:09 - 2019-05-25 23:09 - 000000000 ____D C:\Users\Nabla\AppData\Local\Google
2019-05-25 23:09 - 2018-05-21 18:11 - 000000000 ____D C:\Users\Nabla\AppData\Roaming\IObit
2019-05-25 10:08 - 2019-05-25 10:08 - 078857952 _____ (PortableApps.com) C:\Users\walter\firefox-portable-60-0-1.exe
2019-05-24 22:47 - 2019-05-24 22:47 - 000000259 _____ C:\DelFix.txt
2019-05-24 22:47 - 2019-05-24 22:47 - 000000000 ____D C:\Windows\ERUNT
2019-05-24 21:58 - 2019-05-24 21:58 - 000000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2019-05-24 21:40 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Online Scanner 1.0
2019-05-24 21:40 - 2019-05-24 21:40 - 000000000 ____D C:\Users\walter\Documents\FlashDownloads
2019-05-24 21:40 - 2019-05-24 21:40 - 000000000 ____D C:\Program Files\ZGWSoft
2019-05-24 21:12 - 2019-05-24 21:12 - 000000000 ____D C:\Users\walter\Downloads\HTTP Directory
2019-05-24 21:00 - 2019-05-24 21:00 - 000673610 _____ () C:\Windows\unins001.exe
2019-05-24 21:00 - 2019-05-24 21:00 - 000001965 _____ C:\Windows\unins001.dat
2019-05-24 17:40 - 2019-05-24 17:40 - 000002169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-24 17:40 - 2019-05-24 17:40 - 000002169 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-05-24 17:07 - 2019-05-24 17:07 - 000006082 _____ C:\Users\walter\Downloads\Apache Tomcat _ 5.5.36 - Informe de error.htm
2019-05-24 17:07 - 2019-05-24 17:07 - 000000000 ____D C:\Users\walter\Downloads\Apache Tomcat _ 5.5.36 - Informe de error_files
2019-05-23 00:02 - 2019-05-23 00:02 - 000000000 ____D C:\Users\walter\AppData\Local\mbamtray
2019-05-23 00:02 - 2019-05-23 00:02 - 000000000 ____D C:\Users\walter\AppData\Local\mbam
2019-05-22 01:08 - 2019-05-25 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
2019-05-22 01:08 - 2019-05-23 00:26 - 000000000 ____D C:\Program Files\WinThruster
2019-05-21 23:06 - 2019-05-21 23:18 - 000000000 ____D C:\Users\walter\AppData\Roaming\WinThruster
2019-05-21 18:26 - 2019-05-23 00:26 - 000000000 ____D C:\Users\walter\AppData\Roaming\Solvusoft
2019-05-21 13:12 - 2019-06-07 00:10 - 000000000 ____D C:\FRST
2019-05-21 11:08 - 2019-05-21 11:08 - 000000000 __SHD C:\found.008
2019-05-21 00:53 - 2019-05-21 00:53 - 000063017 _____ C:\Users\walter\Documents\Untitled1.lst
2019-05-20 23:54 - 2019-05-20 23:54 - 000031744 _____ C:\Users\walter\Documents\Rescue.asd
2019-05-20 21:39 - 2019-05-20 21:39 - 000001006 _____ C:\Users\walter\Desktop\ZaraRadio.lnk
2019-05-20 18:40 - 2019-05-21 11:14 - 000000000 ____D C:\Users\TEMP.walter-PC\AppData\Roaming\IObit
2019-05-20 18:40 - 2019-05-21 11:14 - 000000000 ____D C:\Users\TEMP.walter-PC
2019-05-20 17:53 - 2019-05-20 17:53 - 000000000 ____D C:\Users\walter\Impostazioni locali
2019-05-20 16:53 - 2019-05-20 16:53 - 000386484 _____ C:\Users\walter\Downloads\Prueba de Probabilidades.pdf
2019-05-20 16:52 - 2019-05-20 16:52 - 000171549 _____ C:\Users\walter\Downloads\Prueba-N-1-Inecuaciones-4-A.pdf
2019-05-20 16:52 - 2019-05-20 16:52 - 000171549 _____ C:\Users\walter\Downloads\407190140-Prueba-N-1-Inecuaciones-4-A.pdf
2019-05-20 16:51 - 2019-05-20 16:51 - 000111634 _____ C:\Users\walter\Downloads\Guia-N-5-de-Racionales.pdf
2019-05-20 16:50 - 2019-05-20 16:50 - 001115451 _____ C:\Users\walter\Downloads\Prueba-N-1-Remedial-docx.pdf
2019-05-20 16:49 - 2019-05-20 16:49 - 000118189 _____ C:\Users\walter\Downloads\Prueba-de-Vectores-y-Ecuacion-Vectorial.pdf
2019-05-20 16:48 - 2019-05-20 16:48 - 000090200 _____ C:\Users\walter\Downloads\Guia-Funcion-Probabilidades-3-10.pdf
2019-05-20 16:47 - 2019-05-20 16:47 - 000085331 _____ C:\Users\walter\Downloads\Guia-Funcion-Probabilidades-1.pdf
2019-05-20 16:45 - 2019-05-20 16:45 - 000677166 _____ C:\Users\walter\Downloads\M1T07.pdf
2019-05-20 16:18 - 2019-05-20 16:18 - 000000000 ____D C:\Users\walter\AppData\Roaming\VOS
2019-05-19 17:32 - 2019-06-06 21:08 - 000000000 ____D C:\Windows\Minidump
2019-05-19 15:25 - 2019-05-19 15:25 - 000000000 ____D C:\Users\TEMP.walter-PC.003\AppData\Local\Google
2019-05-19 15:24 - 2019-05-19 15:29 - 000000000 ____D C:\Users\TEMP.walter-PC.003
2019-05-19 13:04 - 2019-05-19 13:04 - 000027951 _____ C:\ComboFix.txt
2019-05-19 06:22 - 2019-05-19 06:21 - 000000076 _____ C:\registro.bat
2019-05-18 17:30 - 2019-05-18 17:30 - 000001750 _____ C:\AiOLog.txt
2019-05-18 17:29 - 2019-05-19 06:29 - 000000000 ____D C:\Windows\system32\Adobe
2019-05-18 17:29 - 2019-05-18 17:30 - 000005380 _____ C:\Windows\unins000.dat
2019-05-18 17:29 - 2019-05-18 17:29 - 001207319 _____ C:\Windows\unins000.exe
2019-05-18 17:29 - 2017-04-01 20:44 - 003450616 _____ (Red Hat) C:\Windows\system32\cygwin1.dll
2019-05-18 17:29 - 2017-01-26 07:25 - 001265664 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libeay32.dll
2019-05-18 17:29 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\ssleay32.dll
2019-05-18 17:29 - 2017-01-26 07:25 - 000274944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\system32\libssl32.dll
2019-05-18 17:29 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2019-05-18 17:29 - 2014-01-31 03:14 - 001055676 _____ (Free Software Foundation) C:\Windows\system32\libiconv2.dll
2019-05-18 17:29 - 2014-01-25 14:30 - 000131072 _____ (Sereby Corporation) C:\Windows\system32\AiORuntimes.dll
2019-05-18 17:29 - 2012-06-14 15:36 - 000107520 _____ C:\Windows\system32\zlib1.dll
2019-05-18 17:29 - 2012-04-03 17:11 - 000138752 _____ C:\Windows\system32\libpng15.dll
2019-05-18 17:29 - 2011-10-12 04:09 - 004033440 _____ (Intel Corporation) C:\Windows\system32\libmmd.dll
2019-05-18 17:29 - 2010-06-27 18:44 - 000053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
2019-05-18 17:29 - 2010-03-18 21:21 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\msdia100.dll
2019-05-18 17:29 - 2008-08-26 07:40 - 000162304 _____ C:\Windows\system32\libpng13.dll
2019-05-18 17:29 - 2005-05-06 14:52 - 000103424 _____ (GNU <www.gnu.org>) C:\Windows\system32\libintl3.dll
2019-05-18 17:29 - 1994-11-17 14:00 - 000210944 _____ C:\Windows\system\msvcrt10.dll
2019-05-18 17:02 - 2019-06-02 00:25 - 000097144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2019-05-18 17:01 - 2019-06-02 00:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-05-18 17:00 - 2019-06-02 00:29 - 000000000 ____D C:\Program Files\Java
2019-05-18 16:49 - 2019-05-18 16:49 - 000000000 ____D C:\Users\walter\Documents\SWF Decompiler Intro
2019-05-18 16:46 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
2019-05-18 16:46 - 2019-05-18 16:46 - 000000000 ____D C:\Program Files\Common Files\SourceTec
2019-05-18 16:45 - 2019-05-18 16:45 - 000000000 ____D C:\Program Files\SourceTec
2019-05-18 15:08 - 2019-05-25 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
2019-05-18 15:08 - 2019-05-18 15:08 - 000000000 ____D C:\Program Files\StreamTransport
2019-05-18 15:08 - 2009-10-27 19:31 - 003982240 _____ (Adobe Systems, Inc.) C:\Windows\system32\Flash10d.ocx
2019-05-18 14:54 - 2019-05-18 14:55 - 000000000 ____D C:\Users\walter\AppData\Local\Movavi
2019-05-18 14:54 - 2019-05-18 14:54 - 000005104 _____ C:\ProgramData\ktqkcacn.tot
2019-05-18 14:54 - 2019-05-18 14:54 - 000000016 _____ C:\ProgramData\mntemp
2019-05-18 14:54 - 2019-05-18 14:54 - 000000000 ____D C:\Users\walter\AppData\Local\AgentInformer
2019-05-18 14:28 - 2019-05-18 14:28 - 000000000 ____D C:\Users\walter\Documents\MEGAsync Downloads
2019-05-18 13:04 - 2019-05-18 13:04 - 000000000 ____D C:\found.007
2019-05-18 12:58 - 2018-02-14 14:19 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2019-05-16 20:35 - 2019-05-30 23:54 - 000016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2019-05-14 00:05 - 2019-05-14 00:09 - 011290946 _____ C:\Users\walter\Downloads\UCE8451_01.pdf
2019-05-13 23:42 - 2019-05-13 23:43 - 057200210 _____ C:\Users\walter\Downloads\Probabilidad-y-estadstica-isc.pdf
2019-05-13 23:37 - 2019-05-13 23:37 - 000980325 _____ C:\Users\walter\Downloads\M2T03.pdf
2019-05-12 01:18 - 2019-05-26 00:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
2019-05-12 01:18 - 2019-05-26 00:15 - 000000000 ____D C:\Program Files\netcut
2019-05-12 01:18 - 2006-09-21 13:59 - 000389120 _____ () C:\Windows\system32\actskn43.ocx
2019-05-11 23:44 - 2019-05-11 23:44 - 000000000 ____D C:\Users\walter\Downloads\eMule
2019-05-11 19:21 - 2019-05-18 19:54 - 000000000 ____D C:\Users\walter\Downloads\opera autoupdate

