Errores en windows 7

Hola a todos tengo un windows 7 en una netbook y me esta presentando carteles de errores despues de iniciar el windows.

Esto me muestra al querer abrir una carpeta

Al querer abrir el panel de control

Al querer abrir el antimalware bytes

Los pasos que hice fueron los siguientes Inicie el sistema en modo seguro con funciones de red Inicie rkill.exe Actualice malwarebytes y realice escaneo completo (encontro malwares y los elimine) Realice limpieza con ccleaner

Inicie windows en modo normal con el antivirus avast free actualizado hasta la fecha realizado escaneo y no encontro nada.

Tal vez sea el windows que tiene fallos y no es problema de virus. Como solucionaria esos fallos de sistema, cualquier ayuda gracias

Buenas @sergio.

Para revisar tu maquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

• CCleaner + Manual.

• Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.

• AdwCleaner + Manual.

• Junkware Removal Tool.

• Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

• Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

• Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

• Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

• Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

• Realiza un Análisis Completo.

• Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

• En el apartado del manual Historial encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

• Ejecuta Adwcleaner.exe.

• Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

• El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

• El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

• Ejecuta JRT.exe.

• Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

• Si en algún momento te pide Reiniciar hazlo.

• Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

• Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

• Ejecuta FRST.exe.

• En el mensaje de la ventana del Disclaimer, pulsamos Yes

• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

• Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Hola, voy realizando los pasos como dice el tutorial y no me deja usar el malwarebytes, y me muestra ese cartel que deje en el primer mensaje.

Ya realice los pasos que indicas, pero lo tuve que hacer en modo seguro por que en normal no dejaba.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 23/10/19
Hora del análisis: 14:55
Archivo de registro: 3bf02be1-f5be-11e9-87d7-000000000000.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.629
Versión del paquete de actualización: 1.0.12957
Licencia: Gratis

-Información del sistema-
SO: Windows 7
CPU: x86
Sistema de archivos: NTFS
Usuario: h-PC\h

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 152681
Amenazas detectadas: 47
Amenazas en cuarentena: 47
Tiempo transcurrido: 3 min, 30 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 12
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ASC10_SkipUac_h, En cuarentena, [3819], [380341],1.0.12957
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{30349F63-D45B-419E-B801-7D72B60E201A}, En cuarentena, [3819], [380341],1.0.12957
PUP.Optional.AdvancedSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{30349F63-D45B-419E-B801-7D72B60E201A}, En cuarentena, [3819], [380341],1.0.12957
PUP.Optional.AdvanceSystemCare, HKLM\SOFTWARE\MICROSOFT\TRACING\ASC_RASAPI32, En cuarentena, [859], [333222],1.0.12957
PUP.Optional.AdvanceSystemCare, HKLM\SOFTWARE\MICROSOFT\TRACING\ASC_RASMANCS, En cuarentena, [859], [333222],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKLM\SOFTWARE\CLASSES\TYPELIB\{23311E82-B997-11CF-2222-0080C7B2D6BB}, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKLM\SOFTWARE\CLASSES\INTERFACE\{23387882-DEAA-4971-2222-5D5046F2B3BB}, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKLM\SOFTWARE\CLASSES\INTERFACE\{2532D782-C4FC-4ED8-2222-D654E27AF7F8}, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKLM\SOFTWARE\CLASSES\INTERFACE\{2F343382-EFC2-49C9-2222-FC0C403B0EBB}, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\tscmon, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\asrdmon, En cuarentena, [491], [708572],1.0.12957
PUP.Optional.AdvancedSystemRepair, HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Advanced System Repair Pro, En cuarentena, [491], [724287],1.0.12957

Valor del registro: 1
PUP.Optional.AdvancedSystemRepair, HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Advanced System Repair Pro, En cuarentena, [491], [506683],1.0.12957

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 3
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\drvstats, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\x64, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z, En cuarentena, [491], [506683],1.0.12957

Archivo: 31
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_SkipUac_h, En cuarentena, [3819], [380341],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\x64\7-zip.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\x64\7z.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\x64\7z.exe, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\7-zip.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\7z.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\7z.exe, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\history.txt, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\License.txt, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\7z\readme.txt, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\drvstats\drop.php, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\drvstats\rep.php, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\drvstats\view.php, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\AdvancedSystemRepairPro.exe, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\asrscan.sys, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\BouncyCastle.Crypto.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\dsutil.exe, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\InfExtractor.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\Microsoft.Deployment.WindowsInstaller.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\Microsoft.Experimental.IO.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\Newtonsoft.Json.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\pcw.pack, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\SevenZipSharp.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\tscmon.exe, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\Program Files\Advanced System Repair Pro 1.9.0.1.0\ZetaLongPaths.dll, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Advanced System Repair Pro.lnk, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\USERS\PUBLIC\Desktop\Advanced System Repair Pro.lnk, En cuarentena, [491], [506683],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\WINDOWS\SYSTEM32\DRIVERS\ASRDMON.SYS, En cuarentena, [491], [708572],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\PROGRAMDATA\TSR7SETTINGS\UNINSTASR.EXE, En cuarentena, [491], [724287],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\PROGRAMDATA\TSR7SETTINGS\DSUTIL.ZIP, En cuarentena, [491], [708572],1.0.12957
PUP.Optional.AdvancedSystemRepair, C:\USERS\H\DESKTOP\TEC\ASR_G-INSTALLER.EXE, En cuarentena, [491], [724287],1.0.12957

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner C00

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-23-2019
# Duration: 00:00:05
# OS:       Windows 7 Ultimate
# Cleaned:  27
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted       C:\Program Files\ADVANCED SYSTEM REPAIR PRO 1.9.0.1.0
Deleted       C:\Program Files\Common Files\IObit\Advanced SystemCare
Deleted       C:\Program Files\IObit\Advanced SystemCare
Deleted       C:\ProgramData\IObit\Advanced SystemCare
Deleted       C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted       C:\ProgramData\TSR7Settings
Deleted       C:\Users\h\AppData\LocalLow\IObit\Advanced SystemCare
Deleted       C:\Users\h\AppData\Roaming\IObit\Advanced SystemCare
Deleted       C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced System Repair Pro

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\AdvancedSystemRepairPro
Deleted       HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{259B9D30-5D6E-4820-AC05-232D93C90092}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{470A224B-21DD-44E4-8B8B-5E25B01E4A12}
Deleted       HKLM\Software\AdvancedSystemRepairPro
Deleted       HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}
Deleted       HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted       HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted       HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted       HKLM\Software\IOBIT\ASC
Deleted       HKLM\Software\IObit\Advanced SystemCare
Deleted       HKLM\Software\IObit\RealTimeProtector
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [43982 octets] - [23/10/2019 15:07:49]
AdwCleaner[S00].txt - [4000 octets] - [23/10/2019 15:09:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

AdwCleaner S00

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-23-2019
# Duration: 00:00:28
# OS:       Windows 7 Ultimate
# Scanned:  35182
# Detected: 27


