Mi portatil se congela de la nada

#1

Hola, ya antes me han ayudado mucho y vuelvo con la lata. Tengo una Sony VAIO, viejita pero aguantadora, Vista 64bit, Core 2 duo, 4 GB RAM. En ocasiones la dejo descargando archivos y de la nada empezó a congelarse, dejando como única opción el reinicio, para volver a congelarse de al poco rato. Ya realicé algunas acciones como se recomendó a hezen22 en el post que inició hace un par de días, ejecutando CCleaner, Malwarebytes, AdwCleaner, Junkware Removal y Farbar Recovery Scan Tool.

Espero haber hecho lo correcto, pues parece estar funcionando un poco mejor. Acá los resultados:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/19/19
Scan Time: 1:41 AM
Log File: 1eca9bb0-626e-11e9-8cb3-001dba7feec8.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.365
Update Package Version: 1.0.5292
License: Free

-System Information-
OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: SONYVAIO\Owner

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 340939
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 32 min, 40 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
PUP.Optional.Iminent, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [102], [455248],1.0.5292
PUP.Optional.Iminent, C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [102], [455248],1.0.5292

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
#2

El segundo y el tercero:

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-19-2019
# Duration: 00:00:03
# OS:       Windows Vista (TM) Home Premium
# Cleaned:  31
# Failed:   6


***** [ Services ] *****

Deleted       Update service

***** [ Folders ] *****

Deleted       C:\Program Files (x86)\ProxyGate
Deleted       C:\Users\Owner\AppData\Roaming\ssn

***** [ Files ] *****

Deleted       C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Conduit
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{690D9BEE-6333-4F84-A568-3BFC72F54D04}
Deleted       HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FD061B29-4531-485C-A45F-D58FEF7FE3A3}
Deleted       HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Deleted       HKLM\System\CurrentControlSet\Services\EventLog\Application\Wpm
Not Deleted   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B63281A3-D60D-45C4-943D-54150CF211BB}
Not Deleted   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B63281A3-D60D-45C4-943D-54150CF211BB}
Not Deleted   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Cleaner Pro Update Job
Not Deleted   HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B63281A3-D60D-45C4-943D-54150CF211BB}
Not Deleted   HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B63281A3-D60D-45C4-943D-54150CF211BB}
Not Deleted   HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Cleaner Pro Update Job

***** [ Chromium (and derivatives) ] *****

Deleted       Storimbo

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6095 octets] - [19/04/2019 02:48:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows (TM) Vista Home Premium x64 
Ran by Owner (Administrator) on 19/04/2019 at  2:57:04.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 22 

Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCN9NAW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASNQ7KFV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHWIPNQ7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU030ZQI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSE2V5QA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RQJX1Q37 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SB44FRTR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2HFJO9H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VH73R8K8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YDTV7TQ3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZXQS0KV6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4RCN9NAW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASNQ7KFV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BHWIPNQ7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CU030ZQI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSE2V5QA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RQJX1Q37 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SB44FRTR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2HFJO9H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VH73R8K8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YDTV7TQ3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZXQS0KV6 (Temporary Internet Files Folder) 



Registry: 2 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B291E6C-9A74-4034-971B-A4B007A0B315} (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9E5FE3C3-6B64-4C63-9C9F-F2F31E988800} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/04/2019 at  3:03:11.82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#3

El cuarto:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019
Ran by Owner (administrator) on SONYVAIO (19-04-2019 03:04:39)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(AVAST Software a.s. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software a.s. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intervideo, Inc. -> InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software a.s. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6453760 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1220392 2008-05-20] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe [77824 2008-06-27] (Sony Electronics Corporation) [File not signed]
HKLM-x32\...\Run: [VAIORegistration] => C:\Program Files\Sony\First Experience\WelcomeLauncher.exe [16384 2008-06-26] (Sony Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [VWLASU] => C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe [24576 2008-05-20] (Sony Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2014720 2014-07-09] (AimerSoft) [File not signed]
HKLM-x32\...\Run: [Panda Security URL Filtering] => C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe [254448 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2019-04-06] (AVAST Software a.s. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-03-27] (Google Inc -> Google LLC)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\RunOnce: [Adobe Speed Launcher] => 1555660317
HKU\S-1-5-18\...\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-0051-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0C0A-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKLM\...\Drivers32: [VIDC.dvsd] => C:\Program Files (x86)\Common Files\Sony Shared\VideoLib\sonydv.dll [81920 2006-05-24] (Sony Corporation) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2018-05-20]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [File not signed]
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-08-11]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{800319FD-DB0B-4984-B4E4-1DB828347ECF}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> DefaultScope {9E5FE3C3-6B64-4C63-9C9F-F2F31E988800} URL = 
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {6E8EC60F-4C59-433B-BEA5-949EB61225DB} URL = hxxp://www.google.com.mx/search?hl=es&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {EA50D82A-9D69-4ED7-801F-2322610FD8AA} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20140907&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2019-04-06] (AVAST Software a.s. -> AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2019-04-06] (AVAST Software a.s. -> AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: WSAMVCUchrome - No CLSID Value