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-06 23:59 - 2019-01-09 18:54 - 000000000 ____D C:\Users\walter\AppData\Local\CrashDumps
2019-06-06 22:50 - 2018-01-05 18:55 - 000000000 ____D C:\Users\walter\AppData\Roaming\AIMP
2019-06-06 21:40 - 2018-02-04 11:08 - 000000000 ____D C:\Users\walter\AppData\Roaming\uTorrent
2019-06-06 21:18 - 2009-07-14 00:34 - 000025248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-06 21:18 - 2009-07-14 00:34 - 000025248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-06 21:12 - 2018-12-05 20:57 - 000000000 ____D C:\Users\walter\AppData\Local\AVAST Software
2019-06-06 21:10 - 2018-08-26 12:50 - 000000000 ____D C:\Program Files\TeamViewer
2019-06-06 21:09 - 2018-01-04 00:05 - 008405015 _____ C:\Windows\hlktmp
2019-06-06 21:09 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-06 15:11 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf
2019-06-06 15:09 - 2016-09-23 19:04 - 000000000 ____D C:\ProgramData\Foxit Software
2019-06-06 15:09 - 2016-07-13 23:09 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-06-06 10:22 - 2018-12-23 21:57 - 000139352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-06 09:08 - 2018-01-08 20:33 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-05 17:36 - 2016-12-17 23:11 - 000000000 ____D C:\Program Files\coolpro2
2019-06-05 17:35 - 2018-10-30 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cool Edit Pro 2.1
2019-06-05 17:35 - 2009-07-13 22:04 - 000000690 _____ C:\Windows\win.ini
2019-06-05 17:35 - 2009-07-13 22:04 - 000000256 _____ C:\Windows\system.ini
2019-06-05 06:19 - 2016-11-01 21:20 - 000000000 ____D C:\Users\walter\AppData\Local\MEGAsync
2019-06-05 00:33 - 2016-07-18 20:21 - 000000000 ____D C:\Program Files\Dropbox
2019-06-04 15:01 - 2017-01-31 22:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-04 15:01 - 2016-11-10 16:59 - 000001087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-03 06:23 - 2018-12-23 21:57 - 000167568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-02 19:19 - 2018-01-21 19:44 - 000000032 _____ C:\Users\walter\CurrentSong.txt
2019-06-02 12:15 - 2016-11-05 19:23 - 000000000 ____D C:\Users\walter\AppData\Roaming\vlc
2019-06-02 08:22 - 2018-04-15 13:22 - 000000000 ____D C:\Users\walter\AppData\Local\ElevatedDiagnostics
2019-06-01 17:16 - 2016-07-13 22:53 - 000000000 ____D C:\Users\walter
2019-06-01 14:02 - 2016-07-14 17:23 - 000000000 ____D C:\ProgramData\Package Cache
2019-06-01 00:05 - 2019-01-30 23:42 - 000000000 ____D C:\Users\walter\Documents\Camtasia Studio
2019-05-30 22:03 - 2018-12-23 21:57 - 000312248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-28 19:50 - 2017-01-22 16:34 - 000000000 ____D C:\oo
2019-05-27 22:22 - 2019-02-19 16:18 - 000214736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-27 22:22 - 2019-01-17 10:00 - 000225608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-27 22:22 - 2019-01-17 09:59 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-27 22:22 - 2019-01-17 09:59 - 000056296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-27 22:22 - 2019-01-17 09:59 - 000034488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000783024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000403680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000173232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000100984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000072800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-27 22:22 - 2018-12-23 21:57 - 000040688 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-27 14:16 - 2018-09-19 14:22 - 000000000 ____D C:\Users\walter\AppData\Local\WallpaperSuite
2019-05-26 20:24 - 2011-04-11 21:30 - 000755032 _____ C:\Windows\system32\perfh00A.dat
2019-05-26 20:24 - 2011-04-11 21:30 - 000161608 _____ C:\Windows\system32\perfc00A.dat
2019-05-26 20:24 - 2010-11-20 17:01 - 001695218 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-26 00:17 - 2017-03-13 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Password Remover v3.1
2019-05-26 00:17 - 2017-03-13 22:35 - 000000000 ____D C:\Program Files\PDF Password Remover v3.1
2019-05-26 00:14 - 2018-06-02 20:21 - 000000000 ____D C:\Program Files\KMSpico
2019-05-26 00:13 - 2018-06-02 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-05-26 00:10 - 2017-04-22 18:04 - 000000000 ____D C:\Program Files\Free Sound Recorder
2019-05-25 10:08 - 2016-07-14 00:47 - 000000000 ____D C:\Program Files\CCleaner
2019-05-25 09:54 - 2019-01-27 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sparkol VideoScribe
2019-05-25 09:54 - 2019-01-09 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2019-05-25 09:54 - 2018-11-24 17:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica 11.2
2019-05-25 09:54 - 2018-11-24 01:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-05-25 09:54 - 2018-03-04 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Recovery
2019-05-25 09:54 - 2018-02-18 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Doctor
2019-05-25 09:54 - 2018-01-16 22:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinBoard 4.8.0
2019-05-25 09:54 - 2018-01-05 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Video Converter
2019-05-25 09:54 - 2018-01-02 21:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2019-05-25 09:54 - 2017-12-30 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
2019-05-25 09:54 - 2017-05-13 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2019-05-25 09:54 - 2017-04-22 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2019-05-25 09:54 - 2017-01-13 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyExtender
2019-05-25 09:54 - 2016-12-24 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audiograbber
2019-05-25 09:54 - 2016-10-21 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual MP3 Splitter & Joiner
2019-05-25 09:54 - 2016-08-27 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lupas Rename 2000
2019-05-25 09:54 - 2016-07-19 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica
2019-05-25 09:52 - 2016-10-31 12:57 - 000000000 ____D C:\Users\Max Ram
2019-05-25 09:51 - 2019-04-13 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2019-05-25 09:51 - 2019-04-09 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebCopier
2019-05-25 09:51 - 2019-04-05 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.5
2019-05-25 09:51 - 2019-01-27 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoScribe
2019-05-25 09:51 - 2019-01-25 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoolUtils
2019-05-25 09:51 - 2019-01-22 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2019-05-25 09:51 - 2019-01-18 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HAZARES
2019-05-25 09:51 - 2019-01-08 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Word
2019-05-25 09:51 - 2019-01-08 15:16 - 000000000 ____D C:\Users\walter\AppData\Roaming\IDM
2019-05-25 09:51 - 2019-01-01 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Enterprise
2019-05-25 09:51 - 2018-12-23 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-05-25 09:51 - 2018-12-21 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover
2019-05-25 09:51 - 2018-12-08 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2019-05-25 09:51 - 2018-12-05 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPP
2019-05-25 09:51 - 2018-12-05 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2019-05-25 09:51 - 2018-12-04 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2019-05-25 09:51 - 2018-11-08 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Francisko Parejo, Software
2019-05-25 09:51 - 2018-10-21 22:46 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-25 09:51 - 2018-10-14 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZaraRadio
2019-05-25 09:51 - 2018-09-06 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Card Reader Windows 7 Patch
2019-05-25 09:51 - 2018-09-06 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-05-25 09:51 - 2018-09-05 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific Notebook 5.5
2019-05-25 09:51 - 2018-08-18 23:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MathType 7
2019-05-25 09:51 - 2018-08-05 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific WorkPlace 5.5
2019-05-25 09:51 - 2018-07-18 23:31 - 000000000 ____D C:\Users\walter\AppData\Local\Math_Editor_MV