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files\Common Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Program Files\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\ProgramData\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\h\AppData\LocalLow\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare C:\Users\h\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemRepairPro C:\Program Files\ADVANCED SYSTEM REPAIR PRO 1.9.0.1.0
PUP.Optional.AdvancedSystemRepairPro C:\ProgramData\TSR7Settings
PUP.Optional.AdvancedSystemRepairPro C:\Users\h\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Advanced System Repair Pro
PUP.Optional.Legacy             C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.AdvancedSystemCare HKLM\Software\IOBIT\ASC
PUP.Optional.AdvancedSystemCare HKLM\Software\IObit\Advanced SystemCare
PUP.Optional.AdvancedSystemCare HKLM\Software\IObit\RealTimeProtector
PUP.Optional.AdvancedSystemRepairPro HKCU\Software\AdvancedSystemRepairPro
PUP.Optional.AdvancedSystemRepairPro HKLM\Software\AdvancedSystemRepairPro
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{259B9D30-5D6E-4820-AC05-232D93C90092}
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{470A224B-21DD-44E4-8B8B-5E25B01E4A12}
PUP.Optional.Legacy             HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
PUP.Optional.SpeedItupFree      HKLM\Software\Classes\AppID\{A245B088-41FA-478E-8DEA-86177F1394BB}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner_Debug.log - [8107 octets] - [23/10/2019 15:07:49]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x86 
Ran by h (Limited) on 23/10/2019 at 15:20:04,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 19 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\h\AppData\Roaming\software informer (Folder) 
Successfully deleted: C:\Windows\System32\Tasks\Uninstaller_Install_h (Task)
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4IISBI4T (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8KLC7WC8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BVHFYP43 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I04SHJEW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OXJ9CU05 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P90X6DE1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SDGIANB3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\h\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V9QFBZ3F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4IISBI4T (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8KLC7WC8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BVHFYP43 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I04SHJEW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OXJ9CU05 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P90X6DE1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SDGIANB3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V9QFBZ3F (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/10/2019 at 15:22:54,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-10-2019
Ran by h (administrator) on H-PC (POSITIVO BGH POSITIVO BGH) (23-10-2019 15:25:43)
Running from C:\Users\h\Desktop
Loaded Profiles: h (Available Profiles: h)
Platform: Microsoft Windows 7 Ultimate  (X86) Language: Español (España, internacional)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) [File not signed] C:\Windows\explorer.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\csrss.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\csrss.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\ctfmon.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\lsass.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\lsm.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\services.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\smss.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\svchost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiPrvSE.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wininit.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\winlogon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [135168 2013-03-20] (Intel Corporation) [File not signed]
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [168960 2013-03-20] (Intel Corporation) [File not signed]
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [161280 2013-03-20] (Intel Corporation) [File not signed]
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2013-03-20] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26112 2009-07-13] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2613248 2009-07-13] (Microsoft Corporation) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1173504 2009-07-13] (Microsoft Corporation) [File not signed]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation) [File not signed]
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1173504 2009-07-13] (Microsoft Corporation) [File not signed]
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-13] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\...\MountPoints2: {d4bf4fd4-cf7d-11e3-b888-2cd05af6a584} - E:\AutoRun.exe
HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [124928 2009-07-13] (Microsoft Corporation) [File not signed]
HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [489472 2009-07-13] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-23] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2019-10-18]
ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files\AVG\AVG TuneUp\TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {030AB572-72B4-450D-8E76-0D16054E2FB2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {071D41B6-8806-4EB0-B661-6CB67BE6E86E} - System32\Tasks\Microsoft\Windows\Diagnosis\Scheduled => {c1f85ef8-bcc2-4606-bb39-70c523715eb3} C:\Windows\System32\sdiagschd.dll [45056 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {091CBC22-42CB-40FE-976E-A0D82285C65D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {0ADEA77E-4CF1-46EB-865E-C4ED6C7E46BF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {1751AE2D-6308-4ADE-9417-E4405439AA47} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {1B0B749B-43FC-47A7-8B63-BA0DB167C953} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {1F2CCA6C-A1C8-4EB5-BAC9-2BA599D1CACC} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [68608 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {207BD25D-E89F-44A7-AD4F-A121F81C18BA} - System32\Tasks\{5EE9EBF5-2C21-4AEC-801D-08BE84CEDA09} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -c -runfromtemp -l0x000a -removeonly
Task: {20C9D97C-FF01-423D-AB15-FC7FC41FDC99} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {2375F586-1009-41FB-B54E-30D8AF2B781D} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe [65024 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {23D20A16-F480-443B-ACDE-A37795E3C1A8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe [67584 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} C:\Windows\System32\perftrack.dll [578048 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {27552C77-343D-45BB-879B-603A19DCD5D5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} C:\Windows\System32\HotStartUserAgent.dll [22528 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {299B786A-E838-4A11-9DF3-9BD46496B46B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [15872 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [61440 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} C:\Windows\System32\wpcumi.dll [179200 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {4040E761-8758-4007-B2FE-142B24BF4B16} - System32\Tasks\Microsoft\Windows\Ras\MobilityManager => {c463a0fc-794f-4fdf-9201-01938ceacafa} C:\Windows\system32\rasmbmgr.dll [45056 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {529C70A9-133C-4367-834B-6C1A960129E9} - System32\Tasks\User_Feed_Synchronization-{B4301FD8-D7CD-4BBD-83CA-B8630077E807} => C:\Windows\system32\msfeedssync.exe [12800 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {5637C8C6-C66B-4406-9BC1-878838BC20CF} - System32\Tasks\AVG TuneUp Update => C:\Program Files\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {581C7448-7DCA-4DF0-9A0B-74F0CE7AF3CE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {5AD0B09F-25E8-44E7-85BC-473D47BEAC7A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe [1131008 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {60158C7A-6808-42CD-95EE-AFD9A57925DB} - System32\Tasks\Microsoft\Windows\AppID\PolicyConverter => C:\Windows\system32\appidpolicyconverter.exe [96768 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {6375CC1C-D975-48D2-9CD5-63DB19B10D4A} - System32\Tasks\Microsoft\Windows\WDI\ResolutionHost => {900be39d-6be8-461a-bc4d-b0fa71f5ecb1} C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {6442088F-91B3-45E2-B854-5ED54541B5E8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {646C5088-7095-4127-BBD3-31E8F12CD61D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {69795D34-FD0C-40CC-8FBF-C278D8C947B6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} C:\Windows\System32\AuxiliaryDisplayServices.dll [112128 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {6B4B7E4E-DACF-47D1-A838-09B4D5631665} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {6B7AC694-8D6D-481B-9DD8-2A3A741ADA6D} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => C:\Windows\System32\powercfg.exe [59392 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {6BB666EC-BC52-4B10-BBDE-A5E4A34BC72B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe [67584 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {731E9C62-95B5-4C8C-AB64-4CC591C9FF5B} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [101888 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {73259F86-29D6-42FF-B1E7-634F6E40D4F8} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask-Roam => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [33792 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {761F04E5-42C4-4D39-9CC4-1E17135E9795} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {76619CCA-B786-4A16-AB19-E5A690B3F6C6} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {79E829B1-D6F1-4F6F-B86F-37BB973976BA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {7D3C7871-A917-4EF0-82E8-5F0A96423051} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [35328 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {7F9A8390-C2F3-4E16-8DD1-006DC7DC6818} - System32\Tasks\Microsoft\Windows\Offline Files\Logon Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\Windows\System32\cscui.dll [418816 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {883720D1-7AE3-439D-8116-92CA2ECE7BB5} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {8905ECD8-016F-4DC2-90E6-A5F1FA6A841A} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) => {CF2CF428-325B-48D3-8CA8-7633E36E5A32} C:\Windows\system32\msdrm.dll [334848 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {917C8913-050F-4CB2-88AA-806686AF18F6} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} C:\Windows\System32\AuxiliaryDisplayServices.dll [112128 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {93748DBF-CEAD-4D3A-811D-DD0FFD20B1F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [269504 2016-02-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {96ADCED3-2314-4685-A116-CEC143A2A8C1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {9B75C702-EA13-406A-BADB-6C588EE4375B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\SystemTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [33792 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {9EFACBE6-A797-4905-A0C6-014CD3000DBB} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask => {e7ed314f-2816-4c26-aeb5-54a34d02404c} C:\Windows\System32\kernelceip.dll [15872 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector => {190BA3F6-0205-4f46-B589-95C6822899D2} C:\Windows\System32\memdiag.dll [15872 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {9FA0B784-4F58-4C2E-9BF8-9146FC2E3886} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} C:\Windows\System32\AuxiliaryDisplayServices.dll [112128 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {A1CFA52F-06F2-418D-ADDB-CD6456D66F43} - System32\Tasks\Microsoft\Windows\RAC\RacTask => {42060D27-CA53-41f5-96E4-B1E8169308A6} C:\Windows\system32\RacEngn.dll [1116160 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {A237AD40-E209-447F-9D7B-618351CD787B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {A2CFB6F3-B3AE-4971-8E29-C415BE22D2E5} - System32\Tasks\Microsoft\Windows\Maintenance\WinSAT => {A9A33436-678B-4C9C-A211-7CC38785E79D} C:\Windows\system32\WinSATAPI.dll [335872 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {A316E645-1C56-45A6-BD6A-7DCA79778090} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip => {c27f6b1d-fe0b-45e4-9257-38799fa69bc8} C:\Windows\System32\usbceip.dll [23552 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {A3D84F9E-4D16-4B7D-80AB-043EF536A050} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} C:\Windows\System32\AuxiliaryDisplayServices.dll [112128 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {A6394592-54CE-4E93-8D64-1A068F462632} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [254976 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {AAC4C943-D16C-46A1-BF90-6437DB42E684} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {AB771A9F-FB0F-4FA1-8B5F-48186615901E} - System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader => {B210D694-C8DF-490d-9576-9E20CDBC20BD} C:\Windows\System32\mscms.dll [481280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {AC23A9C2-12F9-4337-BB5D-991C21A4D489} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {B9BEE219-C29E-4310-819C-147A5A0E045E} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [176128 2009-07-13] (Microsoft Corp.) [File not signed]
Task: {BBA67AD0-4BA0-4B44-827B-FF419B70C057} - System32\Tasks\Microsoft\Windows\Multimedia\SystemSoundsService => {2DEA658F-54C1-4227-AF9B-260AB5FC3543} C:\Windows\System32\PlaySndSrv.dll [77312 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {C90440A0-6D8F-423F-8F42-83EEF05CE708} - System32\Tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck => C:\Windows\system32\appidcertstorecheck.exe [16896 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => C:\Windows\system32\aitagent.exe [120320 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {D82B3C8C-F632-43F9-9FF7-5E907DC2098B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8BB5B7F-D0CA-4F67-A3D7-73E1D05F63DA} - System32\Tasks\Microsoft\Windows\Registry\RegIdleBackup => {ca767aa8-9157-4604-b64b-40747123d5f2} C:\Windows\System32\regidle.dll [13312 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {D9774C86-81CA-4A3B-BB4D-47F8B31C44A1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {DE8699D2-8A05-42F7-8A85-5162AF47D26A} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [53760 2009-07-13] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {DE8BAE53-2809-4F75-85EF-427D364B9B2C} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\UserTask => {58fb76b9-ac85-4e55-ac04-427593b1d060} C:\Windows\system32\dimsjob.dll [33792 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {E6F3A527-8B0B-43FA-94EB-584032761924} - System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) => {BF5CB148-7C77-4d8a-A53E-D81C70CF743C} C:\Windows\system32\msdrm.dll [334848 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} C:\Windows\System32\wpcmig.dll [15872 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {EA542D92-0375-47B2-8765-786D97A85CD0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {F0C6C184-091A-45CF-8EEE-DB3572409EEA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [185856 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {F1369A11-E983-4458-B390-712EFA1CBA44} - System32\Tasks\Microsoft\Windows\TextServicesFramework\MsCtfMonitor => {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1} C:\Windows\system32\MsCtfMonitor.dll [19968 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {F93C7104-998A-4A38-B935-775A3138B3C3} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotifications.exe [89600 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {F9B6506F-26AC-4B9F-B0C1-24E2F4B3B127} - System32\Tasks\Microsoft\Windows\Offline Files\Background Synchronization => {FA3F3DD9-4C1A-456B-A8FA-C76EF3ED83B8} C:\Windows\System32\cscui.dll [418816 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {FA97DBBE-3B7A-43C3-87F7-0830B23C575C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe [225280 2009-07-13] (Microsoft Corporation) [File not signed]
Task: {FFB8486A-9861-4B82-BE38-C7F8FB1B6605} - System32\Tasks\Microsoft\Windows\Task Manager\Interactive => {855fec53-d2e4-4999-9e87-3414e9cf0ff4} C:\Windows\system32\wdc.dll [1227776 2009-07-13] (Microsoft Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\h\Desktop\adwcleaner_7.4.2.exe
Task: C:\Windows\Tasks\CCleaner Update.job => C:\Program Files\CCleaner\CCUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [51712 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 02 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 03 C:\Windows\system32\winrnr.dll [20992 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 04 C:\Windows\system32\napinsp.dll [52224 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog5 07 C:\Windows\system32\wshbth.dll [35840 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 01 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 02 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 03 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 04 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 05 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 06 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 07 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 08 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 09 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 10 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 11 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 12 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 13 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 14 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 15 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 16 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 17 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 18 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 19 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 20 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 21 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 22 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 23 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 24 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 25 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 26 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 27 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 28 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Winsock: Catalog9 29 C:\Windows\system32\mswsock.dll [232448 2009-07-13] (Microsoft Corporation) [File not signed]
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{799BBDFE-A637-406C-BBB6-DFBED03993A2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.ar/
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ar.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-4013947432-272596399-2653561696-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation) [File not signed]