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2019-04-06] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2019-04-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> ) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> ) [File not signed]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] (Apple Inc. -> )
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4124524400-2168589064-4251907036-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-4124524400-2168589064-4251907036-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.mx/
CHR StartupUrls: Default -> "hxxp://www.google.com.mx/","","hxxps://www.google.com/","hxxp://www.google.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2019-04-19]
CHR Extension: (Link All) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbplhdcnpcenkdciibplnkgmiffjfnni [2018-11-03]
CHR Extension: (2112) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohiccbldidfaianakiighjonjckahib [2014-01-06]
CHR Extension: (Panda Safe Web) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok [2018-01-21]
CHR Extension: (Funky Karts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbgibbcljlbkkeaogjofolcbakcokmie [2019-01-15]
CHR Extension: (Botón +1 de Google) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2017-08-06]
CHR Extension: (Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2019-01-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-19]
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2019-04-06]
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2019-04-06]
StartMenuInternet: Google Chrome.HC73AWHMEOVPFIYS4H77JTLMFE - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-14] (Adobe Inc. -> Adobe) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc. -> Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1371136 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 lxcj_device; C:\Windows\system32\lxcjcoms.exe [452608 2006-05-11] ( ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-02-24] (McAfee, Inc. -> McAfee, Inc.)
S3 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [826368 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 RtkAudioService; C:\Windows\RtkAudioService.exe [139808 2008-07-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 SOHCImp; C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SOHDms; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SOHDs; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation -> Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Windows -> Microsoft Corporation)
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [410624 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2010-12-21] (MCCI Internal Testing Software -> Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2019-04-06] (ALWIL Software -> ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [335584 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2019-04-06] (AVAST Software a.s. -> AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [211448 2019-04-06] (AVAST Software a.s. -> AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2019-04-06] (AVAST Software a.s. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2019-04-06] (AVAST Software a.s. -> AVAST Software)
S1 Beep; no ImagePath
R3 CAXHWAZL; C:\Windows\System32\DRIVERS\CAXHWAZL.sys [300032 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [102368 2013-01-31] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [10216 2008-07-11] (Sony Corporation -> Sony Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 HSFHWAZL; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [286720 2008-01-20] (Microsoft Windows -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1511936 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7907872 2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 NETw5v64; C:\Windows\System32\DRIVERS\NETw5v64.sys [4730368 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 rimsptsk; C:\Windows\System32\DRIVERS\rimssn64.sys [85504 2008-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [64512 2008-07-17] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation -> MCCI Corporation)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [11392 2008-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203104 2013-01-31] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [731648 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio64.sys [9728 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 yukonx64; C:\Windows\System32\DRIVERS\yk60x64.sys [391680 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-19 03:04 - 2019-04-19 03:07 - 000026285 _____ C:\Users\Owner\Desktop\FRST.txt
2019-04-19 03:04 - 2019-04-19 03:04 - 000000000 ____D C:\FRST
2019-04-19 03:03 - 2019-04-19 03:03 - 000004446 _____ C:\Users\Owner\Desktop\JRT.txt
2019-04-19 02:46 - 2019-04-19 02:48 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:20 - 2019-04-19 02:20 - 000001499 _____ C:\Users\Owner\Desktop\Mwb1.txt
2019-04-19 01:39 - 2019-04-19 01:39 - 000001811 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-19 01:39 - 2019-04-19 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-19 01:39 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-19 01:37 - 2019-04-19 01:37 - 076534856 _____ (Malwarebytes ) C:\Users\Owner\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe
2019-04-19 01:26 - 2019-04-19 01:26 - 000260022 _____ C:\Users\Owner\Documents\cc_20190419_012601.reg
2019-04-19 01:18 - 2019-04-19 02:58 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-19 01:18 - 2019-04-19 01:18 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-19 01:18 - 2019-04-19 01:18 - 000000770 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-19 01:18 - 2019-04-19 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-19 01:18 - 2019-04-19 01:18 - 000000000 ____D C:\Program Files\CCleaner
2019-04-19 01:15 - 2019-04-19 01:15 - 002434048 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2019-04-19 01:14 - 2019-04-19 01:14 - 007025360 _____ (Malwarebytes) C:\Users\Owner\Desktop\adwcleaner_7.3.exe
2019-04-19 01:12 - 2019-04-19 01:12 - 001790024 _____ (Malwarebytes) C:\Users\Owner\Desktop\JRT.exe
2019-04-19 01:10 - 2019-04-19 01:11 - 021254208 _____ (Piriform Software Ltd) C:\Users\Owner\Desktop\ccsetup556.exe
2019-04-06 19:09 - 2019-04-19 02:54 - 000004174 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-04-06 18:58 - 2019-04-06 18:58 - 000000000 ____D C:\Users\Owner\AppData\Roaming\AVAST Software
2019-04-06 18:56 - 2019-04-06 18:56 - 000003072 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1554594909
2019-04-06 18:56 - 2019-04-06 18:56 - 000001785 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2019-04-06 18:56 - 2019-04-06 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-04-06 18:56 - 2019-04-06 18:55 - 000000852 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2019-04-06 18:56 - 2019-04-06 18:55 - 000000852 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2019-04-06 18:51 - 2019-04-06 18:51 - 001065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2019-04-06 18:51 - 2019-04-06 18:51 - 000464256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2019-04-06 18:51 - 2019-04-06 18:51 - 000097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2019-04-06 18:51 - 2019-04-06 18:51 - 000000000 ____D C:\Program Files\Common Files\avast software
2019-04-06 18:51 - 2019-04-06 18:50 - 000386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-04-06 18:51 - 2019-04-06 18:50 - 000273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-04-06 18:51 - 2019-04-06 18:50 - 000211448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2019-04-06 18:51 - 2019-04-06 18:50 - 000065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2019-04-06 18:51 - 2019-04-06 18:50 - 000065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-04-06 18:51 - 2019-04-06 18:50 - 000064712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2019-04-06 18:51 - 2019-04-06 18:50 - 000028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-04-06 18:51 - 2019-04-06 18:50 - 000028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-04-06 18:51 - 2019-04-06 18:49 - 000335584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdis2.sys
2019-04-06 18:50 - 2019-04-06 18:50 - 000043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2019-04-06 18:49 - 2019-04-06 18:49 - 000012368 _____ (ALWIL Software) C:\Windows\system32\Drivers\aswNdis.sys
2019-04-06 18:48 - 2019-04-06 18:50 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-06 18:48 - 2019-04-06 18:50 - 000000000 ____D C:\Program Files\AVAST Software
2019-04-06 13:30 - 2019-04-06 13:30 - 000040116 _____ C:\Users\Owner\Desktop\Acuse transferencia consulta Rebeca dermatólogo.pdf
2019-04-05 21:38 - 2019-04-05 21:38 - 000000000 __SHD C:\found.002
2019-04-02 23:10 - 2019-04-06 13:04 - 000000000 ____D C:\Users\Owner\AppData\Local\SmartView2