2019-05-25 09:51 - 2018-07-18 23:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Math Editor
2019-05-25 09:51 - 2018-05-17 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZOOK MBOX to PDF Converter
2019-05-25 09:51 - 2018-05-17 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turgs MBOX Wizard
2019-05-25 09:51 - 2018-04-28 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2019-05-25 09:51 - 2018-03-30 01:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2019-05-25 09:51 - 2018-03-24 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-05-25 09:51 - 2018-03-24 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2019-05-25 09:51 - 2018-03-06 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyotek WebCopy
2019-05-25 09:51 - 2018-03-04 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
2019-05-25 09:51 - 2018-02-28 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ENFUNS Updater
2019-05-25 09:51 - 2018-02-25 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-05-25 09:51 - 2018-02-25 22:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer
2019-05-25 09:51 - 2018-02-25 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2019-05-25 09:51 - 2018-02-03 00:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink
2019-05-25 09:51 - 2018-02-02 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD2one V2
2019-05-25 09:51 - 2018-01-31 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remove Empty Directories
2019-05-25 09:51 - 2018-01-25 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2019-05-25 09:51 - 2018-01-24 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMP Font Viewer
2019-05-25 09:51 - 2018-01-11 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainbow Folders
2019-05-25 09:51 - 2018-01-06 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICC for Windows
2019-05-25 09:51 - 2018-01-05 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2019-05-25 09:51 - 2018-01-02 21:39 - 000000000 ____D C:\Program Files\Resource Hacker
2019-05-25 09:51 - 2017-12-15 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2019-05-25 09:51 - 2017-06-03 12:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-05-25 09:51 - 2017-05-08 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Video Downloader
2019-05-25 09:51 - 2017-05-06 18:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2019-05-25 09:51 - 2017-04-22 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Sound Recorder
2019-05-25 09:51 - 2017-04-04 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FindThatWord
2019-05-25 09:51 - 2017-03-25 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kentico 10.0
2019-05-25 09:51 - 2017-03-24 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-05-25 09:51 - 2017-03-23 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capturador de Links
2019-05-25 09:51 - 2017-03-09 22:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batch Picture Resizer
2019-05-25 09:51 - 2017-02-28 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2019-05-25 09:51 - 2017-02-19 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Pro
2019-05-25 09:51 - 2017-02-19 15:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridMove
2019-05-25 09:51 - 2017-02-13 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2019-05-25 09:51 - 2017-01-17 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VBA Password Recovery Lastic
2019-05-25 09:51 - 2017-01-12 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2019-05-25 09:51 - 2017-01-02 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2019-05-25 09:51 - 2016-11-08 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IHMC Concept Map Tools
2019-05-25 09:51 - 2016-11-05 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2019-05-25 09:51 - 2016-10-06 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VaxaSoftware
2019-05-25 09:51 - 2016-09-29 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2019-05-25 09:51 - 2016-09-24 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-05-25 09:51 - 2016-09-23 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2019-05-25 09:51 - 2016-09-08 22:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Join Multiple DjVu Files Into One Software
2019-05-25 09:51 - 2016-08-22 20:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery - Home
2019-05-25 09:51 - 2016-08-01 22:12 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2019-05-25 09:51 - 2016-07-29 22:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoCAM Messenger
2019-05-25 09:51 - 2016-07-27 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teleport Pro
2019-05-25 09:51 - 2016-07-26 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-05-25 09:51 - 2016-07-20 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock CursorXP
2019-05-25 09:51 - 2016-07-20 00:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Magnifying Glass
2019-05-25 09:51 - 2016-07-19 23:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
2019-05-25 09:51 - 2016-07-19 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
2019-05-25 09:51 - 2016-07-18 22:55 - 000000000 ____D C:\Users\walter\AppData\Local\Google
2019-05-25 09:51 - 2016-07-14 00:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-05-25 09:51 - 2016-07-14 00:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-05-25 09:51 - 2009-07-14 00:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-05-25 09:51 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\registration
2019-05-25 09:50 - 2017-05-07 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2019-05-25 09:50 - 2016-07-18 22:55 - 000000000 ____D C:\Program Files\Google
2019-05-24 22:34 - 2016-08-15 18:30 - 000000000 ____D C:\Program Files\Adobe
2019-05-24 22:33 - 2011-04-11 21:39 - 000000000 ____D C:\Windows\ShellNew
2019-05-24 22:26 - 2018-03-30 02:19 - 000000000 ____D C:\Users\walter\AppData\Local\Nero
2019-05-24 22:26 - 2018-03-30 02:14 - 000000000 ____D C:\Program Files\Nero
2019-05-24 22:17 - 2016-07-17 02:36 - 000000000 ____D C:\Program Files\IObit
2019-05-24 22:16 - 2016-07-17 02:36 - 000000000 ____D C:\Users\walter\AppData\Roaming\IObit
2019-05-24 22:16 - 2016-07-17 02:36 - 000000000 ____D C:\ProgramData\IObit
2019-05-24 17:40 - 2019-03-17 16:34 - 000002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-21 21:07 - 2018-03-24 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2019-05-20 23:53 - 2016-07-17 02:21 - 000000000 ____D C:\Users\walter\AppData\Roaming\Thinstall
2019-05-19 13:04 - 2016-08-07 20:20 - 000000000 ____D C:\Qoobox
2019-05-19 00:56 - 2018-08-31 13:43 - 000000000 ____D C:\Users\walter\AppData\Local\Opera Software
2019-05-19 00:56 - 2018-08-31 13:42 - 000000000 ____D C:\Users\walter\AppData\Roaming\Opera Software
2019-05-19 00:45 - 2017-01-09 21:32 - 000000000 ____D C:\Windows\pss
2019-05-19 00:45 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Msdtc
2019-05-18 20:05 - 2018-09-11 20:15 - 000000000 ____D C:\Windows\{250C4DEB-CBB8-4CDE-B145-19501A8C92C0}
2019-05-18 20:05 - 2018-09-03 04:55 - 000000000 ____D C:\Windows\{D74B6370-D583-4762-BAD4-1B952A92363E}
2019-05-18 20:05 - 2018-08-25 13:00 - 000000000 ____D C:\Windows\{DAFF9106-893A-4EDF-BE3E-71D72BF9F4CE}
2019-05-18 20:05 - 2018-08-24 01:04 - 000000000 ____D C:\Windows\{ADF9326E-1B4A-4F13-8D05-D1A4A787157D}
2019-05-18 20:05 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\Help
2019-05-18 20:04 - 2017-01-13 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2016
2019-05-18 17:29 - 2016-07-30 18:21 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-18 17:29 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system
2019-05-18 17:28 - 2016-07-30 18:21 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2019-05-18 17:28 - 2016-07-30 18:21 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2019-05-18 13:34 - 2009-07-13 22:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-18 13:32 - 2017-01-11 08:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-05-18 00:14 - 2019-01-29 23:27 - 000000000 ____D C:\Users\walter\AppData\Roaming\WordKutools
2019-05-17 22:39 - 2018-01-29 20:04 - 000000000 ____D C:\Users\walter\AppData\Roaming\Psiphon3
2019-05-14 00:22 - 2017-07-23 20:42 - 000000000 _____ C:\Windows\system32\last.dump
2019-05-11 20:04 - 2017-02-19 22:35 - 000000000 ____D C:\Users\walter\AppData\Local\MSfree Inc
2019-05-11 19:01 - 2019-01-08 16:18 - 000002097 _____ C:\Users\walter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk