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-17] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-17] (Google Inc -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\h\AppData\Local\Google\Chrome\User Data\Default [2019-10-23]
CHR Extension: (Documentos) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-10-17]
CHR Extension: (Google Drive) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-31]
CHR Extension: (Búsqueda de Google) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-10-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-17]
CHR Extension: (Gmail) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\h\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Appinfo; C:\Windows\System32\appinfo.dll [46592 2009-07-13] (Microsoft Corporation) [File not signed]
R3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5035312 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation) [File not signed]
S2 BFE; C:\Windows\System32\bfe.dll [493568 2009-07-13] (Microsoft Corporation) [File not signed]
S2 BITS; C:\Windows\System32\qmgr.dll [589312 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Browser; C:\Windows\System32\browser.dll [102400 2009-07-13] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
S2 CleanupPSvc; C:\Program Files\AVG\AVG TuneUp\TuneupSvc.exe [10301176 2019-07-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-13] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [135680 2009-07-13] (Microsoft Corporation) [File not signed]
S2 CscService; C:\Windows\System32\cscsvc.dll [544256 2009-07-13] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Device Control Service; C:\Program Files\Intel\Device Control Service\DeviceControlService.exe [622592 2009-12-11] (Intel Corporation) [File not signed]
S2 Dhcp; C:\Windows\system32\dhcpcore.dll [253440 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2009-07-13] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2009-07-13] (Microsoft Corporation) [File not signed]
S2 DPS; C:\Windows\system32\dps.dll [143360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [557056 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-13] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086464 2009-07-13] (Microsoft Corporation) [File not signed]
S2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [522752 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation) [File not signed]
S3 FontCache; C:\Windows\system32\FntCache.dll [797696 2009-07-13] (Microsoft Corporation) [File not signed]
S2 gpsvc; C:\Windows\System32\gpsvc.dll [591360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-13] (Macrovision Corporation) [File not signed]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [667136 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation) [File not signed]
S2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [497152 2009-07-13] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation) [File not signed]
S2 LanmanServer; C:\Windows\system32\srvsvc.dll [168448 2009-07-13] (Microsoft Corporation) [File not signed]
S2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation) [File not signed]
S2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
S2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
S2 MpsSvc; C:\Windows\system32\mpssvc.dll [565760 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe /V [73216 2009-07-13] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation) [File not signed]
S3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
S2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
S2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-13] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2009-07-13] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [294400 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350720 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2009-07-13] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [162816 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [285184 2009-07-13] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-13] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation) [File not signed]
S2 SamSs; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Schedule; C:\Windows\system32\schedsvc.dll [743424 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2009-07-13] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation) [File not signed]
S2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [99328 2009-07-13] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation) [File not signed]
S2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Spooler; C:\Windows\System32\spoolsv.exe [316416 2009-07-13] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation) [File not signed]
S2 StiSvc; C:\Windows\System32\wiaservc.dll [462336 2009-07-13] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation) [File not signed]
S2 SysMain; C:\Windows\system32\sysmain.dll [1169408 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [241664 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [543232 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
S2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2009-07-13] (Microsoft Corporation) [File not signed]
S2 UI Assistant Service; C:\Program Files\Claro Internet\AssistantServices.exe [274720 2012-05-10] (ZTE CORPORATION -> )
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [154624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [File not signed]
S2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [452608 2009-07-13] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2009-07-13] (Microsoft Corporation) [File not signed]
S4 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1202688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [202240 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [348672 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121280 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2009-07-13] (Microsoft Corporation) [File not signed]
S2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [428032 2009-07-13] (Microsoft Corporation) [File not signed]
S2 wuauserv; C:\Windows\system32\wuaueng.dll [1912832 2009-07-13] (Microsoft Corporation) [File not signed]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185856 2009-07-13] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [163328 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
S1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2009-07-13] (Microsoft Windows) [File not signed]
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35512 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [174712 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [224008 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [169408 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [59368 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41200 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [145048 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95168 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73312 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [691528 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394856 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [176760 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277408 2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
S3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BthEnum; C:\Windows\System32\DRIVERS\BthEnum.sys [34816 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [93696 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [392704 2009-07-13] (Microsoft Corporation) [File not signed]
S3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [58880 2009-07-13] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation) [File not signed]
S1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2009-07-13] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2009-07-13] (Microsoft Corporation) [File not signed]
S1 CSC; C:\Windows\System32\drivers\csc.sys [387584 2009-07-13] (Microsoft Corporation) [File not signed]
S1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2009-07-13] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [80824 2012-06-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation) [File not signed]
S3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [720896 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2009-07-13] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513024 2009-07-13] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation) [File not signed]
S3 igddim32; C:\Windows\System32\DRIVERS\igddim32.sys [1349632 2013-03-20] (Intel Corporation) [File not signed]
S3 igdkmd32; C:\Windows\System32\DRIVERS\igdkmd32.sys [435200 2013-03-20] (Intel Corporation) [File not signed]
S3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [65536 2009-07-13] (Microsoft Corporation) [File not signed]
R3 IPMLEBL; C:\Windows\System32\Drivers\ipmlebl.sys [9984 2009-12-11] (Intel Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
S1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-28] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2009-07-13] (Microsoft Corporation) [File not signed]
S2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
S2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2011-08-28] (MBB Incorporated) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
S3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123392 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [221184 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [95744 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [45568 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
S1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation) [File not signed]
S1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
S1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation) [File not signed]
S2 Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation) [File not signed]
S2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation) [File not signed]
S1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation) [File not signed]
S1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [241664 2009-07-13] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation) [File not signed]
S1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133120 2009-07-13] (Microsoft Corporation) [File not signed]
S1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation) [File not signed]
S1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [177152 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-13] (Microsoft Corporation) [File not signed]
S2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [2362952 2013-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [2362952 2013-06-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [5632 2009-07-13] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
S2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [12800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation) [File not signed]
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [62976 2011-03-06] (Siano) [File not signed]
S3 srv; C:\Windows\System32\DRIVERS\srv.sys [309760 2009-07-13] (Microsoft Corporation) [File not signed]
S3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [306688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [113664 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [181432 2012-06-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181432 2012-06-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35088 2013-04-30] (AVAST Software -> The OpenVPN Project)
S2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [34816 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
S1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74240 2009-07-13] (Microsoft Corporation) [File not signed]
R3 TPM; C:\Windows\System32\drivers\tpm.sys [30720 2009-07-13] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [30208 2009-07-13] (Microsoft Corporation) [File not signed]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2009-07-13] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2009-07-13] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2009-07-13] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [75264 2009-07-13] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [86016 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [41472 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2009-07-13] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [20480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [74752 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
S3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146176 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation) [File not signed]
R3 VKBD; C:\Windows\System32\DRIVERS\virkbd.sys [18432 2009-12-11] (Intel Corporation) [File not signed]
S3 VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation) [File not signed]
S1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation) [File not signed]
S1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation) [File not signed]
S1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [34944 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [107520 2011-08-28] (ZTE Incorporated) [File not signed]
S3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [107520 2011-08-28] (ZTE Incorporated) [File not signed]
S3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [107520 2011-08-28] (ZTE Incorporated) [File not signed]
S3 ZTEusbvoice; C:\Windows\System32\DRIVERS\ZTEusbvoice.sys [107520 2011-08-31] (ZTE Incorporated) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-23 15:25 - 2019-10-23 15:27 - 000069677 _____ C:\Users\h\Desktop\FRST.txt
2019-10-23 15:25 - 2019-10-23 15:26 - 000000000 ____D C:\FRST
2019-10-23 15:22 - 2019-10-23 15:22 - 000003481 _____ C:\Users\h\Desktop\JRT.txt
2019-10-23 15:10 - 2019-10-23 15:10 - 000000276 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-10-23 15:07 - 2019-10-23 15:10 - 000000000 ____D C:\AdwCleaner
2019-10-23 14:49 - 2019-10-23 15:19 - 000402526 _____ C:\Windows\ntbtlog.txt
2019-10-23 14:27 - 2019-10-23 14:27 - 001790024 _____ (Malwarebytes) C:\Users\h\Downloads\JRT.exe
2019-10-23 14:26 - 2019-10-23 14:26 - 001453056 _____ (Farbar) C:\Users\h\Desktop\FRST.exe
2019-10-23 14:20 - 2019-10-23 14:21 - 007622344 _____ (Malwarebytes) C:\Users\h\Desktop\adwcleaner_7.4.2.exe
2019-10-23 14:20 - 2019-10-23 14:21 - 001790024 _____ (Malwarebytes) C:\Users\h\Desktop\JRT.exe
2019-10-23 00:34 - 2019-10-23 01:16 - 000123398 _____ C:\Users\h\Desktop\Rkill.txt
2019-10-19 23:38 - 2019-10-19 23:38 - 000003544 ____N C:\bootsqm.dat
2019-10-19 00:48 - 2019-10-19 00:49 - 083447533 _____ C:\Users\h\Desktop\ASC_Portable - version 10.1 pro - solo las funciones gratuitas.zip
2019-10-19 00:35 - 2019-10-23 15:24 - 000000000 ____D C:\Users\h\Desktop\Tec
2019-10-18 12:37 - 2019-10-18 13:21 - 037477432 _____ (Microsoft Corporation) C:\Users\h\Downloads\Windows-KB890830-V5.76.exe
2019-10-18 03:09 - 2019-10-18 03:09 - 000000000 ____D C:\Users\h\AppData\Roaming\AVG
2019-10-18 03:07 - 2019-10-19 14:38 - 000004148 _____ C:\Windows\system32\Tasks\AVG TuneUp Update
2019-10-18 03:07 - 2019-10-18 08:47 - 000001069 _____ C:\Users\Public\Desktop\AVG TuneUp.lnk
2019-10-18 03:07 - 2019-10-18 08:47 - 000001069 _____ C:\ProgramData\Desktop\AVG TuneUp.lnk
2019-10-18 03:07 - 2019-10-18 08:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Technologies
2019-10-18 03:06 - 2019-10-18 03:06 - 000000000 ____D C:\ProgramData\AVG
2019-10-18 03:06 - 2019-10-18 03:06 - 000000000 ____D C:\Program Files\AVG
2019-10-18 02:30 - 2019-10-18 02:30 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-18 02:30 - 2019-10-18 02:30 - 000002020 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-10-18 02:30 - 2019-10-18 02:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-18 02:30 - 2019-09-30 06:25 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys
2019-10-18 02:05 - 2019-10-18 02:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-18 01:58 - 2019-10-18 01:58 - 000000000 ____D C:\Program Files (x86)
2019-10-18 01:53 - 2019-10-18 01:53 - 000007605 _____ C:\Users\h\AppData\Local\Resmon.ResmonCfg
2019-10-18 01:48 - 2019-10-18 01:48 - 000000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2019-10-18 01:40 - 2019-10-23 15:10 - 000000000 ____D C:\Users\h\AppData\LocalLow\IObit
2019-10-18 01:40 - 2019-10-23 15:10 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-10-18 01:40 - 2019-10-18 01:40 - 000002133 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2019-10-18 01:40 - 2019-10-18 01:40 - 000002133 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2019-10-18 01:40 - 2019-10-18 01:40 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled
2019-10-18 01:40 - 2019-10-18 01:40 - 000000000 ____D C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2019-10-18 01:39 - 2019-10-23 15:10 - 000000000 ____D C:\Program Files\IObit
2019-10-18 01:39 - 2019-10-18 01:41 - 000000000 ____D C:\Users\h\AppData\Roaming\IObit
2019-10-18 01:39 - 2019-10-18 01:41 - 000000000 ____D C:\ProgramData\IObit
2019-10-18 00:27 - 2019-10-18 00:27 - 000000000 ___HD C:\$AV_ASW
2019-10-18 00:18 - 2019-10-18 00:18 - 000000000 ____D C:\ProgramData\MB3Install
2019-10-17 23:47 - 2019-10-17 23:47 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2019-10-17 22:25 - 2019-10-17 22:24 - 000305032 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-10-17 22:25 - 2019-10-17 22:24 - 000224008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-10-17 22:25 - 2019-10-17 22:24 - 000176760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-10-17 22:25 - 2019-10-17 22:24 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-10-17 22:25 - 2019-10-17 22:24 - 000145048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-10-17 22:25 - 2019-10-17 22:24 - 000059368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-10-17 22:25 - 2019-10-17 22:24 - 000035512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-10-17 15:15 - 2019-10-17 15:15 - 000000000 ____D C:\Users\h\AppData\Roaming\AVAST Software
2019-10-17 15:15 - 2019-10-17 15:15 - 000000000 ____D C:\Users\h\AppData\Local\CEF
2019-10-17 15:13 - 2019-10-17 22:00 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-10-17 15:13 - 2019-10-17 22:00 - 000002075 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-10-17 15:13 - 2019-10-17 15:16 - 000000000 _____ C:\Windows\system32\last.dump
2019-10-17 15:13 - 2019-10-17 15:13 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-10-17 15:13 - 2019-10-17 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-10-17 15:10 - 2019-10-23 02:00 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-10-17 15:09 - 2019-10-17 22:27 - 000691528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-10-17 15:09 - 2019-10-17 22:27 - 000394856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-10-17 15:09 - 2019-10-17 22:24 - 000277408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-10-17 15:09 - 2019-10-17 22:24 - 000174712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-10-17 15:09 - 2019-10-17 22:24 - 000095168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-10-17 15:09 - 2019-10-17 22:24 - 000073312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-10-17 15:09 - 2019-10-17 22:24 - 000041200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-10-17 15:09 - 2019-10-17 15:09 - 001142072 _____ (Microsoft Corporation) C:\Windows\ucrtbase.dll
2019-10-17 15:09 - 2019-10-17 15:09 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-10-17 05:25 - 2019-10-23 14:52 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-17 05:25 - 2019-10-23 14:52 - 000000965 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-10-17 05:25 - 2019-10-23 14:52 - 000000300 ____H C:\Windows\Tasks\CCleaner Update.job
2019-10-17 05:25 - 2019-10-17 05:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-10-17 05:25 - 2019-10-17 05:25 - 000000000 ____D C:\Program Files\CCleaner
2019-10-17 05:17 - 2019-10-17 05:17 - 000000000 ____D C:\Users\h\AppData\Local\mbamtray
2019-10-17 05:17 - 2019-10-17 05:17 - 000000000 ____D C:\Users\h\AppData\Local\mbam
2019-10-17 05:16 - 2019-10-17 05:16 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-17 04:34 - 2019-10-17 04:36 - 000000000 ____D C:\Windows\Tec