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-19 03:05 - 2008-12-20 18:12 - 000000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}.job
2019-04-19 02:53 - 2018-05-20 01:35 - 000000000 ____D C:\ProgramData\UMS
2019-04-19 02:49 - 2006-11-02 10:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-19 02:49 - 2006-11-02 10:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-19 02:49 - 2006-11-02 10:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-19 02:48 - 2006-11-02 10:42 - 000032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-19 01:39 - 2015-10-25 23:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-19 01:39 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\inf
2019-04-19 01:38 - 2014-09-28 21:58 - 000000000 ____D C:\Users\Owner\Documents\Descargas
2019-04-19 01:33 - 2011-12-28 17:02 - 000001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA.job
2019-04-19 01:23 - 2009-06-06 11:53 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Azureus
2019-04-19 01:22 - 2013-04-11 21:47 - 000000000 ____D C:\Windows\Minidump
2019-04-14 22:33 - 2011-12-28 17:02 - 000000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core.job
2019-04-14 21:59 - 2018-03-13 15:59 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-14 21:59 - 2013-02-08 08:37 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-14 21:59 - 2013-02-08 08:37 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-14 21:59 - 2011-11-13 17:14 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-14 21:59 - 2011-05-16 06:58 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-14 21:59 - 2008-08-12 16:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-08 22:26 - 2014-09-16 21:28 - 000000732 _____ C:\Users\Owner\AppData\Local\d3d9caps64.dat
2019-04-08 20:34 - 2006-11-02 07:46 - 000006580 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-07 02:14 - 2017-03-15 12:07 - 000000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2019-04-06 19:05 - 2014-09-12 10:39 - 000000000 ____D C:\Program Files\WinRAR
2019-04-06 19:05 - 2009-01-15 00:12 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-06 19:05 - 2009-01-15 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-06 18:52 - 2008-12-14 12:27 - 000000000 ____D C:\Users\Owner
2019-04-06 18:36 - 2014-11-17 08:38 - 000118216 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-06 18:36 - 2014-09-07 21:48 - 000000000 ____D C:\ProgramData\McAfee
2019-04-06 18:35 - 2014-09-07 21:48 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-04-06 18:34 - 2009-06-08 19:52 - 000001356 _____ C:\Users\Owner\AppData\Local\d3d9caps.dat
2019-04-06 18:10 - 2014-11-17 08:36 - 000453640 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-06 18:05 - 2017-03-15 12:09 - 000000000 ____D C:\Users\Owner\Documents\Programas
2019-04-06 16:53 - 2015-10-10 13:20 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-04-06 16:53 - 2015-10-10 13:16 - 000000000 ____D C:\ProgramData\Panda Security
2019-04-06 16:52 - 2015-10-10 13:21 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Panda Security
2019-04-06 13:24 - 2017-07-15 13:29 - 000649216 _____ C:\Users\Owner\Desktop\PAGOS_KARLA_NOV_2013(1).xls
2019-04-04 22:31 - 2014-01-05 13:31 - 000000000 ____D C:\Users\Owner\Documents\Movies
2019-03-27 15:51 - 2015-04-05 22:28 - 000003560 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA1d07019b6cd7b99
2019-03-27 15:51 - 2015-04-05 22:28 - 000003288 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core1d07019b67c8cd9

==================== Files in the root of some directories =======

2015-11-03 22:31 - 2015-11-03 23:17 - 000003072 _____ () C:\Users\Owner\AppData\Roaming\FOTOsmile 2 Prefsv3
2017-09-14 06:57 - 2017-09-14 22:06 - 000099384 _____ () C:\Users\Owner\AppData\Roaming\inst.exe
2017-09-14 06:57 - 2017-09-14 22:06 - 000007859 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.cat
2017-09-14 06:57 - 2017-09-14 22:06 - 000001167 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.inf
2017-09-14 06:58 - 2017-09-14 22:06 - 000000033 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.log
2017-09-14 06:57 - 2017-09-14 22:06 - 000082816 _____ (VSO Software) C:\Users\Owner\AppData\Roaming\pcouffin.sys
2009-10-12 13:49 - 2009-10-12 13:49 - 000025773 _____ () C:\Users\Owner\AppData\Roaming\UserTile.png
2009-06-08 19:52 - 2019-04-06 18:34 - 000001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2014-09-16 21:28 - 2019-04-08 22:26 - 000000732 _____ () C:\Users\Owner\AppData\Local\d3d9caps64.dat
2009-02-15 11:44 - 2017-09-18 06:11 - 000054784 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-04-19 02:56