==================== Files in the root of some directories =======

2018-07-18 20:52 - 2018-07-28 17:26 - 000000262 _____ () C:\ProgramData\fontcacheev1.dat
2018-08-24 23:46 - 2018-09-06 22:08 - 000000004 _____ () C:\ProgramData\lock.dat
2019-06-03 23:03 - 2019-05-25 10:08 - 078857952 _____ () C:\Users\Nabla\firefox-portable-60-0-1.exe
2019-06-03 23:03 - 2019-05-25 23:20 - 098130888 _____ (PortableApps.com) C:\Users\Nabla\FirefoxPortable_67.0_English.paf.exe
2019-05-25 10:08 - 2019-05-25 10:08 - 078857952 _____ (PortableApps.com) C:\Users\walter\firefox-portable-60-0-1.exe
2019-05-25 23:18 - 2019-05-25 23:20 - 098130888 _____ (PortableApps.com) C:\Users\walter\FirefoxPortable_67.0_English.paf.exe

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-06-02 01:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-06-2019
Ran by NABLA (07-06-2019 00:12:44)
Running from C:\Users\NABLA.walter-PC\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2016-07-14 02:53:35)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3193159865-2815699795-1142240979-500 - Administrator - Disabled)
Invitado (S-1-5-21-3193159865-2815699795-1142240979-501 - Limited - Enabled) => C:\Users\TEMP.walter-PC.000
NABLA (S-1-5-21-3193159865-2815699795-1142240979-1013 - Administrator - Enabled) => C:\Users\NABLA.walter-PC
UpdatusUser (S-1-5-21-3193159865-2815699795-1142240979-1001 - Limited - Enabled) => C:\Users\TEMP.walter-PC.000
walter (S-1-5-21-3193159865-2815699795-1142240979-1000 - Administrator - Enabled) => C:\Users\walter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activador Windows 7 (HKLM\...\Activador Windows 7) (Version:  - )
Actualización de NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM\...\{3BD13111-2F32-4AB7-B9BB-16E07C9AA894}) (Version: 12.3.4.204 - Adobe Systems, Inc)
Advanced RAR Repair v1.2 (HKLM\...\Advanced RAR Repair v1.2) (Version:  - )
AIMP (HKLM\...\AIMP) (Version: v4.50.2058, 27.12.2017 - AIMP DevTeam)
AirDroid 3.3.5.3 (HKLM\...\AirDroid) (Version: 3.3.5.3 - Sand Studio)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
AMP Font Viewer (HKLM\...\AMP Font Viewer) (Version:  - )
AnyTrans (HKLM\...\AnyTrans) (Version: 6.3.3.0 - iMobie Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Batch Picture Resizer 7.2 (HKLM\...\Batch Picture Resizer_is1) (Version: 7.2 - SoftOrbits)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation)
Capturador de Links versión 2.0 creada por Luciano Aibar (HKLM\...\Capturador de Links_is1) (Version: 2.0 creada por Luciano Aibar - )
Card Reader Patch 1.0 for Windows 7 (HKLM\...\Card Reader Windows 7 Patch_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
Compatibilidad con Aplicaciones de Apple (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Cool Edit Pro 2.1 (HKLM\...\Cool Edit Pro 2.1) (Version:  - )
Cuestionator (HKLM\...\Cuestionator) (Version:  - )
Cyotek WebCopy version 1.3.0.405 (HKLM\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.3.0.405 - Cyotek Ltd)
Descargador de Video de Apowersoft V6.2.4 (HKLM\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.4 - APOWERSOFT LIMITED)
DFX (HKLM\...\DFX) (Version: 12.023.0.0 - Power Technology)
DGE-560T Gigabit PCI Express Ethernet Adapter (HKLM\...\{6E01C07D-A44B-406E-A0DC-DEF62181E6E7}) (Version: 7.47.706.2011 - D-Link)
Diagnóstico de impresoras Samsung (HKLM\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Direct Video Downloader version 2.12 (HKLM\...\{5FB07C70-45DA-45C9-AAD3-F805D4C463D5}_is1) (Version: 2.12 - Major Share, MajorShare.com)
D-Link DFE-520TX (HKLM\...\{9629C9A1-74F7-4DD0-B99B-9066925E63F8}) (Version:  - D-Link) Hidden
D-Link DFE-520TX (HKLM\...\InstallShield_{9629C9A1-74F7-4DD0-B99B-9066925E63F8}) (Version:  - D-Link)
D-Link DFE-530TX+ (HKLM\...\{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}) (Version:  - D-Link) Hidden
D-Link DFE-530TX+ (HKLM\...\InstallShield_{2D6A5BD9-FE4B-49CD-8D96-2C4746302A82}) (Version:  - D-Link)
Driver Easy 5.6.5 (HKLM\...\DriverEasy_is1) (Version: 5.6.5 - Easeware)
Dropbox (HKLM\...\Dropbox) (Version: 74.4.115 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Duplicate Cleaner Pro 4.0.4 (HKLM\...\Duplicate Cleaner Pro) (Version: 4.0.4 - DigitalVolcano Software Ltd)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink Instal)
DVD2one V2.4.2 (HKLM\...\DVD2one V2) (Version: 2.4.2 - Eximius B.V.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EaseUS Partition Master 12.5 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FindThatWord 0.1 (HKLM\...\{1409F1B5-726C-47D5-9642-A6B4716E2823}_is1) (Version:  - Jonny and Ieuan Jones)
Flash Online Scanner 1.0 (HKLM\...\Flash Online Scanner_is1) (Version:  - ZGW Software, Inc.)
FLOW3D Version 9.3.2 (HKLM\...\{28D7F279-2398-489E-87A9-D03AAAE8ADDA}) (Version: 9.3.2 - Flow Science, Inc.) Hidden
FLOW3D Version 9.3.2 (HKLM\...\InstallShield_{28D7F279-2398-489E-87A9-D03AAAE8ADDA}) (Version: 9.3.2 - Flow Science, Inc.)
Folder Size 3.4.0.0 (HKLM\...\{2DFA85ED-588F-4CE3-A175-29E52C3804A8}_is1) (Version: 3.4.0.0 - MindGems, Inc.)
FormatFactory 3.8.0.0 (HKLM\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Foxit PDF Preview Handler (HKLM\...\{6FE22909-D0D6-4111-ABCE-7F8D986C4A2A}) (Version: 1.0.0 - Tim Heuer)
Foxit PhantomPDF Business (HKLM\...\{4699E810-3A23-11E6-97B8-000C2992F709}) (Version: 8.0.0.624 - Foxit Software Inc.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.4.1.16828 - Foxit Software Inc.)
Free Sound Recorder v10.8.8 (HKLM\...\Free Sound Recorder_is1) (Version:  - Copyright(C) 2005-2015 FreeSoundRecorder Technologies, Inc.)
Free Video to DVD Converter (HKLM\...\Free Video to DVD Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
GeoGebra 5 (HKLM\...\GeoGebra 5) (Version: 5.0.341.0 - International GeoGebra Institute)
Glary Utilities PRO 5.79 (HKLM\...\Glary Utilities 5) (Version: 5.79.0.100 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GridinSoft Anti-Malware (HKLM\...\GridinSoft Anti-Malware) (Version: 3.1.29 - GridinSoft LLC)
GridMove V1.19.57 (HKLM\...\GridMove_is1) (Version:  - DonationCoder.com)
HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - )
HAZARES (HKLM\...\ST6UNST #1) (Version:  - )
HidenGate (HKLM\...\{6AE85624-C2DA-4547-B0EF-8B424A03252B}_is1) (Version: 1.0.0.5 - DLTG)
HiSuite (HKLM\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
ICC for Windows 1.0 beta 9.8.10 (HKLM\...\{CFF71C5A-D887-429C-A1F6-FD395C1823E8}_is1) (Version: 1.0 - Internet Chess Club, Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6099.6 - IDT)
iExplorer 3.7.5.1 (HKLM\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
IHMC Concept Map Tools 2.9.1 - walter (HKLM\...\IHMC Concept Map Tools 2.9.1 - walter) (Version:  - )
IIS 8.0 Express (HKLM\...\{B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC}) (Version: 8.0.1557 - Microsoft Corporation)
Java 8 Update 211 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Join Multiple DjVu Files Into One Software (HKLM\...\Join Multiple DjVu Files Into One Software_is1) (Version:  - Sobolsoft)
JPEG Recovery Pro 5.0 (HKLM\...\JPEG Recovery Pro5.0) (Version: 5.0 - e.World Technology Limited)
KeyExtender 3.99 (HKLM\...\KeyExtender_is1) (Version:  - EasySoft)
K-Lite Codec Pack 14.5.2 Full (HKLM\...\KLiteCodecPack_is1) (Version: 14.5.2 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
Kutools for Word versión 8.9.0 (HKLM\...\{E9A0AD37-5BA2-4E60-85F1-8B785CF2FBF5}_is1) (Version: 8.9.0 - ExtendOffice)
Lupas Rename 2000 v5.0 Release (HKLM\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
Math Editor version 1.0.6.6 (HKLM\...\{1250D241-20C3-40C9-BBA8-6D537A8021FA}_is1) (Version: 1.0.6.6 - MathiVersity)
MathType 7 (HKLM\...\DSMT7) (Version: 7.1.2 - WIRIS)
Max Recorder (HKLM\...\Max Recorder) (Version: 2.006.0.0 - Silver Vine, LLC)
MEGAsync (HKLM\...\MEGAsync) (Version:  - Mega Limited)
Merlín Generador de Ejercicios (HKLM\...\Merlín Generador de Ejercicios_is1) (Version:  - )
Microsoft .NET Framework 4.7 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{10C4E843-C226-3FDF-9DD6-F4E3275E734D}) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{F95C77E7-7194-4EAF-AB58-1E270838ED0C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{DEDD3877-0BDD-4A02-A50B-FCB8E540D308}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.21.27702 (HKLM\...\{49697869-be8e-427d-81a0-c334d1d14950}) (Version: 14.21.27702.2 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version:  - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mozilla Firefox 67.0.1 (x86 es-ES) (HKLM\...\Mozilla Firefox 67.0.1 (x86 es-ES)) (Version: 67.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.1 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NetCut 2.1.4 (HKLM\...\NetCut_is1) (Version:  - arcai.com)
NVIDIA Controlador de audio HD 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ontrack EasyRecovery Enterprise (HKLM\...\{AE695CA4-8847-4462-98CC-023874D29E72}_is1) (Version: 11.5.0.0 - Kroll Ontrack Inc.)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Panel de control de NVIDIA 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 309.08 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - IDT MEDIA  (11/27/2008 5.10.6099.8) (HKLM\...\7196607E1A8892CB0B39A0ADD6D36FAC68564EFF) (Version: 11/27/2008 5.10.6099.8 - IDT)
Paquete de controladores de Windows - Microsoft (msisadrv) System  (06/21/2006 6.1.7600.16385) (HKLM\...\F7107071B470B397C7CF356FEFEA5750761B2484) (Version: 06/21/2006 6.1.7600.16385 - Microsoft)