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-23 15:17 - 2012-05-28 00:26 - 001530242 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-23 15:17 - 2009-07-14 05:48 - 000694148 _____ C:\Windows\system32\perfh00A.dat
2019-10-23 15:17 - 2009-07-14 05:48 - 000134242 _____ C:\Windows\system32\perfc00A.dat
2019-10-23 15:17 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\inf
2019-10-23 15:11 - 2009-07-14 01:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-23 14:38 - 2017-06-10 17:11 - 000000000 ____D C:\Users\h\AppData\Local\CrashDumps
2019-10-23 14:28 - 2009-07-14 01:34 - 000016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-23 14:28 - 2009-07-14 01:34 - 000016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-23 01:52 - 2014-05-02 10:09 - 000004314 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{B4301FD8-D7CD-4BBD-83CA-B8630077E807}
2019-10-23 00:24 - 2014-08-18 13:40 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-23 00:24 - 2014-08-18 13:40 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-23 00:24 - 2014-08-18 13:40 - 000002127 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-19 00:45 - 2014-05-03 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2019-10-19 00:45 - 2014-04-28 22:28 - 000000000 ____D C:\Users\h\Desktop\JUEGOS
2019-10-19 00:45 - 2012-05-28 10:08 - 000000000 ____D C:\Windows\Panther
2019-10-18 02:43 - 2009-07-14 01:41 - 000000749 ___RH C:\Windows\WindowsShell.Manifest
2019-10-18 02:43 - 2009-07-13 23:37 - 000000000 __RHD C:\Users\Public\Libraries
2019-10-18 01:34 - 2015-08-22 21:15 - 000000838 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2019-10-18 01:32 - 2015-08-22 21:15 - 000003778 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-10-18 01:32 - 2014-08-18 12:40 - 000003462 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-18 01:32 - 2014-08-18 12:40 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-17 15:12 - 2014-04-28 09:04 - 000000000 ____D C:\Program Files\Google
2019-10-17 15:09 - 2014-04-28 09:02 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-17 05:30 - 2014-08-02 11:23 - 000000000 ____D C:\Windows\Minidump
2019-10-17 05:30 - 2009-07-13 23:37 - 000000000 ____D C:\Windows\ModemLogs

==================== Files in the root of some directories ================

2019-10-18 01:53 - 2019-10-18 01:53 - 000007605 _____ () C:\Users\h\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\system32\dllhost.exe => MD5 is legit