==================== End of FRST.txt ============================
#4

Y el último:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by Owner (19-04-2019 03:08:18)
Running from C:\Users\Owner\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2008-11-22 21:20:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4124524400-2168589064-4251907036-500 - Administrator - Disabled)
Guest (S-1-5-21-4124524400-2168589064-4251907036-501 - Limited - Enabled)
Owner (S-1-5-21-4124524400-2168589064-4251907036-1001 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2Wire Wireless Client (HKLM-x32\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version:  - )
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft WebCam Companion 2 (HKLM-x32\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version:  - ArcSoft)
Avast Premier (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - GPL Public release.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Click to Disc (HKLM-x32\...\{363611D9-1106-41F2-B74E-BD8481C41219}) (Version: 1.2.00.06190 - Sony Corporation) Hidden
Click to Disc (HKLM-x32\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06190 - Sony Corporation)
Click to Disc Editor (HKLM-x32\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation) Hidden
Click to Disc Editor (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.0.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.0.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Google Chrome (HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
MakeMKV v1.10.7 (HKLM-x32\...\MakeMKV) (Version: v1.10.7 - GuinpinSoft inc)
Malwarebytes versión 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MediaInfo 0.7.93 (HKLM\...\MediaInfo) (Version: 0.7.93 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
Ogg Codecs 0.81.15562 (HKLM-x32\...\Ogg Codecs) (Version: 0.81.15562 - Xiph.Org)
OpenMG Secure Module 5.1.00 (HKLM-x32\...\{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}) (Version: 5.1.00.05200 - Sony Corporation) Hidden
OpenMG Secure Module 5.1.00 (HKLM-x32\...\InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}) (Version: 5.1.00.05200 - Sony Corporation)
Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.3.6 - Panda Security)
Primo (HKLM-x32\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
Regi (HKLM\...\{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}) (Version: 1.00.0000 - InterVideo Inc.) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
SafeZone Stable 1.46.1990.139 (HKLM-x32\...\SafeZone 1.46.1990.139) (Version: 1.46.1990.139 - Avast Software) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
Segoe UI (HKLM-x32\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.1.01.09230 - Sony Corporation)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.4.0.20080627.1647 - Sony Corporation)
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.2.02.06170 - Sony Corporation)
Sony Video Shared Library (HKLM-x32\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.4.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.7.0 - Synaptics)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.8 - Transmission)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 7.0.1 - Universal Media Server)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 1.00.0813 - Sony)
VAIO Content Folder Setting (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.0.00.17290 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}) (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{B513C7B0-024A-498F-B0F5-00C67E2440A9}) (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{E09A5851-B293-465E-A9FE-DFC11E0F4586}) (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{FD72E69E-CF34-4071-BFD6-FD081A365E2C}) (Version: 3.2.00.06115 - Sony Corporation)
VAIO Content Metadata Manager Setting (HKLM-x32\...\{4314FCA1-7D0D-45E7-B115-C142466BC60A}) (Version: 3.2.00.06062 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM-x32\...\{FE697886-F392-4E0D-A0C0-47587BF60992}) (Version: 3.2.00.06062 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{2B27EB8B-3AA6-438F-BCB0-719CE2C52E32}) (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{CB8A8696-93EC-414E-A752-850AB133F68A}) (Version: 3.2.00.06112 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}) (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.1.00.07110 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.2.00.06200 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}) (Version: 3.2.00.06200 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.1.00.07280 - Sony Corporation)
VAIO Help and Support (HKLM-x32\...\{D47FE987-EA3D-424B-9886-B752501D7CE7}) (Version: 6.00.0806.64.NS - Sony Corporation)
VAIO Launcher (HKLM-x32\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.1.00.06130 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}) (Version: 1.1.00.05240 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}) (Version: 1.1.00.05240 - Sony Corporation) Hidden
VAIO Movie Story (HKLM-x32\...\{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}) (Version: 1.3.00.06240 - Sony Corporation) Hidden
VAIO Movie Story (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.3.00.06240 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (HKLM-x32\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 2.1.00.06110 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM-x32\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO My Memory Center (HKLM-x32\...\{E1D25278-B51A-4163-BC3D-20A4D2D09F98}) (Version: 1.00.0229 - Sony)
VAIO OOBE and Welcome Center (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 6.00.0813.64.US - Sony Corporation)
VAIO Original Function Setting (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.04230 - Sony Corporation)
VAIO Power Management (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.1.00.08060 - Sony Corporation)
VAIO Startup Assistant (HKLM-x32\...\{DFD0E9A9-F24A-492B-8975-8C938E32408F}) (Version: 3.00.0731 - Sony)
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.0722 - Sony Corporation)
VAIO Update 4 (HKLM-x32\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.0.0.07150 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.2.00.05200 - Sony Corporation)
VAIO Wireless Wizard (HKLM-x32\...\{BCED773C-99EE-48DD-8915-25733F69F0A8}) (Version: 1.01.0722 - Sony)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinDVD BD for VAIO (HKLM-x32\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.754 - InterVideo Inc.) Hidden
WinDVD BD for VAIO (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.754 - InterVideo Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\ChromeHTML: -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2019-04-06] (AVAST Software a.s. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2019-04-06] (AVAST Software a.s. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2013-10-31] (Apple Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2019-04-06] (AVAST Software a.s. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2019-04-06] (AVAST Software a.s. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {043D3E0B-4F53-4A67-BFE5-E9356196EA50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe) [File not signed]
Task: {10398F6F-DB7B-43AA-BCAC-27006DC1A93B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) [File not signed]
Task: {15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899} - \{93E30113-6C0F-45FA-844D-C90EE05D1038} -> No File <==== ATTENTION
Task: {2C27DAC2-E84E-495F-997B-FB4AFC1FCC0B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe) [File not signed]
Task: {3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3} - \{7CAA9987-B25B-4543-9481-034760B048D7} -> No File <==== ATTENTION
Task: {40C89153-9321-423C-A3C4-406B57946E0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core1d07019b67c8cd9 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4380D364-21BB-4BC6-9943-C5590E634F0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {547C19A2-8446-4483-9DD1-A878C35FD408} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation -> Sony Corporation)
Task: {550E5440-C894-4A42-840F-2F75FFD352B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6936C6F5-576E-4D23-931B-8D96166304EF} - \{157F64FD-D1D3-4FFC-B7DF-96E1194C72C5} -> No File <==== ATTENTION
Task: {694FCD52-3D55-4E8A-9E92-E9F750E784F3} - \{CC03BC11-1B49-4EEE-88C2-16FB34614442} -> No File <==== ATTENTION
Task: {756F3253-B083-4C41-A8A2-F70917870F3A} - \{C26F3111-C188-4A53-A67B-6453D7BE0F96} -> No File <==== ATTENTION
Task: {7AD3F419-B9A6-4C5F-A963-5D0C4E0B186B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {7F138393-4E57-4317-ABEA-95797F0F7D86} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe
Task: {943E77A0-59FB-4B8F-8DC0-9C0DD801F50D} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4124524400-2168589064-4251907036-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {956FC04C-3848-4CC7-8497-9522BB971204} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA1d07019b6cd7b99 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A24D421D-536C-47D2-A7B3-66FDBD9D0ADA} - \VAIO Care -> No File <==== ATTENTION
Task: {A2D5ADE7-5675-47C1-8BDA-02F3108E8242} - \{EB7C85B7-71F4-42F7-A626-CD67EC78849E} -> No File <==== ATTENTION
Task: {B18E3255-B1A9-4441-A607-3E5A495DEB07} - \{726D0428-DB0E-4546-8A4E-C4C4799E9273} -> No File <==== ATTENTION
Task: {B47FC636-EC9E-4DF2-9B6A-C9BECB55259B} - \User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949} -> No File <==== ATTENTION
Task: {B63281A3-D60D-45C4-943D-54150CF211BB} - \PC Cleaner Pro Update Job -> No File <==== ATTENTION
Task: {C2720C18-780A-481E-9B38-E2C427912E52} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {C6FA8AE9-146E-4418-B433-01251FA506DE} - System32\Tasks\SafeZone scheduled Autoupdate 1554594909 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {EDBE3029-8491-4F32-8672-59C88DC2772D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9B36462-B6F5-413B-A515-D62C8693581E} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe (Sony Corporation -> Sony Corporation)
Task: {F9DCFE55-088E-4702-A8B8-DE4AA69C381E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}.job => C:\Windows\system32\msfeedssync.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Owner\Desktop\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Funky Karts.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jbgibbcljlbkkeaogjofolcbakcokmie
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Link All.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bbplhdcnpcenkdciibplnkgmiffjfnni
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Solitaire.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2017-09-10 01:47 - 2013-08-23 13:36 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\AiCM64.dll
2008-04-30 21:57 - 2008-04-30 21:57 - 001518080 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-09-06 12:27 - 2007-09-06 12:27 - 001331712 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2008-04-30 21:42 - 2008-04-30 21:42 - 001064448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2008-04-30 21:44 - 2008-04-30 21:44 - 000968192 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2008-04-30 21:45 - 2008-04-30 21:45 - 000335872 _____ () [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2009-12-27 19:06 - 2006-05-11 08:07 - 000365568 _____ ( ) [File not signed] C:\Windows\System32\lxcjlmpm.dll
2009-12-27 19:09 - 2006-05-11 08:07 - 000141824 _____ (Lexmark International, Inc.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\lxcjpp6c.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 000440808 _____ (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
2008-04-30 22:20 - 2008-04-30 22:20 - 001371136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2008-04-30 21:48 - 2008-04-30 21:48 - 002133504 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2008-04-30 21:59 - 2008-04-30 21:59 - 001304576 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2008-04-30 21:45 - 2008-04-30 21:45 - 000816640 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2008-04-30 21:46 - 2008-04-30 21:46 - 000176640 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2008-04-30 21:42 - 2008-04-30 21:42 - 000826368 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2008-06-20 10:56 - 2008-06-20 10:56 - 000415744 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
2008-08-26 23:33 - 2008-05-22 16:23 - 000192512 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2019-04-19 00:45 - 2019-04-19 00:45 - 001619760 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswEngin.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000458160 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswCmnIS.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000143616 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswCmnOS.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000497944 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswCmnBS.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000414792 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswRep.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000610528 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswFiDb.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000366704 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswArray.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000538312 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\aswCleanerDLL.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 002072272 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\swhealthex2.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000043936 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\fwAux.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 000197096 _____ (Digital Wave Ltd -> Digital Wave Ltd) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 002094568 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcrypto-1_1.dll
2017-05-09 22:07 - 2017-03-20 17:17 - 000114664 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2017-05-09 22:06 - 2017-03-22 11:10 - 000305640 _____ (Digital Wave Ltd -> Digital Wave LTD) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll
2017-05-09 22:06 - 2017-03-20 17:17 - 000289768 _____ (Digital Wave Ltd -> The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll
2017-05-09 22:06 - 2017-03-20 17:17 - 000280040 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SSLEAY32MD.dll
2017-05-09 22:06 - 2017-03-20 17:17 - 001336808 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\LIBEAY32MD.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 000133608 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll
2017-05-09 22:07 - 2017-03-22 11:10 - 000737768 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\wbrhelper.dll
2017-05-09 22:09 - 2017-03-20 17:17 - 000108008 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2017-05-09 22:09 - 2017-03-20 17:17 - 000024040 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2017-05-09 22:09 - 2017-03-20 17:17 - 000048104 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\MSVCR70.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000126976 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000010752 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000074240 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
2008-08-12 15:59 - 2008-07-11 18:42 - 000102400 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000086016 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000151552 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000090112 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPowerMgr.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000090112 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSemiPnP.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000094208 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuPerform.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000139264 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESVideo.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000212992 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000098304 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
2008-08-26 23:33 - 2008-06-13 17:07 - 000131072 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Launcher\VESAVModeButton.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000565248 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESHKWndCommon.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2008-05-22 16:21 - 2008-05-22 16:21 - 000126976 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCs.dll
2008-05-29 15:33 - 2008-05-29 15:33 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\MSVCR71.dll
2008-05-29 15:33 - 2008-05-29 15:33 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\MSVCP71.dll
2008-05-22 16:41 - 2008-05-22 16:41 - 000188416 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsDsAudioFile.vzcs
2007-04-03 16:46 - 2007-04-03 16:46 - 000139264 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsDsfFile.vzcs
2008-05-22 16:29 - 2008-05-22 16:29 - 000143360 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsDsVideoFile.vzcs
2008-05-22 16:40 - 2008-05-22 16:40 - 000864256 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsImageFile.vzcs
2008-05-22 16:41 - 2008-05-22 16:41 - 000131072 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsOmgFile.vzcs
2008-05-20 03:35 - 2008-05-20 03:35 - 000090112 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OmgPcMan.dll
2008-05-20 03:43 - 2008-05-20 03:43 - 000245760 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\AVLib\OpcOmg.dll
2008-05-20 03:33 - 2008-05-20 03:33 - 000253952 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\omgmisc.dll
2008-05-20 03:31 - 2008-05-20 03:31 - 000196608 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\pfcom.DLL
2008-05-20 03:29 - 2008-05-20 03:29 - 000217088 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OMGUtils.dll
2008-05-20 03:30 - 2008-05-20 03:30 - 000307200 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\salwrap.dll
2008-05-20 03:41 - 2008-05-20 03:41 - 000258048 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OpcEa3.dll
2008-05-20 03:37 - 2008-05-20 03:37 - 000663552 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\omgconv2.DLL
2008-05-20 03:36 - 2008-05-20 03:36 - 000077824 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\omglgd.DLL
2008-05-20 03:38 - 2008-05-20 03:38 - 000106496 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OmgTrans.ax
2008-05-20 03:36 - 2008-05-20 03:36 - 000081920 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\MigrateToGM.dll
2008-05-22 16:33 - 2008-05-22 16:33 - 000249856 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsVideoCapsule.vzcs
2008-05-22 16:38 - 2008-05-22 16:38 - 000098304 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsWmaFile.vzcs
2008-06-10 17:21 - 2008-06-10 17:21 - 000091648 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFwPluginVzCdb.dll
2008-08-26 23:33 - 2008-06-20 10:56 - 000122880 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdb.dll
2008-08-26 23:33 - 2008-05-22 16:24 - 000011776 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcPS.dll
2011-06-18 22:42 - 2011-06-18 22:42 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2008-08-26 23:31 - 2008-06-12 00:00 - 000057344 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzTimerWapi.dll
2008-08-26 23:31 - 2008-06-12 00:04 - 000167936 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzQueueContents.dll
2008-08-26 23:31 - 2008-06-12 00:04 - 000196608 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzDbNotifyVep.dll
2008-08-26 23:33 - 2008-05-05 13:47 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCP71.dll
2008-08-26 23:33 - 2008-05-05 13:47 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCR71.dll
2008-08-26 23:33 - 2008-05-22 16:24 - 000163840 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbVcds.dll
2008-08-26 23:33 - 2008-05-22 16:24 - 000241664 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSsDB.dll
2008-08-26 23:33 - 2008-06-12 19:37 - 000630784 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbLocalDB.dll
2008-08-26 23:33 - 2008-04-10 18:44 - 000143360 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll
2008-08-26 23:33 - 2008-04-10 18:55 - 001064960 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\sonyuppc.dll
2008-08-26 23:33 - 2007-04-03 16:46 - 000094208 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\UPnPCtrl.dll
2019-04-06 18:50 - 2019-04-06 18:50 - 040539648 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\libcef.dll
2019-04-19 00:45 - 2019-04-19 00:45 - 000064120 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\defs\19041804\uiExt.dll
2019-04-06 18:50 - 2019-04-06 19:09 - 002736056 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:30FD0CBD [140]
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
AlternateDataStreams: C:\ProgramData\TEMP:8E3D07DE [278]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2019-04-06 17:04 - 000000266 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0  data.service.malwarebytes.org
127.0.0.1  skipittok.com
0.0.0.0  telemetry.malwarebytes.com
127.0.0.1                   license.avira.com
127.0.0.1                   62.146.210.6
127.0.0.1                   62.146.210.10