Paquete de controladores de Windows - NVIDIA (NVNET) Net  (10/30/2009 73.1.9.1) (HKLM\...\F8F98893BBD0749D6052A2993F0180943FB5E5C3) (Version: 10/30/2009 73.1.9.1 - NVIDIA)
Paquete de controladores de Windows - Ralink Corporation (BlueletAudio) MEDIA  (12/19/2012 9.2.1.0002) (HKLM\...\D32C584A1BE4E34101249FD90E0D04E489A0A05D) (Version: 12/19/2012 9.2.1.0002 - Ralink Corporation)
PDF Password Remover v3.1 (HKLM\...\PDF Password Remover v3.1_is1) (Version:  - VeryPDF.com Inc)
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
Picture Doctor 3.1 (HKLM\...\Picture Doctor_is1) (Version: 3.1 - SoftOrbits)
PSPP (HKLM\...\PSPP) (Version: 0.10.1 - Free Software Foundation, Inc.)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
R for Windows 3.5.0 (HKLM\...\R for Windows 3.5.0_is1) (Version: 3.5.0 - R Core Team)
Rainbow Folders (HKLM\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski)
RAR Password Recovery v1.1 RC16 (remove only) (HKLM\...\Intelore - RAR Password Recovery) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Remo Recover (HKLM\...\{993DAF7C-A5F8-42EA-81D4-DAE3C9D2D1F7}_is1) (Version: 3.0.0.113 - Remo Software)
Remove Empty Directories version 2.2 (HKLM\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Resource Hacker Version 4.5.30 (HKLM\...\ResourceHacker_is1) (Version:  - )
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version:  - Punk Software)
Rybka 4 (HKLM\...\{9CAF9762-B107-4E7B-A459-68F083298C58}) (Version: 12.0.0 - ChessBase) Hidden
Rybka 4 (HKLM\...\{F9683839-1A7F-4874-91B7-64CDF4AC4679}) (Version: 12.0.0 - ChessBase)
Samsung ML-2160 Series (HKLM\...\Samsung ML-2160 Series) (Version: 1.26 (16-08-2017) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 XPS (HKLM\...\Samsung Universal Print Driver 2 XPS) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
Scientific Notebook 5.5 (HKLM\...\{E066DE16-50F3-4A8C-953C-E67118894B2F}) (Version: 5.50 - MacKichan Software)
Sothink SWF Catcher for Internet Explorer (HKLM\...\{7FC84AD6-D939-41A0-A3DF-FB9B511FF275}_is1) (Version: 3.0 - SourceTec Software Co., LTD)
Sothink SWF Decompiler (HKLM\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sparkol VideoScribe (HKLM\...\{0998FB32-1208-49AC-A8C8-2B462FE040EF}) (Version: 2.3.2002 - Sparkol) Hidden
Sparkol VideoScribe (HKLM\...\Sparkol VideoScribe 2.3.2002) (Version: 2.3.2002 - Sparkol)
Stellar Phoenix Windows Data Recovery - Home (HKLM\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 6.0.0.1 - Stellar Information Technology Pvt Ltd)
StreamTransport version: 1.0.2.1700 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Syncios Data Transfer 1.6.5 (HKLM\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.6.5 - Anvsoft, Inc.)
System Mechanic (HKLM\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 18.0.2.486 - iolo technologies, LLC)
TeamViewer 14 (HKLM\...\TeamViewer) (Version: 14.2.2558 - TeamViewer)
Teleport Pro (HKLM\...\Teleport Pro) (Version: 1.70 - Tennyson Maxwell Information Systems, Inc.)
TL-WN725N_WN723N Controlador (HKLM\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.21a - Ghisler Software GmbH)
Total Video Converter 3.61 100319 (HKLM\...\Total Video Converter 3.61_is1) (Version:  - EffectMatrix Inc.)
TotalAudioConverter (HKLM\...\Total Audio Converter_is1) (Version: 5.1 - Softplicity, Inc.)
Turgs MBOX Wizard (HKLM\...\Turgs MBOX Wizard_is1) (Version:  - Turgs)
United States (English and Talossan) (HKLM\...\{630CB9BF-D268-4270-B6C9-4C0D5330E4E2}) (Version: 1.0.3.40 - keyboards.jargon-file.org)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VBA Password Recovery Lastic 1.2 (HKLM\...\VBA Password Recovery Lastic_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vector Magic (HKLM\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VideoCAM Messenger (HKLM\...\{57383270-6F61-4DC8-A9B8-C1745FC29F38}) (Version: 4.21.0.000 - KYE)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual MP3 Splitter & Joiner 9.1 (HKLM\...\Visual MP3 Splitter & Joiner_is1) (Version:  - ManiacTools.com)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WebCopier 5.3 (HKLM\...\{0C72BD21-2BBB-43E6-8EEB-C8BE42FE90E5}_is1) (Version:  - MaximumSoft Corp.)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
WinHTTrack Website Copier 3.48-22 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
WinRAR 5.70 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wolfram Extras 10.4 (5514075) (HKLM\...\A-WIN-Extras 10.4.1 5514075_is1) (Version: 10.4.1 - Wolfram Research, Inc.)
Wolfram Mathematica 10.4 (M-WIN-L 10.4.1 5514214) (HKLM\...\M-WIN-L 10.4.1 5514214_is1) (Version: 10.4.1 - Wolfram Research, Inc.)
Wolfram Mathematica 11.2 (M-WIN-L 11.2.0 5822651) (HKLM\...\M-WIN-L 11.2.0 5822651_is1) (Version: 11.2.0 - Wolfram Research, Inc.)
WolframScript (A-WIN32-WolframScript 11.2.0 2017091001) (HKLM\...\{90D12C2B-666B-422D-91CF-531112BA0823}) (Version: 11.2.44 - Wolfram Research, Inc.)
Wondershare Data Recovery(Build 6.0.1.9) (HKLM\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 6.0.1.9 - Wondershare Software Co.,Ltd.)
Wondershare Helper Compact 2.5.2 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
ZaraRadio 1.6.2 (HKLM\...\ZaraRadio_is1) (Version:  - ZaraSoft)
ZOOK MBOX to PDF Converter (HKLM\...\ZOOK MBOX to PDF Converter_is1) (Version:  - ZOOK)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation -> EldoS Corporation)
ShellServiceObjects: Virtual Storage Mount Notification -> {5FF49FE8-B332-4CB9-B102-FB6951629E55} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation -> EldoS Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2018-01-05] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x86.dll [2016-06-17] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\Phoenix360\System Mechanic\x86\Incinerator.dll [2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-06-05] (Access Denied)  [File not signed]
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Program Files\CoolUtils\TotalAudioConverter\axTotalConverter.dll [2015-01-28] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-06-05] (Access Denied)  [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} =>  -> No File
ContextMenuHandlers3: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes) [File not signed]
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-06-05] (Access Denied)  [File not signed]
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2018-01-05] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files\Phoenix360\System Mechanic\x86\Incinerator.dll [2018-09-28] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\walter\AppData\Local\MEGAsync\ShellExtX32.dll [2019-06-05] (Access Denied)  [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2016-10-25] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2018-12-25] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files\Glary Utilities 5\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [GridinSoft Anti-Malware] -> {F77F27A6-89F3-471A-AFA8-3B280940A10C} => C:\Program Files\GridinSoft Anti-Malware\shellext.dll [2017-06-08] () [File not signed]
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-04] () [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-01-25 22:25 - 2015-01-28 05:19 - 002426880 _____ () [File not signed] C:\Program Files\CoolUtils\TotalAudioConverter\axTotalConverter.dll
2017-06-08 10:14 - 2017-06-08 10:14 - 001095680 ____N () [File not signed] C:\Program Files\GridinSoft Anti-Malware\shellext.dll
2010-07-04 17:32 - 2010-07-04 17:32 - 000010752 _____ () [File not signed] C:\Program Files\Unlocker\UnlockerCOM.dll
2016-11-05 11:01 - 2016-11-05 11:01 - 000184320 _____ () [File not signed] C:\Windows\W7FBC\dll.dll
2019-06-07 00:11 - 2019-06-07 00:11 - 000397312 _____ (ESET) [File not signed] c:\users\nabla.walter-pc\appdata\local\google\chrome\user data\swreporter\41.204.201.3\edls_32.dll
2013-06-17 13:31 - 2013-06-17 13:31 - 000076288 _____ (Free Time) [File not signed] C:\Program Files\FormatFactory\ShellEx_103.dll
2007-03-30 18:34 - 2007-03-30 18:34 - 000036864 _____ (Malwarebytes) [File not signed] C:\Program Files\FileASSASSIN\FileASSASSINExt.dll
2019-05-18 17:03 - 2019-05-18 17:03 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34832260.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\34832260.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:04 - 2019-05-19 13:00 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3193159865-2815699795-1142240979-1013\Control Panel\Desktop\\Wallpaper -> C:\Users\NABLA.walter-PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 200.83.1.4 - 190.160.0.14
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\startupfolder: C:^Users^walter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^walter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^GridMove.lnk => C:\Windows\pss\GridMove.lnk.Startup
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: EEDSpeedLauncher => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