LastRegBack: 2019-10-17 14:39
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-10-2019
Ran by h (23-10-2019 15:27:54)
Running from C:\Users\h\Desktop
Microsoft Windows 7 Ultimate  (X86) (2012-05-28 03:20:50)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4013947432-272596399-2653561696-500 - Administrator - Disabled)
h (S-1-5-21-4013947432-272596399-2653561696-1000 - Administrator - Enabled) => C:\Users\h
Invitado (S-1-5-21-4013947432-272596399-2653561696-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AVG TuneUp (HKLM\...\{949BE04F-D7E8-4C19-9F89-8B304AB4308A}_is1) (Version: 19.1.1209.0 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
Claro Internet (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.70 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Half-Life (HKLM\...\Half-Life_is1) (Version: Half-Life - No Steam - KingSOFT DVD)
Intel Learning Series Device Control Package (HKLM\...\{279984A1-AEE1-4FA7-B4BA-183511014795}) (Version: 2.0.7370.1 - Intel)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Paquete de controladores de Windows - Intel (iaStor) hdc  (02/12/2007 7.0.0.1020) (HKLM\...\67CCAA793684CADDDCD55BAD807632E611CA05D2) (Version: 02/12/2007 7.0.0.1020 - Intel)
Paquete de controladores de Windows - Intel (iaStor) hdc  (05/30/2012 11.2.0.1006) (HKLM\...\472FD0EFAC3E7CA9F93D5E6AB743AB3AF1ABC52E) (Version: 05/30/2012 11.2.0.1006 - Intel)
Paquete de controladores de Windows - Intel (iaStor) hdc  (06/12/2012 11.1.5.1001) (HKLM\...\B12D4B0B96670C460F6B38233641BEBE5D56B3DB) (Version: 06/12/2012 11.1.5.1001 - Intel)
Paquete de controladores de Windows - Intel (iaStor) hdc  (09/29/2007 7.8.0.1012) (HKLM\...\DBA897A029A47F1094A3FCF293E55717E3C047C0) (Version: 09/29/2007 7.8.0.1012 - Intel)
Paquete de controladores de Windows - Intel (iaStor) hdc  (10/12/2005 5.5.0.1035) (HKLM\...\8F944A352FF761F47701A4D21835AE2999DD345B) (Version: 10/12/2005 5.5.0.1035 - Intel)
Paquete de controladores de Windows - Intel (iaStor) hdc  (10/17/2011 10.8.0.1003) (HKLM\...\CA163B53DC0203E242BBDC6756CC5B9B355AB052) (Version: 10/17/2011 10.8.0.1003 - Intel)
Paquete de controladores de Windows - Intel (iaStor) hdc  (11/06/2010 10.1.0.1008) (HKLM\...\40464579C33E2E3592B26878E4B411CE2C6D47E6) (Version: 11/06/2010 10.1.0.1008 - Intel)
Paquete de controladores de Windows - Intel (iusb3hcs) System  (02/22/2013 1.0.8.251) (HKLM\...\912B60D01D8D8EBFA7825A556697DAF99A205069) (Version: 02/22/2013 1.0.8.251 - Intel)
Paquete de controladores de Windows - Intel Corporation (igdkmd32) Display  (03/15/2013 8.14.8.1091) (HKLM\...\03731C76E4647ABC2A218FA225C080668082148A) (Version: 03/15/2013 8.14.8.1091 - Intel Corporation)
Paquete de controladores de Windows - Intel System  (02/25/2013 9.1.9.1003) (HKLM\...\C7BF7E011ABD4219ECF3C79B9EA41E27BE4C1C8C) (Version: 02/25/2013 9.1.9.1003 - Intel)
Paquete de controladores de Windows - Intel System  (02/25/2013 9.1.9.1003) (HKLM\...\D70D4925BDEC7229BEBAFD259EEAE1F187F8CD1F) (Version: 02/25/2013 9.1.9.1003 - Intel)
Paquete de controladores de Windows - Intel System  (02/25/2013 9.2.2.1037) (HKLM\...\8B61EC522B6E71BD5B566918222ADC385F6C574B) (Version: 02/25/2013 9.2.2.1037 - Intel)
Paquete de controladores de Windows - Intel USB  (02/25/2013 9.1.9.1003) (HKLM\...\F82962FDE66BC781E363CBEEA905D2E6364926C4) (Version: 02/25/2013 9.1.9.1003 - Intel)
Paquete de controladores de Windows - Realtek (RSUSBSTOR) USB  (06/14/2013 6.2.9200.30161) (HKLM\...\0A29082773F06E2415E55F45A27934CF878F2C9E) (Version: 06/14/2013 6.2.9200.30161 - Realtek)
Paquete de controladores de Windows - Realtek (RSUSBSTOR) USB  (10/27/2010 6.1.7600.30126) (HKLM\...\B38D84B322FC50F215EC68F14E23D1E2ADCA14D0) (Version: 10/27/2010 6.1.7600.30126 - Realtek)
Paquete de controladores de Windows - Realtek (RTL8167) Net  (04/10/2013 7.072.0410.2013) (HKLM\...\73C528FC1F7502091586CF38C76527350DDA339A) (Version: 04/10/2013 7.072.0410.2013 - Realtek)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTL8192Ce) Net  (08/21/2011 2002.0.0821.2011) (HKLM\...\2BE031E6941229B2776BF95BDFA6F7D897BD3DCC) (Version: 08/21/2011 2002.0.0821.2011 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTL8192Ce) Net  (09/13/2012 1005.43.0913.2012) (HKLM\...\9EE37A584E35CFA68BD90E7C0685FEB71952A8C6) (Version: 09/13/2012 1005.43.0913.2012 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTL8192Ce) Net  (09/13/2012 1005.43.0913.2012) (HKLM\...\EF80CD36C0E6CDF8AA1F7020FBB1D32C9F30D40A) (Version: 09/13/2012 1005.43.0913.2012 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net  (05/15/2012 5.812.0515.2013) (HKLM\...\0C671B44A6009CE97071587C40FD7BAD5233C168) (Version: 05/15/2012 5.812.0515.2013 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net  (05/15/2013 5.812.0515.2013) (HKLM\...\EC4B10BDF71AF33A209CA37AA5A15212428F01F7) (Version: 05/15/2013 5.812.0515.2013 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTLE8023xp) Net  (12/18/2012 5.810.1218.2012) (HKLM\...\BF1335B08853A8EA04FCBBEE84A00874218F4DD6) (Version: 12/18/2012 5.810.1218.2012 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTWlanE) Net  (06/07/2013 2010.2.0530.2013) (HKLM\...\9FEA2576C7E0DFEACD98CEB7EB377946F5109476) (Version: 06/07/2013 2010.2.0530.2013 - Realtek Semiconductor Corp.)
Paquete de controladores de Windows - Realtek Semiconductor Corp. (RTWlanE) Net  (06/07/2013 2010.2.0530.2013) (HKLM\...\B5F706EED58654E71F9AD5028B7E5C35BE170428) (Version: 06/07/2013 2010.2.0530.2013 - Realtek Semiconductor Corp.)
Plantas vs Zombies (HKLM\...\{D1B61678-44C8-4C93-9A7E-3C0543F8A386}) (Version:  - )
ProgDVB (HKLM\...\ProgDVB) (Version: 7.x - Prog)
Samsung Kies (HKLM\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_10 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_10 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
UltraISO Premium V9.52 (HKLM\...\UltraISO_is1) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files\UltraISO\isoshell.dll [2009-04-01] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files\UltraISO\isoshell.dll [2009-04-01] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-03-20] (Intel Corporation) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files\UltraISO\isoshell.dll [2009-04-01] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2009-12-12] () [File not signed]

==================== Codecs (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) ==============