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files\Intel\WiFi\bin;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: VAIOSurvey => "C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{116A5ED3-C596-4A84-96A2-0E32E08D1CBB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A25CE01E-8647-4097-BFF3-0B0F0B4E2A56}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{58F065DF-3241-4397-985E-A4BC7A05460D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF090BFC-D677-464B-B5BC-3FE8186A876A}] => (Allow) LPort=2869
FirewallRules: [{0734180A-52DF-48A1-9265-778EF9A3C623}] => (Allow) LPort=1900
FirewallRules: [{C06B0F85-5E4A-431F-8E77-52700C035831}] => (Allow) LPort=80
FirewallRules: [{2880CF99-BB85-427F-81B0-4995E1B58F2F}] => (Allow) LPort=80
FirewallRules: [{04407267-414B-459E-9872-145B76035AD1}] => (Allow) LPort=80
FirewallRules: [{D50C426C-4BC2-445B-B91E-21A3FB010A36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B9F21B1-15B2-4DB3-9A30-4E1F99D2D033}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB535CA6-38FA-4160-8AA6-C88A440A7CDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34631663-61E2-4584-A8C5-203CD4413B0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D70E1556-C8B7-4B76-9915-D2AC5D492D51}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1E186CB-3CB3-4CA1-95A8-F192BCCA3811}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{F7DFF4F0-8B0E-4342-BB8F-645F6236E575}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{67DBC888-91D0-41AC-AEF6-49B52872844D}] => (Allow) 㩃啜敳獲作湷牥䅜灰慄慴剜慯業杮獜湳獜湳攮數 No File
FirewallRules: [{A94ABA1D-553A-42A5-AF60-CF9474DD0542}] => (Allow) 㩃啜敳獲作湷牥䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e No File
FirewallRules: [TCP Query User{417C2303-517C-4DAC-A73A-9EADA1705A4F}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{F780F2A5-48EC-407C-8BE8-BA0A8101CE7A}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{51B722B2-EE21-4CE2-95CE-0DE5981F7557}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) [File not signed]
FirewallRules: [{5D77152A-2EAD-4F00-A653-B7C35AA50B2D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software) [File not signed]
FirewallRules: [TCP Query User{3C3327F3-2F94-4F54-878A-2811061BA3D7}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{787A7CDB-43EA-49FA-A981-2E30CC96034F}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe

==================== Restore Points =========================

19-04-2019 02:57:05 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2019 02:52:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application AppleSyncNotifier.exe, version 1.6.77.0, time stamp 0x4eb1660b, faulting module MSVCR80.dll, version 8.0.50727.6195, time stamp 0x4dcddbf3, exception code 0xc000000d, fault offset 0x00008aa0,
process id 0x6a0, application start time 0x01d4f684bd061e7e.

Error: (04/19/2019 02:50:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/19/2019 02:50:31 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (04/19/2019 02:38:26 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2019 02:38:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2019 02:38:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2019 02:38:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/19/2019 02:36:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application AppleSyncNotifier.exe, version 1.6.77.0, time stamp 0x4eb1660b, faulting module MSVCR80.dll, version 8.0.50727.6195, time stamp 0x4dcddbf3, exception code 0xc000000d, fault offset 0x00008aa0,
process id 0x129c, application start time 0x01d4f682865ae49e.


System errors:
=============
Error: (04/19/2019 02:50:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Beep
DMICall

Error: (04/19/2019 02:50:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VAIO Power Management service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (04/19/2019 02:50:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the VAIO Power Management service to connect.

Error: (04/19/2019 02:49:29 AM) (Source: HTTP) (EventID: 15021) (User: )
Description: An error occured while using SSL configuration for socket address 192.168.2.97:63331.  The error status code is contained within the returned data.

Error: (04/19/2019 02:49:29 AM) (Source: HTTP) (EventID: 15021) (User: )
Description: An error occured while using SSL configuration for socket address 192.168.2.39:63331.  The error status code is contained within the returned data.

Error: (04/19/2019 02:49:29 AM) (Source: HTTP) (EventID: 15021) (User: )
Description: An error occured while using SSL configuration for socket address 192.168.2.38:63331.  The error status code is contained within the returned data.

Error: (04/19/2019 02:49:29 AM) (Source: HTTP) (EventID: 15021) (User: )
Description: An error occured while using SSL configuration for socket address 192.168.2.36:63331.  The error status code is contained within the returned data.

Error: (04/19/2019 02:49:29 AM) (Source: HTTP) (EventID: 15021) (User: )
Description: An error occured while using SSL configuration for socket address 192.168.2.33:63331.  The error status code is contained within the returned data.


CodeIntegrity:
===================================

Date: 2019-04-06 15:50:24.176
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINKNC.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:22.784
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINKNC.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:21.397
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINKNC.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:20.014
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINKNC.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:18.455
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINFile.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:17.059
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINFile.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:15.555
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINFile.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-06 15:50:14.142
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PSINFile.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 85%
Total physical RAM: 3934.13 MB
Available physical RAM: 580.41 MB
Total Virtual: 8063.51 MB
Available Virtual: 4539.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.1 GB) (Free:39.56 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{bb3d79a1-b8da-11dd-8448-806e6f6e6963}\ (Recovery) (Fixed) (Total:9.78 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 6017062B)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#5

Primero ejecuta la herramienta de limpieza de Mcafee, pues hay restos

Comentar que Spyhunter, del cual hay restos, es un falso antivirus, por lo que no lo vuelvas a usar

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

  • Para hacerlo descarga Delfix en tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.