MSCONFIG\startupreg: GoogleChromeAutoLaunch_11DBF98E3701C5FADC062621FC200949 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: snpstd => C:\Windows\vsnpstd.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\walter\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: WallpaperSuite => "C:\Users\walter\AppData\Local\WallpaperSuite\WallpaperSuite.exe" /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9D528238-A67C-4542-B304-B9C26C507C97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7633E2E6-43C5-4E67-AF97-0E5987669B35}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7214D9B-24B9-47F6-AC6B-48FEB982036D}] => (Allow) C:\Users\walter\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EEECE71-AC0B-4FB5-9F90-FA6536FAB701}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C57A84DA-4A6E-44C1-94D0-A624B12D55AC}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{E18BBB95-9360-4CE4-AD13-8170DD1EAEE1}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{FCC4EF3A-4C0D-4A8E-87CE-7D53599F21D8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{3F573BE9-7998-4945-B98A-F7853D89E496}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{8FECA01F-BAB3-4C4A-ACDD-18544392BB7E}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{002FDF83-B5E4-4FCD-B531-3ECCBD0DB544}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.4\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{1CCD4EBE-8433-4D70-9327-AA1B497897ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C7B8F4D-F22D-4CF2-B7A6-1496F409D9D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B5C59195-FA21-4687-A6FE-8B61853FF233}] => (Allow) C:\Program Files\Samsung\Samsung Universal Print Driver 2 XPS\PrinterSelector\SUPDApp.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{9AF422B9-3B7C-4AF3-A266-EC09F2EEB260}H:\emule\emule.exe] => (Allow) H:\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{00FF2FD2-6BCE-43C8-B206-41107C23C278}H:\emule\emule.exe] => (Allow) H:\emule\emule.exe (hxxp://www.emule-project.net) [File not signed]
FirewallRules: [TCP Query User{EF635342-D557-4B41-953A-7D79301A6BBC}C:\program files\airdroid\airdroid.exe] => (Allow) C:\program files\airdroid\airdroid.exe (TONGBU TECHNOLOGY (HK) LIMITED -> Sand Studio)
FirewallRules: [UDP Query User{85BAB95E-A9B3-4C30-8A27-EA61D1BFE073}C:\program files\airdroid\airdroid.exe] => (Allow) C:\program files\airdroid\airdroid.exe (TONGBU TECHNOLOGY (HK) LIMITED -> Sand Studio)
FirewallRules: [TCP Query User{FF1278F5-0111-4812-B0E3-1EA77599448C}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{B3918105-1138-4FE6-97D4-23C3E6999AA8}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B0C92ECB-FB86-446F-BEA2-1ECEE4C7EEDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D5B0E551-759D-4869-849A-93ABA001F047}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A02E2879-144E-4990-AB27-47293DD0104B}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{234E0D55-E191-4A8A-97B8-F5ABCCF5565A}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{08E15151-163C-4610-90AE-862583646A8D}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{577938D4-C31F-439E-AED7-4794E9248DA3}] => (Allow) C:\Program Files\Apowersoft\Video Download Capture 6\rtmpsrv.exe (Apowersoft Ltd -> )
FirewallRules: [{00786891-1D65-4D2F-AB02-15153D59D1B8}] => (Block) LPort=445
FirewallRules: [{AEF91E5C-1E27-4F07-9C4C-D78FDE98A8EB}] => (Block) LPort=445
FirewallRules: [{345DB848-D70D-4B87-8E49-F6724F9D645B}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{90E96FF0-BA32-4D00-B6CE-0401E1688305}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{7CC7824D-F7E1-496A-998F-AE2F4C23C5B7}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{F647CDE6-08D4-400D-BFEA-E1172EBD21D6}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{41B2D383-4682-4CFF-927A-9EFC5DF34608}] => (Allow) C:\Program Files\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time) [File not signed]
FirewallRules: [{3D11CDC5-C4FA-43E4-B421-3EC95F75C93A}] => (Allow) C:\Users\walter\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{59F1BBAD-3C26-4DC5-A04B-F714E256EC62}] => (Allow) C:\Users\walter\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{6F445E50-811B-404E-A2DB-959F03F5F4A6}] => (Allow) C:\Program Files\AnvSoft\Syncios Data Transfer\SynciosTransfer.exe (Anvsoft Inc. -> Syncios Data Transfer)
FirewallRules: [{BF770E88-6035-4A73-9CA9-14DB700DFF91}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ABD765DC-5FF6-41C3-AFA2-1BF009D32836}] => (Allow) LPort=1688
FirewallRules: [{78259EF6-F897-43D7-9688-EC601B81B98B}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{157DCBBD-ED26-4EB1-8F39-49496BDE4E2B}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3872B16B-36D2-4F3E-B4EC-404EEC582D22}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{05E1BB3F-1D86-4CC8-AEB6-E01213D3BDC9}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9D598E7-1956-4C1C-BBD7-F6936298397B}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{38685AD7-D089-4A26-9C46-F2B9662A30D9}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A275B686-717D-4503-A285-024A7C716ACF}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{97657A26-90B8-43FE-B58E-0994DF52EF4D}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7CFCE1DE-D9B8-49C5-B418-001F0F080644}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C04C8C5F-7769-43CC-AEE9-9A84A12EEAAC}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5834B863-0A9B-40E0-9473-E425752FAB87}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9E3672B9-4825-489A-8F43-B164224C81DD}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{488CB36F-CBDB-429C-85EC-D8CEBCF55DE5}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6E23D790-0EAF-495A-AAA0-B87F9F4626AB}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{879EE372-8F17-40C3-9DA5-1AFED27354FF}] => (Allow) C:\Windows\system32\tracert.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2FB5F4D3-B71B-42FD-897C-583C18CE6DEF}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2794003E-E903-4F2D-8EE5-E235F9A97183}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3028F535-6860-475B-BDCE-2FDEE390E697}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F51C90BB-895D-4174-BA6D-0A80A6B04995}] => (Allow) C:\Windows\system32\nslookup.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{615CBA1C-661D-4561-A992-E08FC3E06FA8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{311D2FE8-B6AD-40F9-BBC2-2DADB441AB41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A995ED0F-C1E1-4544-B1BF-01B4296D454D}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{AD12BEFA-4416-425D-A0F5-E154FA30F06A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\Mathematica.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{3F88A0A6-8759-4862-A69F-66C119B64B62}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{F3E1613F-1F06-405E-918F-56ED1B9E45D8}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\MathKernel.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{42955922-3BC1-4726-9777-235642BFEC43}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{AFB3E3CD-E3E0-498D-A8D1-5905EA703F2A}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\11.2\math.exe (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FirewallRules: [{BCAD9AA3-39ED-49DD-B345-10B2B465CEF9}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{ED6D9985-2040-471F-A2B8-E92C3FFF7523}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9455A99E-EF7A-47F6-B89E-DA08854C2EE0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{F233FC03-0279-4DC4-AA9C-BFA163334EE7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7915EC1D-826E-40C9-A9E9-6CC26ECF496E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{54DF77C4-EADC-4968-91CC-323B2A8C1E3B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8061EFFC-F134-4919-8701-B0E2DFBFCCDD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{570FC8B1-1283-41DA-859E-E048AA8E9623}C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{6B3DC682-C666-4E2E-9F51-3803CCA45004}C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\vac\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{C533C36C-E349-4096-B1A3-50B8CB2E5784}E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [UDP Query User{457F5B43-97A5-41E0-AD96-29A07813E808}E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) E:\escritorio mayo\super carpeta\portable foxit pdf editor 2.0.1011.exe (Foxit Software Company -> Foxit Software Company) [File not signed]
FirewallRules: [TCP Query User{40D6354D-CD07-4935-A3FC-05CF140CC499}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{D7671610-5D8F-477C-BDE3-A6CF9000D2B3}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [{46929318-5DE8-4CA2-BC34-E7C0F55652FF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{8EDB451E-8A41-402D-895C-9AB532280EC6}C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe (Access Denied)  [File not signed]
FirewallRules: [UDP Query User{805F1B4D-F3AB-44D6-828F-9909CE69E0D2}C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\portable foxit pdf editor 2.0.1011.exe (Access Denied)  [File not signed]
FirewallRules: [{0F8DBAC6-37B5-40EB-A998-61F73A671722}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{4E7D81F6-33BA-45DC-A6B2-9A2D2B2DC31E}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{82BD959F-EBB2-4F5D-93AC-362DB12E6662}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{EF957D4F-8310-403B-BFF7-F0803DCA2DDC}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{44A4E358-6701-4F63-A6F2-C80F47FC1779}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{8253FA6C-A036-4420-BB74-8B95D8B65C9B}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{CC2170B9-C2D4-4524-80C6-44EEC6140E6E}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe No File