2012-05-28 00:25 - 2009-12-12 01:12 - 000141824 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2012-05-28 00:32 - 2013-03-20 11:11 - 000094720 _____ (Intel Corporation) [File not signed] C:\Windows\system32\hccutils.DLL
2012-05-28 00:33 - 2013-03-20 11:11 - 000200704 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxpph.dll
2012-05-28 00:34 - 2013-03-20 11:11 - 000284672 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxrESN.lrc
2012-05-28 00:33 - 2013-03-20 11:11 - 000056832 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxsrvc.dll
2009-07-13 20:47 - 2009-07-13 22:16 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
2009-07-13 20:43 - 2009-07-13 22:15 - 000162304 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Internet Explorer\ieproxy.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000082944 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sbdrop.dll
2009-07-13 21:10 - 2009-07-13 22:15 - 000020992 _____ (Microsoft Corporation) [File not signed] C:\Windows\ehome\ehSSO.dll
2009-07-13 20:26 - 2009-07-13 22:14 - 000045568 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\acppage.dll
2009-07-13 20:40 - 2009-07-13 22:14 - 000744448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Actioncenter.dll
2009-07-13 21:20 - 2009-07-13 22:14 - 000309248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\actxprxy.dll
2009-07-13 20:38 - 2009-07-13 22:14 - 000202752 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\adsldpc.dll
2009-07-13 21:20 - 2009-07-13 22:14 - 000640000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ADVAPI32.dll
2009-07-13 20:39 - 2009-07-13 22:14 - 000046592 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\AltTab.dll
2009-07-13 20:14 - 2009-07-13 22:14 - 000292352 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\apphelp.dll
2009-07-13 20:38 - 2009-07-13 22:14 - 000149504 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\appmgmts.dll
2009-07-13 21:14 - 2009-07-13 22:14 - 000070144 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\ATL.DLL
2009-07-13 20:42 - 2009-07-13 22:14 - 001792000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\authui.dll
2009-07-13 20:34 - 2009-07-13 22:14 - 000098816 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\AUTHZ.dll
2009-07-13 20:11 - 2009-07-13 22:14 - 000044032 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\basesrv.DLL
2009-07-13 20:41 - 2009-07-13 22:14 - 000739840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\BatMeter.dll
2009-07-13 20:32 - 2009-07-13 22:14 - 000080384 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\bcrypt.dll
2009-07-13 20:40 - 2009-07-13 22:14 - 000692736 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\bthprops.cpl
2009-07-13 20:12 - 2009-07-13 22:15 - 000072704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Cabinet.dll
2009-07-13 20:16 - 2009-07-13 22:15 - 000145920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CFGMGR32.dll
2009-07-13 20:44 - 2009-07-13 22:15 - 000522240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CLBCatQ.DLL
2009-07-13 20:32 - 2009-07-13 22:15 - 000012288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cngaudit.dll
2009-07-13 20:39 - 2009-07-13 22:15 - 000486912 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\COMDLG32.dll
2009-07-13 20:34 - 2009-07-13 22:15 - 000016896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\credssp.dll
2009-07-13 20:34 - 2009-07-13 22:15 - 001151488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPT32.dll
2009-07-13 20:12 - 2009-07-13 22:15 - 000036864 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTBASE.dll
2009-07-13 20:32 - 2009-07-13 22:15 - 000058880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cryptdll.dll
2009-07-13 20:32 - 2009-07-13 22:15 - 000103424 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\cryptnet.dll
2009-07-13 20:37 - 2009-07-13 22:15 - 000078848 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTSP.dll
2009-07-13 20:33 - 2009-07-13 22:15 - 000135680 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\cryptsvc.dll
2009-07-13 20:33 - 2009-07-13 22:15 - 001003520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CRYPTUI.dll
2009-07-13 20:14 - 2009-07-13 22:15 - 000034816 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CSCAPI.dll
2009-07-13 20:14 - 2009-07-13 22:15 - 000023040 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\CSCDLL.dll
2009-07-13 20:39 - 2009-07-13 22:15 - 000418816 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\cscui.dll
2009-07-13 20:11 - 2009-07-13 22:15 - 000038912 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\CSRSRV.dll
2009-07-13 20:16 - 2009-07-13 22:15 - 000064512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DEVOBJ.dll
2009-07-13 20:16 - 2009-07-13 22:15 - 000044544 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\DEVRTL.dll
2009-07-13 20:12 - 2009-07-13 22:15 - 000269824 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DNSAPI.dll
2009-07-13 20:33 - 2009-07-13 22:15 - 000022016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dsrole.dll
2009-07-13 20:28 - 2009-07-13 22:15 - 000717824 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DUI70.dll
2009-07-13 20:26 - 2009-07-13 22:15 - 000181248 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\DUser.dll
2009-07-13 20:24 - 2009-07-13 22:15 - 000067072 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dwmapi.dll
2009-07-13 21:06 - 2009-07-13 22:15 - 000399872 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\dxp.dll
2009-07-13 20:33 - 2009-07-13 22:15 - 000040448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\efslsaext.dll
2009-07-13 20:45 - 2009-07-13 22:15 - 000128512 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EhStorAPI.dll
2009-07-13 20:45 - 2009-07-13 22:15 - 000189952 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EhStorShell.dll
2009-07-13 20:44 - 2009-07-13 22:15 - 000271360 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\es.dll
2009-07-13 20:33 - 2009-07-13 22:15 - 001684992 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ESENT.dll
2009-07-13 20:44 - 2009-07-13 22:15 - 001495040 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\EXPLORERFRAME.dll
2009-07-13 20:31 - 2009-07-13 22:15 - 000206336 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\framedynos.dll
2009-07-13 21:15 - 2009-07-13 22:15 - 000227328 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FXSAPI.dll
2009-07-13 21:15 - 2009-07-13 22:05 - 000925184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\FXSRESM.DLL
2009-07-13 21:14 - 2009-07-13 22:15 - 000848384 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\fxsst.dll
2009-07-13 20:41 - 2009-07-13 22:15 - 002576384 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\gameux.dll
2009-07-13 20:26 - 2009-07-13 22:15 - 000304640 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\GDI32.dll
2009-07-13 20:38 - 2009-07-13 22:15 - 000079872 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\GPAPI.dll
2009-07-13 20:40 - 2009-07-13 22:15 - 000026112 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\hcproviders.dll
2009-07-13 21:12 - 2009-07-13 22:15 - 000055808 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\HelpPaneProxy.dll
2009-07-13 20:41 - 2009-07-13 22:15 - 000312320 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\hgcpl.dll
2009-07-13 20:51 - 2009-07-13 22:15 - 000022016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\HID.DLL
2009-07-13 20:25 - 2009-07-13 22:15 - 000009728 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IconCodecService.dll
2009-07-13 20:49 - 2009-07-13 22:15 - 010973696 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\ieframe.dll
2009-07-13 20:44 - 2009-07-13 22:15 - 002058240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\iertutil.dll
2009-07-13 20:57 - 2009-07-13 22:15 - 000154624 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\imagehlp.dll
2009-07-13 20:45 - 2009-07-13 22:15 - 000392704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\imapi2.dll
2009-07-13 20:25 - 2009-07-13 22:15 - 000118272 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IMM32.DLL
2009-07-13 20:12 - 2009-07-13 22:15 - 000103936 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\IPHLPAPI.DLL
2009-07-13 20:35 - 2009-07-13 22:15 - 000541184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\kerberos.DLL
2009-07-13 20:16 - 2009-07-13 22:15 - 000857088 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\kernel32.dll
2009-07-13 20:12 - 2009-07-13 22:15 - 000288256 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\KERNELBASE.dll
2009-07-13 20:32 - 2009-07-13 22:15 - 000019456 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\keyiso.dll
2009-07-13 20:39 - 2009-07-13 22:15 - 000022016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LINKINFO.dll
2009-07-13 20:37 - 2009-07-13 22:15 - 000127488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\logoncli.dll
2009-07-13 20:25 - 2009-07-13 22:15 - 000026624 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\LPK.dll
2009-07-13 20:36 - 2009-07-13 22:15 - 001037312 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\lsasrv.dll
2009-07-13 20:40 - 2009-07-13 22:15 - 000177664 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MLANG.dll
2009-07-13 21:03 - 2009-07-13 22:15 - 000213504 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\MMDevApi.dll
2009-07-13 20:55 - 2009-07-13 22:15 - 000064000 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MPR.dll
2009-07-13 20:32 - 2009-07-13 22:15 - 000033280 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSASN1.dll
2009-07-13 20:28 - 2009-07-13 22:15 - 000828928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSCTF.dll
2009-07-13 20:26 - 2009-07-13 22:15 - 000019968 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MsCtfMonitor.DLL
2009-07-13 20:27 - 2009-07-13 22:15 - 000592384 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MsftEdit.dll
2009-07-13 20:32 - 2009-07-13 22:15 - 002340864 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msi.dll
2009-07-13 20:26 - 2009-07-13 22:15 - 000157184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msls31.dll
2009-07-13 20:33 - 2009-07-13 22:07 - 000002048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msprivs.DLL
2009-07-13 20:30 - 2009-07-13 22:15 - 000209920 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mstask.dll
2009-07-13 20:26 - 2009-07-13 22:15 - 000167936 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msutb.dll
2009-07-13 20:34 - 2009-07-13 22:15 - 000257024 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msv1_0.DLL
2009-07-13 20:12 - 2009-07-13 22:15 - 000690688 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\msvcrt.dll
2009-07-13 20:12 - 2009-07-13 22:15 - 000232448 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\mswsock.dll
2009-07-13 21:22 - 2009-07-13 22:15 - 001386496 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\msxml6.dll
2009-07-13 21:14 - 2009-07-13 22:16 - 000801280 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NaturalLanguage6.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000049152 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NCObjAPI.DLL
2009-07-13 20:33 - 2009-07-13 22:16 - 000219136 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ncrypt.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000093696 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\negoexts.DLL
2009-07-13 20:37 - 2009-07-13 22:16 - 000161792 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netjoin.dll
2009-07-13 20:38 - 2009-07-13 22:16 - 000563712 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netlogon.DLL
2009-07-13 20:56 - 2009-07-13 22:16 - 000360448 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\netprofm.dll
2009-07-13 20:53 - 2009-07-13 22:16 - 002494464 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\netshell.dll
2009-07-13 20:37 - 2009-07-13 22:16 - 000022016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\netutils.dll
2009-07-13 20:53 - 2009-07-13 22:16 - 001661440 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NetworkExplorer.dll
2009-07-13 20:53 - 2009-07-13 22:16 - 000051712 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\nlaapi.dll
2009-07-13 21:13 - 2009-07-13 22:16 - 010240512 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSData000a.dll
2009-07-13 21:13 - 2009-07-13 22:08 - 009892864 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\NLSLexicons000a.dll
2009-07-13 20:15 - 2009-07-13 22:09 - 000002048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Normaliz.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000008704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NSI.dll
2009-07-13 20:38 - 2009-07-13 22:16 - 000090112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\NTDSAPI.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000121856 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ntmarta.dll
2009-07-13 20:41 - 2009-07-13 22:16 - 000442880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ntshrui.dll
2009-07-13 20:45 - 2009-07-13 22:16 - 001412608 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\ole32.dll
2009-07-13 20:26 - 2009-07-13 22:16 - 000233472 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\OLEACC.dll
2009-07-13 20:44 - 2009-07-13 22:16 - 000571904 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\OLEAUT32.dll
2009-07-13 20:11 - 2009-07-13 22:16 - 000033280 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pcwum.dll
2009-07-13 20:19 - 2009-07-13 22:16 - 000236544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pdh.dll
2009-07-13 21:10 - 2009-07-13 22:16 - 000316928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PhotoMetadataHandler.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000186880 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\pku2u.DLL
2009-07-13 20:52 - 2009-07-13 22:16 - 001750528 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\pnidui.dll
2009-07-13 21:07 - 2009-07-13 22:16 - 000547328 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PortableDeviceApi.dll
2009-07-13 21:06 - 2009-07-13 22:16 - 000159744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PortableDeviceTypes.dll
2009-07-13 20:16 - 2009-07-13 22:16 - 000145408 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\POWRPROF.dll
2009-07-13 21:19 - 2009-07-13 22:16 - 000395264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\prnfldr.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000031744 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\profapi.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000162816 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\profsvc.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000988160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PROPSYS.dll
2009-07-13 20:39 - 2009-07-13 22:16 - 000165376 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\provsvc.dll
2009-07-13 20:15 - 2009-07-13 22:16 - 000006144 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\PSAPI.DLL
2009-07-13 20:52 - 2009-07-13 22:16 - 000171008 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\QAgent.dll
2009-07-13 20:52 - 2009-07-13 22:16 - 000080896 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\QUtil.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000043520 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcepmap.dll
2009-07-13 20:13 - 2009-07-13 22:16 - 000652288 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RPCRT4.dll
2009-07-13 20:43 - 2009-07-13 22:16 - 000045568 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\RpcRtRemote.dll
2009-07-13 20:45 - 2009-07-13 22:16 - 000376320 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\rpcss.dll
2009-07-13 20:37 - 2009-07-13 22:16 - 000050688 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\samcli.dll
2009-07-13 20:37 - 2009-07-13 22:16 - 000060928 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SAMLIB.dll
2009-07-13 20:38 - 2009-07-13 22:16 - 000550912 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SAMSRV.dll
2009-07-13 20:33 - 2009-07-13 22:16 - 000175616 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scecli.DLL
2009-07-13 20:33 - 2009-07-13 22:16 - 000307712 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SCESRV.dll
2009-07-13 20:19 - 2009-07-13 22:16 - 000051200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scext.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000220160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\schannel.DLL
2009-07-13 20:42 - 2009-07-13 22:16 - 000173568 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scrobj.dll
2009-07-13 20:42 - 2009-07-13 22:16 - 000163840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\scrrun.dll
2009-07-13 20:43 - 2009-07-13 22:16 - 000643072 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SearchFolder.dll
2009-07-13 20:11 - 2009-07-13 22:16 - 000092160 _____ (Microsoft Corporation) [File not signed] C:\Windows\SYSTEM32\sechost.dll
2009-07-13 20:33 - 2009-07-13 22:16 - 000022016 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Secur32.dll
2009-07-13 20:21 - 2009-07-13 22:16 - 000010752 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SensApi.dll
2009-07-13 20:16 - 2009-07-13 22:16 - 001668608 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SETUPAPI.dll
2009-07-13 20:15 - 2009-07-13 22:10 - 000002560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sfc.dll
2009-07-13 20:15 - 2009-07-13 22:16 - 000040960 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sfc_os.DLL
2009-07-13 20:39 - 2009-07-13 22:16 - 000108032 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\shacct.dll
2009-07-13 20:39 - 2009-07-13 22:16 - 000179712 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\shdocvw.dll
2009-07-13 20:47 - 2009-07-13 22:16 - 012866560 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SHELL32.dll
2009-07-13 20:39 - 2009-07-13 22:16 - 000350208 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SHLWAPI.dll
2009-07-13 20:35 - 2009-07-13 22:16 - 000027136 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\slc.dll
2009-07-13 21:04 - 2009-07-13 22:16 - 000220160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SndVolSSO.DLL
2009-07-13 20:16 - 2009-07-13 22:16 - 000075776 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\SPINF.dll
2009-07-13 20:41 - 2009-07-13 22:16 - 000301568 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\srchadmin.dll
2009-07-13 20:37 - 2009-07-13 22:16 - 000090112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\srvcli.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000099840 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SspiCli.dll
2009-07-13 20:11 - 2009-07-13 22:16 - 000015360 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SspiSrv.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000227328 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\stobject.dll
2009-07-13 21:12 - 2009-07-13 22:16 - 000363520 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\StructuredQuery.dll
2009-07-13 20:16 - 2009-07-13 22:16 - 000380416 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sxs.dll
2009-07-13 20:15 - 2009-07-13 22:16 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\sxssrv.DLL
2009-07-13 20:40 - 2009-07-13 22:16 - 002146304 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\SyncCenter.dll
2009-07-13 20:39 - 2009-07-13 22:16 - 000078336 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SYNCENG.dll
2009-07-13 21:07 - 2009-07-13 22:16 - 000055296 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Syncreg.dll
2009-07-13 20:39 - 2009-07-13 22:16 - 000158720 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\syncui.dll
2009-07-13 20:36 - 2009-07-13 22:16 - 000016896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\SYSNTFY.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000496128 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\taskschd.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000082944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\thumbcache.dll
2009-07-13 20:40 - 2009-07-13 22:14 - 000478208 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\timedate.cpl
2009-07-13 20:34 - 2009-07-13 22:16 - 000065024 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\tspkg.DLL
2009-07-13 20:39 - 2009-07-13 22:16 - 000146432 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\twext.dll
2009-07-13 20:19 - 2009-07-13 22:16 - 000170496 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UBPM.dll
2009-07-13 20:28 - 2009-07-13 22:16 - 000099328 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\UIAnimation.dll
2009-07-13 20:16 - 2009-07-13 22:16 - 000294400 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpnpmgr.dll
2009-07-13 20:16 - 2009-07-13 22:16 - 000119808 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\umpo.dll
2009-07-13 20:47 - 2009-07-13 22:16 - 001224704 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\urlmon.dll
2009-07-13 20:24 - 2009-07-13 22:16 - 000811520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USER32.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000079360 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USERENV.dll
2009-07-13 20:25 - 2009-07-13 22:16 - 000627200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\USP10.dll
2009-07-13 20:38 - 2009-07-13 22:16 - 000020992 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UXINIT.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000249856 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UxTheme.dll
2009-07-13 20:41 - 2009-07-13 22:16 - 000021504 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\VERSION.dll
2009-07-13 20:24 - 2009-07-13 22:16 - 001123328 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VSSAPI.DLL
2009-07-13 20:23 - 2009-07-13 22:16 - 000056320 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\VssTrace.DLL
2009-07-13 20:30 - 2009-07-13 22:15 - 000266240 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\esscli.dll
2009-07-13 20:31 - 2009-07-13 22:15 - 000605696 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\FastProx.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000056832 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\ncprov.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000300544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\repdrvfs.dll
2009-07-13 20:31 - 2009-07-13 22:16 - 000776192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemcore.dll
2009-07-13 20:31 - 2009-07-13 22:16 - 000187392 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemdisp.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000342528 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemess.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000029184 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemprox.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000047616 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wbemsvc.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000131072 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmidcprv.dll
2009-07-13 20:19 - 2009-07-13 22:16 - 000090112 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\WmiPerfClass.dll
2009-07-13 20:31 - 2009-07-13 22:16 - 000515584 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmiprvsd.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000168960 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wbem\wmisvc.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000085504 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbem\wmiutils.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000362496 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wbemcomn.dll
2009-07-13 20:34 - 2009-07-13 22:16 - 000171520 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wdigest.DLL
2009-07-13 20:27 - 2009-07-13 22:16 - 000377856 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wer.dll
2009-07-13 20:27 - 2009-07-13 22:16 - 001063936 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\werconcpl.dll
2009-07-13 20:27 - 2009-07-13 22:16 - 000061440 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wercplsupport.dll
2009-07-13 20:30 - 2009-07-13 22:16 - 000262144 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wevtapi.dll
2009-07-13 20:33 - 2009-07-13 22:16 - 001086464 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wevtsvc.dll
2009-07-13 20:18 - 2009-07-13 22:16 - 000012800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINBRAND.dll
2009-07-13 20:29 - 2009-07-13 22:16 - 001011200 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WindowsCodecs.dll
2009-07-13 20:47 - 2009-07-13 22:16 - 000977920 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WININET.dll
2009-07-13 21:03 - 2009-07-13 22:16 - 000194048 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINMM.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000016896 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINNSI.DLL
2009-07-13 21:18 - 2009-07-13 22:14 - 000319488 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINSPOOL.DRV
2009-07-13 20:25 - 2009-07-13 22:16 - 000169472 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\winsrv.DLL
2009-07-13 21:02 - 2009-07-13 22:16 - 000156160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINSTA.dll
2009-07-13 20:32 - 2009-07-13 22:16 - 000172544 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WINTRUST.dll
2009-07-13 20:37 - 2009-07-13 22:16 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wkscli.dll
2009-07-13 20:51 - 2009-07-13 22:16 - 000081408 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\Wlanapi.dll
2009-07-13 20:51 - 2009-07-13 22:16 - 000008192 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wlanutil.dll
2009-07-13 20:38 - 2009-07-13 22:16 - 000268800 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WLDAP32.dll
2009-07-13 20:36 - 2009-07-13 22:16 - 000011264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WMsgAPI.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000308736 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\Wpc.dll
2009-07-13 21:07 - 2009-07-13 22:16 - 000105984 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wpdshserviceobj.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000206336 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WS2_32.dll
2009-07-13 20:31 - 2009-07-13 22:16 - 000048128 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\WSCAPI.dll
2009-07-13 20:31 - 2009-07-13 22:16 - 000095744 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wscinterop.dll
2009-07-13 20:31 - 2009-07-13 22:14 - 001140736 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wscui.cpl
2009-07-13 20:12 - 2009-07-13 22:16 - 000010752 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wship6.dll
2009-07-13 20:12 - 2009-07-13 22:16 - 000009216 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\wshtcpip.dll
2009-07-13 20:55 - 2009-07-13 22:16 - 000015360 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WSOCK32.dll
2009-07-13 21:02 - 2009-07-13 22:16 - 000039936 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\WTSAPI32.dll
2009-07-13 20:50 - 2009-07-13 22:16 - 000162304 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\WUDFPlatform.dll
2009-07-13 20:50 - 2009-07-13 22:16 - 000064512 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wudfsvc.dll
2009-07-13 20:56 - 2009-07-13 22:16 - 000284672 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wwanapi.dll
2009-07-13 20:56 - 2009-07-13 22:16 - 000027648 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\wwapi.dll
2009-07-13 21:20 - 2009-07-13 22:16 - 000180224 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\XmlLite.dll
2009-07-13 20:40 - 2009-07-13 22:16 - 000327680 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\zipfldr.dll
2009-07-13 20:40 - 2009-07-13 22:03 - 001680896 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
2009-07-13 20:26 - 2009-07-13 22:03 - 001624576 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice => 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice => 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice => 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice => 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => 
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => 
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => 
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice => 
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice => 