En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> DefaultScope {9E5FE3C3-6B64-4C63-9C9F-F2F31E988800} URL = 
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: WSAMVCUchrome - No CLSID Value
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
C:\Program Files (x86)\Enigma Software Group
Task: {15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899} - \{93E30113-6C0F-45FA-844D-C90EE05D1038} -> No File <==== ATTENTION
Task: {3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3} - \{7CAA9987-B25B-4543-9481-034760B048D7} -> No File <==== ATTENTION
Task: {6936C6F5-576E-4D23-931B-8D96166304EF} - \{157F64FD-D1D3-4FFC-B7DF-96E1194C72C5} -> No File <==== ATTENTION
Task: {694FCD52-3D55-4E8A-9E92-E9F750E784F3} - \{CC03BC11-1B49-4EEE-88C2-16FB34614442} -> No File <==== ATTENTION
Task: {756F3253-B083-4C41-A8A2-F70917870F3A} - \{C26F3111-C188-4A53-A67B-6453D7BE0F96} -> No File <==== ATTENTION
Task: {A24D421D-536C-47D2-A7B3-66FDBD9D0ADA} - \VAIO Care -> No File <==== ATTENTION
Task: {A2D5ADE7-5675-47C1-8BDA-02F3108E8242} - \{EB7C85B7-71F4-42F7-A626-CD67EC78849E} -> No File <==== ATTENTION
Task: {B18E3255-B1A9-4441-A607-3E5A495DEB07} - \{726D0428-DB0E-4546-8A4E-C4C4799E9273} -> No File <==== ATTENTION
Task: {B47FC636-EC9E-4DF2-9B6A-C9BECB55259B} - \User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949} -> No File <==== ATTENTION
Task: {B63281A3-D60D-45C4-943D-54150CF211BB} - \PC Cleaner Pro Update Job -> No File <==== ATTENTION
Task: {C2720C18-780A-481E-9B38-E2C427912E52} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
C:\Program Files\Common Files\AV\McAfee VirusScan
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Owner\Desktop\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Funky Karts.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jbgibbcljlbkkeaogjofolcbakcokmie
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Link All.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bbplhdcnpcenkdciibplnkgmiffjfnni
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Solitaire.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
AlternateDataStreams: C:\ProgramData\TEMP:30FD0CBD [140]
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
AlternateDataStreams: C:\ProgramData\TEMP:8E3D07DE [278]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

  • Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

  • Ejecutas Frst.exe.

  • Presionas el botón Fix y aguardas a que termine.

  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el pc

#6

Hola. Muchas gracias por la atención. Ya realicé las acciones que me indicaste. El funcionamiento mejoró, como comenté en un principio, desde la ejecución de las primeras herramientas. Ahora parece estar bastante bien. Aquí está el reporte (Fixlog.txt). Saludos.

Fix result of Farbar Recovery Scan Tool (x64) Version: 18.04.2019
Ran by Owner (19-04-2019 09:03:18) Run:1
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> DefaultScope {9E5FE3C3-6B64-4C63-9C9F-F2F31E988800} URL = 
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler: WSAMVCUchrome - No CLSID Value
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
C:\Program Files (x86)\Enigma Software Group
Task: {15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899} - \{93E30113-6C0F-45FA-844D-C90EE05D1038} -> No File <==== ATTENTION
Task: {3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3} - \{7CAA9987-B25B-4543-9481-034760B048D7} -> No File <==== ATTENTION
Task: {6936C6F5-576E-4D23-931B-8D96166304EF} - \{157F64FD-D1D3-4FFC-B7DF-96E1194C72C5} -> No File <==== ATTENTION
Task: {694FCD52-3D55-4E8A-9E92-E9F750E784F3} - \{CC03BC11-1B49-4EEE-88C2-16FB34614442} -> No File <==== ATTENTION
Task: {756F3253-B083-4C41-A8A2-F70917870F3A} - \{C26F3111-C188-4A53-A67B-6453D7BE0F96} -> No File <==== ATTENTION
Task: {A24D421D-536C-47D2-A7B3-66FDBD9D0ADA} - \VAIO Care -> No File <==== ATTENTION
Task: {A2D5ADE7-5675-47C1-8BDA-02F3108E8242} - \{EB7C85B7-71F4-42F7-A626-CD67EC78849E} -> No File <==== ATTENTION
Task: {B18E3255-B1A9-4441-A607-3E5A495DEB07} - \{726D0428-DB0E-4546-8A4E-C4C4799E9273} -> No File <==== ATTENTION
Task: {B47FC636-EC9E-4DF2-9B6A-C9BECB55259B} - \User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949} -> No File <==== ATTENTION
Task: {B63281A3-D60D-45C4-943D-54150CF211BB} - \PC Cleaner Pro Update Job -> No File <==== ATTENTION
Task: {C2720C18-780A-481E-9B38-E2C427912E52} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
C:\Program Files\Common Files\AV\McAfee VirusScan
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Owner\Desktop\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Funky Karts.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jbgibbcljlbkkeaogjofolcbakcokmie
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Link All.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bbplhdcnpcenkdciibplnkgmiffjfnni
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Solitaire.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
AlternateDataStreams: C:\ProgramData\TEMP:30FD0CBD [140]
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [126]
AlternateDataStreams: C:\ProgramData\TEMP:8E3D07DE [278]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\Machine => moved successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\WSAMVCUchrome => removed successfully
mfeaack => service not found.
mfeavfk => service not found.
mfedisk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfedisk => removed successfully
mfedisk => service removed successfully
mfehidk => service not found.
HKLM\System\CurrentControlSet\Services\catchme => removed successfully
catchme => service removed successfully
HKLM\System\CurrentControlSet\Services\esgiguard => removed successfully
esgiguard => service removed successfully
HKLM\System\CurrentControlSet\Services\IpInIp => removed successfully
IpInIp => service removed successfully
HKLM\System\CurrentControlSet\Services\NwlnkFlt => removed successfully
NwlnkFlt => service removed successfully
HKLM\System\CurrentControlSet\Services\NwlnkFwd => removed successfully
NwlnkFwd => service removed successfully
"C:\Program Files (x86)\Enigma Software Group" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{93E30113-6C0F-45FA-844D-C90EE05D1038}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CAA9987-B25B-4543-9481-034760B048D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6936C6F5-576E-4D23-931B-8D96166304EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6936C6F5-576E-4D23-931B-8D96166304EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{157F64FD-D1D3-4FFC-B7DF-96E1194C72C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{694FCD52-3D55-4E8A-9E92-E9F750E784F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{694FCD52-3D55-4E8A-9E92-E9F750E784F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC03BC11-1B49-4EEE-88C2-16FB34614442}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{756F3253-B083-4C41-A8A2-F70917870F3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{756F3253-B083-4C41-A8A2-F70917870F3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C26F3111-C188-4A53-A67B-6453D7BE0F96}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A24D421D-536C-47D2-A7B3-66FDBD9D0ADA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A24D421D-536C-47D2-A7B3-66FDBD9D0ADA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VAIO Care" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2D5ADE7-5675-47C1-8BDA-02F3108E8242}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2D5ADE7-5675-47C1-8BDA-02F3108E8242}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EB7C85B7-71F4-42F7-A626-CD67EC78849E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B18E3255-B1A9-4441-A607-3E5A495DEB07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B18E3255-B1A9-4441-A607-3E5A495DEB07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{726D0428-DB0E-4546-8A4E-C4C4799E9273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B47FC636-EC9E-4DF2-9B6A-C9BECB55259B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B47FC636-EC9E-4DF2-9B6A-C9BECB55259B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B63281A3-D60D-45C4-943D-54150CF211BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B63281A3-D60D-45C4-943D-54150CF211BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Cleaner Pro Update Job" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2720C18-780A-481E-9B38-E2C427912E52}" => not found
"C:\Windows\System32\Tasks\McAfee Remediation (Prepare)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => not found
"C:\Program Files\Common Files\AV\McAfee VirusScan" => not found
"CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"" => removed successfully
"BVTFilter" => removed successfully
"BVTConsumer" => removed successfully
C:\Users\Owner\Desktop\Google Chrome.lnk => Shortcut argument removed successfully
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Funky Karts.lnk => Shortcut argument removed successfully
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Link All.lnk => Shortcut argument removed successfully
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Solitaire.lnk => Shortcut argument removed successfully
C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => Shortcut argument removed successfully
C:\ProgramData\TEMP => ":30FD0CBD" ADS removed successfully
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully
C:\ProgramData\TEMP => ":8E3D07DE" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Local Area Connection while it has its media disconnected.