==================== Restore Points =========================

06-06-2019 18:05:49 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther VPN Project
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA nForce Ethernet 
Description: NVIDIA nForce Networking Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVNET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2019 12:12:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/07/2019 12:06:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/07/2019 12:06:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/07/2019 12:04:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (06/07/2019 12:04:02 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (06/06/2019 11:59:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: emule.exe, versión: 0.50.0.4, marca de tiempo: 0x4bbc81c8
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x6874203a
Id. del proceso con errores: 0x1b48
Hora de inicio de la aplicación con errores: 0x01d51cce1351a480
Ruta de acceso de la aplicación con errores: H:\eMule\emule.exe
Ruta de acceso del módulo con errores: unknown
Id. del informe: a6ff1c28-88d8-11e9-b77c-00030d000001

Error: (06/06/2019 09:12:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: walter-PC)
Description: Windows no encuentra el perfil local y está iniciando la sesión con un perfil temporal. Los cambios que se efectúen en este perfil se perderán cuando se cierre la sesión.

Error: (06/06/2019 09:12:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: walter-PC)
Description: Windows hizo una copia de seguridad de este perfil de usuario. Windows intentará automáticamente usar la copia de seguridad del perfil la próxima vez que este usuario inicie sesión.


System errors:
=============
Error: (06/07/2019 12:11:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:52 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (06/07/2019 12:11:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


CodeIntegrity:
===================================

Date: 2018-10-15 18:23:37.767
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-15 18:23:37.690
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-15 18:23:37.582
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-13 13:22:58.324
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-13 13:22:58.309
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-13 13:22:58.309
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-08 22:06:11.771
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2018-10-08 22:06:11.755
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Program Files\Phoenix360\System Mechanic\WscRmd.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 080015 05/16/2008
Motherboard: ECS GF7100/7050PVT-M3
Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 53%
Total physical RAM: 2815.24 MB
Available physical RAM: 1299.96 MB
Total Virtual: 5630.48 MB
Available Virtual: 4172.03 MB

==================== Drives ================================

Drive c: (walter) (Fixed) (Total:100.72 GB) (Free:14.85 GB) NTFS
Drive d: (210916-1) (Fixed) (Total:910.16 GB) (Free:590.92 GB) NTFS
Drive e: (210916-2) (Fixed) (Total:910.16 GB) (Free:202.5 GB) NTFS
Drive f: (210916-3) (Fixed) (Total:974.08 GB) (Free:401.52 GB) NTFS
Drive g: (ws250709 [musica-video-ima]) (Fixed) (Total:185.55 GB) (Free:23.68 GB) NTFS
Drive h: (ws-07-10-2016) (Fixed) (Total:145.84 GB) (Free:101.48 GB) NTFS
Drive i: (260614 UTILIDADES) (Fixed) (Total:6.72 GB) (Free:0.82 GB) NTFS
Drive l: (280418 FORMULARIOS) (Fixed) (Total:5 GB) (Free:0.63 GB) NTFS
Drive n: (WSIVOLI-30122018) (Removable) (Total:14.32 GB) (Free:3.27 GB) NTFS
Drive o: (WS 18-05-2019) (Fixed) (Total:21.83 GB) (Free:14.91 GB) NTFS

\\?\Volume{965bd5ae-496b-11e6-90d8-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 00290029)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=364.9 GB) - (Type=0F Extended)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 2794.5 GB) (Disk ID: 03DD17B9)

Partition: GPT.

========================================================
Disk: 3 (Size: 14.3 GB) (Disk ID: 07531EA5)
Partition 1: (Not Active) - (Size=14.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Nabla de momento esta como lo ves , no copia el perfil viejo al nuevo

eso me sale donde están los perfiles

xxx

Cuales de esas puedo borrar con seguridad?

Hola @WALLY

Mientras analizo los reportes:

Por lo que se ve todas las que contienen TEMP.

Max.Ram es una cuenta?

Ve a Inicio >>> escribe Cuentas de Usuario y toma una imagen.

Nos comentas.

Salu2

Hola:

Ademas de lo anterior te dejo el Fix, hay mucha basura en el equipo y alguna infección nueva que no estuvo antes, como hubo tanto problema, luego del fix te dejare el paso a paso para intentar reparar definitivamente tu cuenta.


Cuando Inicies el Ordenador en Modo seguro con red que sea en la misma cuenta donde corriste FRST (Nabla) luego:

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga y/o ejecuta DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Inicie su ordenador en >>> Modo Seguro

Luego vaya a::

Inicio >>> Ejecutar >>> Escribe notepad.exe o abra un nuevo archivo Notepad y copie y pegue lo siguiente:

Start
CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
FirewallRules: [TCP Query User{40D6354D-CD07-4935-A3FC-05CF140CC499}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{D7671610-5D8F-477C-BDE3-A6CF9000D2B3}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{82BD959F-EBB2-4F5D-93AC-362DB12E6662}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{EF957D4F-8310-403B-BFF7-F0803DCA2DDC}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{44A4E358-6701-4F63-A6F2-C80F47FC1779}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-imágenes\listas\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{8253FA6C-A036-4420-BB74-8B95D8B65C9B}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{CC2170B9-C2D4-4524-80C6-44EEC6140E6E}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe No File
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1945712 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
C:\Program Files\Common Files\AVG
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\is-PBCQP.tmp
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\is-IJC90.tmp
2019-05-30 21:56 - 2019-05-30 21:56 - 000000000 _____ C:\Users\walter\AppData\Local\BITE040.tmp
2019-05-25 23:46 - 2019-05-25 23:46 - 000000000 ____D C:\Users\walter\AppData\Local\ESET
2019-05-27 23:12 - 2019-05-28 07:17 - 000000000 ____D C:\KVRT_Data
2019-05-18 17:29 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2019-05-17 22:39 - 2018-01-29 20:04 - 000000000 ____D C:\Users\walter\AppData\Roaming\Psiphon3
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guarda bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe/Frst64.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajará.

  • Ejecute Frst.exe o Frst64.exe. según el caso.
  • Presione el botón Fix y aguarde a que termine.
  • La Herramienta guardará el reporte en su escritorio (Fixlog.txt).
  • Reinicia y lo pega en su próxima respuesta.

Nos comentas…

Salu2

lo pedido

ejecute el scrip , esperando instrucciones

Hola @WALLY

Pega el reporte del fixlog.