==================== Internet Explorer trusted/restricted ===============

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:04 - 2019-10-18 01:58 - 000002526 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 serius.mwbsys.com
0.0.0.0 keystone.mwbsys.com
127.0.0.1       www.asc55.iobit.com 
127.0.0.1       idb.iobit.com 
127.0.0.1       asc55.iobit.com 
127.0.0.1       is360.iobit.com 
127.0.0.1       asc.iobit.com 
127.0.0.1       pf.iobit.com 
127.0.0.1       98.129.229.186 
127.0.0.1       www.iana.org 
127.0.0.1       iana.org 
127.0.0.1       idb.iobit.com 
127.0.0.1       asc55.iobit.com 
127.0.0.1       is360.iobit.com 
127.0.0.1       asc.iobit.com 
127.0.0.1       pf.iobit.com 
127.0.0.1       98.129.229.186 
127.0.0.1       www.iana.org 
127.0.0.1       iana.org 
127.0.0.1       www.asc55.iobit.com 
127.0.0.1       idb.iobit.com 
127.0.0.1       asc55.iobit.com 
127.0.0.1       is360.iobit.com 
127.0.0.1       asc.iobit.com 
127.0.0.1       pf.iobit.com 
127.0.0.1       98.129.229.186 
127.0.0.1       www.iana.org 
127.0.0.1       iana.org 
127.0.0.1       idb.iobit.com 
127.0.0.1       asc55.iobit.com 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\h\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: ProgLauncher => C:\Program Files\ProgDVB\ProgLauncher.exe
MSCONFIG\startupreg: UIExec => "C:\Program Files\Claro Internet\UIExec.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{27D8DF9A-F69C-4DDA-B022-C0FBB2E3247E}D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe] => (Allow) D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe (Groove Games/Brainbox Games) [File not signed]
FirewallRules: [UDP Query User{D9F95D27-69A4-484C-83B8-E7238DC80A64}D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe] => (Allow) D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe (Groove Games/Brainbox Games) [File not signed]
FirewallRules: [TCP Query User{F91784CC-8C57-41CE-89F2-2EA1C42E1227}D:\juegos\carpetas de juegos\kapitalsin\joey the passion\joey_pc.exe] => (Block) D:\juegos\carpetas de juegos\kapitalsin\joey the passion\joey_pc.exe () [File not signed]
FirewallRules: [UDP Query User{2F89071F-0E16-405C-A8EC-17FF1313576A}D:\juegos\carpetas de juegos\kapitalsin\joey the passion\joey_pc.exe] => (Block) D:\juegos\carpetas de juegos\kapitalsin\joey the passion\joey_pc.exe () [File not signed]
FirewallRules: [TCP Query User{3B8EFF8E-8CD6-4231-BC98-20F73A6E7DFB}C:\windows\system32\dpnsvr.exe] => (Allow) C:\windows\system32\dpnsvr.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{EC8E73BC-4587-49C1-B40E-200AE5870C31}C:\windows\system32\dpnsvr.exe] => (Allow) C:\windows\system32\dpnsvr.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{D35E5488-CC84-4C58-A171-6367ECB4BA75}D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe] => (Allow) D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe (Groove Games/Brainbox Games) [File not signed]
FirewallRules: [UDP Query User{E45D959B-93F0-4314-95A2-2B5009FF4771}D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe] => (Allow) D:\juegos\carpetas de juegos\land of the dead\system\lotd.exe (Groove Games/Brainbox Games) [File not signed]
FirewallRules: [TCP Query User{510EF51A-CB75-4391-9E7A-154EC212543F}D:\counter-strike\hl.exe] => (Allow) D:\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{11A0848F-BC10-4915-89BB-5024205847ED}D:\counter-strike\hl.exe] => (Allow) D:\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{D6D9337A-15FB-496F-BCBC-43F57316D1EE}D:\counter-strike\hl.exe] => (Allow) D:\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{2C2AF3E3-14CE-4CAC-9B77-F317D059C8D9}D:\counter-strike\hl.exe] => (Allow) D:\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{1B5F05D5-0F70-4DC0-91B7-D3ADFB6E2B6E}F:\juegos\instaladores\half-life\hl.exe] => (Allow) F:\juegos\instaladores\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{86EFE946-68B9-47B7-93E5-D04C84910398}F:\juegos\instaladores\half-life\hl.exe] => (Allow) F:\juegos\instaladores\half-life\hl.exe (Valve) [File not signed]
FirewallRules: [{1694396D-0D6F-4CBB-9229-F2BB12C13141}] => (Allow) C:\Windows\System32\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{952A0004-B7C1-435F-BC58-42E5E0FBFBAB}] => (Allow) C:\Windows\System32\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{079E8E1F-1A9A-44B2-B04F-9F57ED5763EA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{5E477155-8C40-41AB-84DD-4A263F081D00}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{4626E6DD-7A41-4ACE-8088-CE05ABECFA40}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-10-2019 23:46:55 A prueba

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.