Salu2

Fix result of Farbar Recovery Scan Tool (x86) Version: 06-06-2019
Ran by NABLA (07-06-2019 10:06:57) Run:3
Running from C:\Users\NABLA.walter-PC\Desktop
Loaded Profiles: NABLA (Available Profiles: walter & UpdatusUser & NABLA & Invitado)
Boot Mode: Safe Mode (with Networking)

==============================================

fixlist content:
*****************
CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers3: [DLLRegSvr] -> {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
FirewallRules: [TCP Query User{40D6354D-CD07-4935-A3FC-05CF140CC499}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{D7671610-5D8F-477C-BDE3-A6CF9000D2B3}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{82BD959F-EBB2-4F5D-93AC-362DB12E6662}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{EF957D4F-8310-403B-BFF7-F0803DCA2DDC}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\listas\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\listas\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{44A4E358-6701-4F63-A6F2-C80F47FC1779}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\listas\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\listas\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [TCP Query User{8253FA6C-A036-4420-BB74-8B95D8B65C9B}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe No File
FirewallRules: [UDP Query User{CC2170B9-C2D4-4524-80C6-44EEC6140E6E}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe] => (Block) C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe No File
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07784A53-AAF2-44B1-BECE-AECF6302DF9C} - \OperaUpdateService -> No File <==== ATTENTION
Task: {7B4E731E-0B25-4875-BCBD-4C8F64958A47} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1945712 2019-06-04] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
C:\Program Files\Common Files\AVG
Task: {B5412D51-22AF-457A-858B-DF8DA15D4E93} - System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => C:\Windows\system32\pcalua.exe -a J:\Setup.exe -d J:\
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://es.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR HKLM\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Temp\~sfx00001228\IDMGCExt.crx <not found>
S3 catchme; \??\F:\Temp\catchme.sys [X]
S3 cpuz140; \??\F:\Temp\cpuz140\cpuz140_x32.sys [X]
S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X]
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S1 dsbwncfk; \??\C:\Windows\System32\drivers\dsbwnck.sys [X]
U0 Partizan; no ImagePath
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\is-PBCQP.tmp
2019-06-03 23:01 - 2019-06-03 23:01 - 000000000 ____D C:\Users\Nabla\is-IJC90.tmp
2019-05-30 21:56 - 2019-05-30 21:56 - 000000000 _____ C:\Users\walter\AppData\Local\BITE040.tmp
2019-05-25 23:46 - 2019-05-25 23:46 - 000000000 ____D C:\Users\walter\AppData\Local\ESET
2019-05-27 23:12 - 2019-05-28 07:17 - 000000000 ____D C:\KVRT_Data
2019-05-18 17:29 - 2015-07-10 11:51 - 000456008 _____ (AutoIt Team) C:\Windows\system32\autoitx3.dll
2019-05-17 22:39 - 2018-01-29 20:04 - 000000000 ____D C:\Users\walter\AppData\Roaming\Psiphon3
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\DLLRegSvr => removed successfully.
HKLM\Software\Classes\CLSID\{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{40D6354D-CD07-4935-A3FC-05CF140CC499}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D7671610-5D8F-477C-BDE3-A6CF9000D2B3}C:\users\walter\desktop\4 medios\portable foxit pdf editor 2.0.1011.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{82BD959F-EBB2-4F5D-93AC-362DB12E6662}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\nueva carpeta\nueva carpeta\portable foxit pdf editor 2.0.1011.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EF957D4F-8310-403B-BFF7-F0803DCA2DDC}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\listas\portable foxit pdf editor 2.0.1011.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{44A4E358-6701-4F63-A6F2-C80F47FC1779}C:\users\walter\desktop\nueva carpeta (6)\libro-negro-psu-sr-im�genes\listas\portable foxit pdf editor 2.0.1011.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8253FA6C-A036-4420-BB74-8B95D8B65C9B}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CC2170B9-C2D4-4524-80C6-44EEC6140E6E}C:\users\walter\desktop\nueva carpeta (6)\portable foxit pdf editor 2.0.1011.exe" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07784A53-AAF2-44B1-BECE-AECF6302DF9C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07784A53-AAF2-44B1-BECE-AECF6302DF9C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OperaUpdateService" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7B4E731E-0B25-4875-BCBD-4C8F64958A47}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B4E731E-0B25-4875-BCBD-4C8F64958A47}" => removed successfully.
C:\Windows\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully.
C:\Program Files\Common Files\AVG => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5412D51-22AF-457A-858B-DF8DA15D4E93}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5412D51-22AF-457A-858B-DF8DA15D4E93}" => removed successfully.
C:\Windows\System32\Tasks\{249DCE56-AFA6-4686-BD3A-B8052881FB3D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{249DCE56-AFA6-4686-BD3A-B8052881FB3D}" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully.
"Chrome DefaultSearchURL" => removed successfully.
"Chrome DefaultSearchKeyword" => removed successfully.
"Chrome DefaultSuggestURL" => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fdbpcigaolookbahgdofnimidinicfid => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek => removed successfully.
HKLM\System\CurrentControlSet\Services\catchme => removed successfully.
catchme => service removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz140 => removed successfully.
cpuz140 => service removed successfully.
HKLM\System\CurrentControlSet\Services\cpuz143 => removed successfully.
cpuz143 => service removed successfully.
HKLM\System\CurrentControlSet\Services\DrvAgent32 => removed successfully.
DrvAgent32 => service removed successfully.
HKLM\System\CurrentControlSet\Services\dsbwncfk => removed successfully.
dsbwncfk => service removed successfully.
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully.
Partizan => service removed successfully.
C:\Users\Nabla\is-PBCQP.tmp => moved successfully
C:\Users\Nabla\is-IJC90.tmp => moved successfully
C:\Users\walter\AppData\Local\BITE040.tmp => moved successfully
C:\Users\walter\AppData\Local\ESET => moved successfully
C:\KVRT_Data => moved successfully
C:\Windows\system32\autoitx3.dll => moved successfully
C:\Users\walter\AppData\Roaming\Psiphon3 => moved successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 4 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::24da:2865:57ab:c4d3%19
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.29
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

Adaptador de Ethernet Conexi¢n de  rea local 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{3100BEF9-6842-40A2-AC20-26F7B775D9E3}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{09E2B554-A267-4EF9-9D36-06A3CA8CFD8E}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-3193159865-2815699795-1142240979-1013\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12363703 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 66496919 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
LocalService => 0 B
NetworkService => 4452 B
walter => 67744 B
TEMP.walter-PC.000 => 0 B
UpdatusUser => 0 B
Max Ram => 0 B
KOOL => 0 B
NABLA.walter-PC => 11912178 B
TEMP.walter-PC.000 => 0 B
Invitado.walter-PC => 0 B

RecycleBin => 0 B
EmptyTemp: => 86.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:07:36 ====

Hola @WALLY

Del post 107 la imagen que tomaste donde se ve la cuenta Nabla? estabas en la cuenta Walter?


Aquí te dejo los pasos:

Copiar archivos a nueva cuenta de usuario

1.- Ve a Herramientas >>> Opciones de carpetas >>> Ver , luego Mostrar archivos ocultos y opciones de carpetas >>> desmarca la opción Ocultar archivos del sistema operativo protegidos . En el fin, haz clic en Aplicar y OK para ejecutar la operación pendiente.

2.- Vas a C: \Usuario\Nombre-de-usuario-antiguo(Walter) , luego clic por el botón derecho en todos los archivos menos;

(Estos NO) >>>Ntuser.data, Ntuser.data.log, Ntuser.ini

Al resto si los Copias

3.- Vas a C: \Usuario\Nombre-de-usuario-nuevo(Nabla) y pega los archivos que copiaste a esta carpeta.

4.- Reinicia el equipo con la nueva cuenta de usuario.


Para no confundirnos vamos hasta aquí luego vemos si funciona la cuenta para hacer lo del Registro.


Importante:

Las cuentas que vemos con la palabra TEMP, son las que crea Windows cuando entras a tu perfil dañado.

Por el momento ya no las borres dejalas asi si se vuelven a crear hasta que logremos la correcta función de la cuenta Nabla

Nos comentas.

Salu2

Te comento altiro no me deja copiar , y no sale ningun mensaje , simplemente no hace nada, tengo el total commander que copia archivos tambien pero no he querido ocuparlo por este problema que ocurrio cuando cree el nuevo perfil. Lo que me preguntaste , la foto la tome desde Nabla (esto parece Novela)

Hola:

Prueba hacer los pasos desde Modo Seguro con Red desde la cuenta Administrador.


En cuanto a la foto toma otra desde Modo Seguro también.

Salu2

lo hare mas tarde estoy descargando un office portable , necesito usarlo tengo kilos de trabajo atrasado , mañana hare lo que me dices, buenas noches desde chile

Hola @WALLY

Te entiendo perfectamente.

Y ademas decirte que si aun esto no funciona, deberás directamente formatear, ya que lo hemos intentado todo.

Salu2.

Este tema fue cerrado automáticamente al alcanzar el límite máximo de 100 respuestas.

Este tema fue cerrado automáticamente al alcanzar el límite máximo de 100 respuestas.