Error: (10/23/2019 03:29:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Los Servicios de cifrado no pudieron inicializar la base de datos del catálogo. El error ESENT era: -583.


System errors:
=============
Error: (10/23/2019 03:25:18 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (10/23/2019 03:14:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Servicio de lista de redes depende del servicio Reconocimiento de ubicación de red, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


==================== Memory info =========================== 

BIOS: Phoenix Technologies Ltd. SPCDV10L.91A.0045.2013.0315.1522 03/15/2013
Motherboard: Intel Corporation Intel powered classmate PC
Processor: Intel(R) Atom(TM) CPU N2600 @ 1.60GHz
Percentage of memory in use: 18%
Total physical RAM: 2031.17 MB
Available physical RAM: 1652.82 MB
Total Virtual: 4062.34 MB
Available Virtual: 3715.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:79.91 GB) (Free:11.57 GB) NTFS
Drive d: (MY CARPETA) (Fixed) (Total:194.85 GB) (Free:6.25 GB) FAT32
Drive f: (JUAN) (Fixed) (Total:21 GB) (Free:2.29 GB) NTFS

\\?\Volume{df3c6b37-a8e7-11e1-8c45-806e6f6e6963}\ (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 1B41A361)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=79.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=215.9 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe(en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2013-03-20] () [File not signed]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26112 2009-07-13] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2613248 2009-07-13] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\...\MountPoints2: {d4bf4fd4-cf7d-11e3-b888-2cd05af6a584} - E:\AutoRun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-23] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {207BD25D-E89F-44A7-AD4F-A121F81C18BA} - System32\Tasks\{5EE9EBF5-2C21-4AEC-801D-08BE84CEDA09} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -c -runfromtemp -l0x000a -removeonly
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\h\Desktop\adwcleaner_7.4.2.exe
SearchScopes: HKU\S-1-5-21-4013947432-272596399-2653561696-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-17] (Google Inc -> Google LLC)
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [62976 2011-03-06] (Siano) [File not signed]
2019-10-23 15:10 - 2019-10-23 15:10 - 000000276 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-10-18 01:40 - 2019-10-23 15:10 - 000000000 ____D C:\Users\h\AppData\LocalLow\IObit
2019-10-18 01:40 - 2019-10-23 15:10 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-10-18 01:40 - 2019-10-18 01:40 - 000002133 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2019-10-18 01:40 - 2019-10-18 01:40 - 000002133 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2019-10-18 01:39 - 2019-10-23 15:10 - 000000000 ____D C:\Program Files\IObit
2019-10-18 01:39 - 2019-10-18 01:41 - 000000000 ____D C:\Users\h\AppData\Roaming\IObit
2019-10-18 01:39 - 2019-10-18 01:41 - 000000000 ____D C:\ProgramData\IObit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el Modo Seguro – con funciones de Red, de Windows

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

• Presionar el botón FIX y aguardar a que termine.

• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Gracias por su tiempo, ahora paso los informes.

Delfix.txt

# DelFix v1.013 - Logfile created 23/10/2019 at 22:16:26
# Updated 17/04/2016 by Xplode
# Username : h - H-PC
# Operating System : Windows 7 Ultimate  (32 bits)

~ Creating registry backup ... OK

########## - EOF - ##########

Reporte Fixlog

Fix result of Farbar Recovery Scan Tool (x86) Version: 23-10-2019
Ran by h (23-10-2019 22:24:55) Run:1
Running from C:\Users\h\Desktop
Loaded Profiles: h (Available Profiles: h)
Boot Mode: Safe Mode (with Networking)

==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice =>
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice =>
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2013-03-20] () [File not signed]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26112 2009-07-13] (Microsoft Corporation) [File not signed]
HKLM\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2613248 2009-07-13] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\...\MountPoints2: {d4bf4fd4-cf7d-11e3-b888-2cd05af6a584} - E:\AutoRun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-23] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {207BD25D-E89F-44A7-AD4F-A121F81C18BA} - System32\Tasks\{5EE9EBF5-2C21-4AEC-801D-08BE84CEDA09} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\InstallShield Installation Information\{7E19B002-4CA3-4C9F-BA92-91D101B97219}\setup.exe" -c -runfromtemp -l0x000a -removeonly
Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\h\Desktop\adwcleaner_7.4.2.exe
SearchScopes: HKU\S-1-5-21-4013947432-272596399-2653561696-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-17] (Google Inc -> Google LLC)
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [62976 2011-03-06] (Siano) [File not signed]
2019-10-23 15:10 - 2019-10-23 15:10 - 000000276 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job
2019-10-18 01:40 - 2019-10-23 15:10 - 000000000 ____D C:\Users\h\AppData\LocalLow\IObit
2019-10-18 01:40 - 2019-10-23 15:10 - 000000000 ____D C:\Program Files\Common Files\IObit
2019-10-18 01:40 - 2019-10-18 01:40 - 000002133 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2019-10-18 01:40 - 2019-10-18 01:40 - 000002133 _____ C:\ProgramData\Desktop\IObit Uninstaller.lnk
2019-10-18 01:39 - 2019-10-23 15:10 - 000000000 ____D C:\Program Files\IObit
2019-10-18 01:39 - 2019-10-18 01:41 - 000000000 ____D C:\Users\h\AppData\Roaming\IObit
2019-10-18 01:39 - 2019-10-18 01:41 - 000000000 ____D C:\ProgramData\IObit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice" => not found
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice" => not found
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice" => not found
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice" => not found
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice" => not found
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice" => not found
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice" => not found
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice" => not found
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice" => not found
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice => not found
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => not found
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bat\UserChoice => not found
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cmd\UserChoice => not found
"HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com\UserChoice" => not found
"HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scr\UserChoice" => not found
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\UserChoice => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GfxServiceInstall" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => value restored successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value restored successfully
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4bf4fd4-cf7d-11e3-b888-2cd05af6a584} => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{207BD25D-E89F-44A7-AD4F-A121F81C18BA}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{207BD25D-E89F-44A7-AD4F-A121F81C18BA}" => removed successfully.
C:\Windows\System32\Tasks\{5EE9EBF5-2C21-4AEC-801D-08BE84CEDA09} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5EE9EBF5-2C21-4AEC-801D-08BE84CEDA09}" => removed successfully.
C:\Windows\Tasks\AdwCleaner_onReboot.job => moved successfully
"HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.301\npGoogleUpdate3.dll [2019-10-17] (Google Inc" => not found
C:\Program Files\Google\Update\1.3.35.301\npGoogleUpdate3.dll => moved successfully
HKLM\System\CurrentControlSet\Services\smsbda => removed successfully.
smsbda => service removed successfully.
"C:\Windows\Tasks\AdwCleaner_onReboot.job" => not found
C:\Users\h\AppData\LocalLow\IObit => moved successfully
C:\Program Files\Common Files\IObit => moved successfully
C:\Users\Public\Desktop\IObit Uninstaller.lnk => moved successfully
"C:\ProgramData\Desktop\IObit Uninstaller.lnk" => not found
C:\Program Files\IObit => moved successfully
C:\Users\h\AppData\Roaming\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
HKU\S-1-5-19\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
HKU\S-1-5-20\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.
"HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully.
"HKU\S-1-5-21-4013947432-272596399-2653561696-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully.


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::7c76:9bb9:46aa:d045%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.43.122
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.43.1

Adaptador de Ethernet Conexi¢n de  rea local:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Reusable ISATAP Interface {482DDDCF-5FD4-41AB-B5FD-9EEF0C2C5B86}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{3FD03F9C-9883-4370-9751-08709E8886BF}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6656754 B
Java, Flash, Steam htmlcache => 601 B
Windows/system/drivers => 2055662 B
Edge => 0 B
Chrome => 11008780 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66459 B
LocalService => 198770 B
NetworkService => 264998 B
h => 5832951 B

RecycleBin => 0 B
EmptyTemp: => 32.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:25:12 ====

Voy a inicio - accesorios - y me aparece este cartel. Hago click en reiniciar programa y se normaliza el escritorio.

imagen link html

Despues de un tiempo de uso me aparece este cartel y se reinicia la portatil.

Y las demas ventanas que puse en el primer mensaje de este post.

Hola.

Tienes el sistema operativo muy dañado.

Una pregunta/consulta…tienes instalado Windows 7, en su version Ultimate, este sistema operativo es el original que tenía esa maquina(Intel Atom CPU N2600 ) cuando la compraste…??

Además NO veo que tengas incorporado el Service Pack 1 para Windows 7 que es imprescindible para garantizar la seguridad y funcionamiento de un equipo.

Nos comentas por favor.

Saludos.

Hola no sabria decirte si es original, es una computadora que me trajeron para arreglar. Si instalo el service pack 1, se solucionaran algunos de esos errores, o puede empeorar por que el sistema ya anda mal ? Gracias por la ayuda .

Hola.

Si el sistema operativo es original te dejara instalar el Service Pack 1 y te mejorará el sistema casi seguro.

En caso que te deje instalar el SP1 y después de REINICIAR deberás volver a buscar actualizaciones hasta que verifiques que NO te queda ninguna por hacer.

Saludos.

Descargue el service pack 1 de la pagina de microsoft, el paquete offline, lo quise instalar en modo normal y seguro y no me deja, tira errores.

photo hosting