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : 
   IPv6 Address. . . . . . . . . . . : 2806:107e:10:47:7895:99ba:c454:d8c5
   Temporary IPv6 Address. . . . . . : 2806:107e:10:47:bc14:acf4:10a4:3144
   Link-local IPv6 Address . . . . . : fe80::7895:99ba:c454:d8c5%11
   IPv4 Address. . . . . . . . . . . : 192.168.1.75
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::1%11
                                       192.168.1.254

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

Tunnel adapter Local Area Connection* 21:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.0.6001 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

Unable to connect to BITS - 0x8007042c

========= End of CMD: =========


========= netsh advfirewall reset =========


An error occurred contacting the firewall. Make sure that the Windows Firewall service is running and try your request again.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


An error occurred contacting the firewall. Make sure that the Windows Firewall service is running and try your request again.


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reseting Echo Request, OK!
Reseting Global, OK!
Reseting Interface, OK!
A reboot is required to complete this action.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reseting Echo Request, OK!
A reboot is required to complete this action.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11624549 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 43 B
Edge => 0 B
Chrome => 10305898 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 592945 B
systemprofile32 => 101131 B
LocalService => 179236 B
LocalService => 0 B
NetworkService => 74420 B
NetworkService => 0 B
Best Buy => 270329 B
Owner => 43913948 B

RecycleBin => 0 B
EmptyTemp: => 64 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:05:40 ====
#7

ok, pruebas PCE 24-48 horas y me comentas como va. Durante ese tiempo reinicia el pc dos o tres veces para que mejore el funcionamiento de este

#8

Hola, parece ser que algo salió mal, porque sucedió lo siguiente: reactivé el antivirus (Avast) y me indicó que había un error, por lo que tenía que reiniciar el PC; al hacerlo, Windows me obligó a hacerlo en modo de reparación, ya que detectó un cambio que impedía iniciar de manera normal y restauró el sistema al último punto guardado. Desconozco si eso sea bueno o malo, el asunto es que otra vez se empezó a congelar al iniciar algunos programas, particularmente Avast, Megasync y Universal Media Server. En este momento, estoy escribiendo esto porque apagué Avast y cerré Megasync y UMS. ¿Qué debo hacer?

#9

Es bastante extraño… Desinstalar Avast por completo desde el panel de control de Windows reinicia el PC y comenta cómo funciona

#10

Pues por extraño que parezca, desinstalé Avast y la portátil no se ha congelado, es más, está funcionando bastante bien y a buena velocidad, incluso descargué algunos archivos con Megasync y transmití a mi smart TV a través de UMS. Pareciera ser que el problema era Avast. ¿Cuáles serían los pasos a seguir ahora? Adicionalmente, no tengo ningún antivirus. De hecho, la versión de Avast que tenía era de prueba. ¿Tienes alguna recomendación?

#11

Es muy habitual , que un antivirus, incluso uno que usásemos durante tiempo en un pc, de repente suceda eso, y Avast últimamente parece que se lleva la palma con eso.

Prueba con este:

https://www.infospyware.com/antivirus/kss/

Comentas como va el pc despues de instalarlo y probar bien

#12

Instalé y ejecuté Kapersky y se quedo pasmado el PC cuando se encontraba en el 98% de análisis. Reinicié y Kapersky me mostró 4 advertencias; aquí el reporte:

|20.04.2019 21.33.52|No se procesó un objeto detectado (archivo)|C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe|Archivo: C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe|Nombre del objeto: not-a-virus:WebToolbar.Win32.Asparnet.gen|Tipo de objeto: Software lícito que los criminales pueden usar para dañar su equipo o sus datos personales|Hora: 20/04/2019 09:33 p.m.|
|---|---|---|---|---|---|---|
|20.04.2019 21.32.54|No se procesó un objeto detectado (archivo)|C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe|Archivo: C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe|Nombre del objeto: not-a-virus:WebToolbar.Win32.Asparnet.gen|Tipo de objeto: Software lícito que los criminales pueden usar para dañar su equipo o sus datos personales|Hora: 20/04/2019 09:32 p.m.|
|20.04.2019 21.32.52|No se procesó un objeto detectado (archivo)|C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe|Archivo: C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe|Nombre del objeto: not-a-virus:WebToolbar.Win32.Asparnet.ca|Tipo de objeto: Software lícito que los criminales pueden usar para dañar su equipo o sus datos personales|Hora: 20/04/2019 09:32 p.m.|
|20.04.2019 21.32.52|No se procesó un objeto detectado (archivo)|C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll|Archivo: C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll|Nombre del objeto: not-a-virus:WebToolbar.Win32.Asparnet.gen|Tipo de objeto: Software lícito que los criminales pueden usar para dañar su equipo o sus datos personales|Hora: 20/04/2019 09:32 p.m.|

Espero comentario.

#13

Format Factory contiene malware.

Desinstala usando Revo

  • Descarga e instalas >> Revo Uninstaller | InfoSpyware

  • Luego, segun Indico, desinstalas el / los programas indicados, seleccionando cuando lo indique Revo, el Modo Avanzado

  • Marcas NOMBRE PROGRAMA y pulsas desinstalar en el menu de Revo, en Modo Avanzado

Cuando lo hagas, se iniciara el desinstalador de NOMBRE DE PROGRAMA y al finalizar (si alguno te pide reiniciar, pulsas en NO o Cancelar y continuas con Revo), realizas:

  1. Pulsas Analizar en Revo, para que analice los restos del programa
  2. Pulsas seleccionar todo, para eliminar restos del registro
  3. Pulsas borrar todo
  4. Pulsas siguiente
  5. Pulsas seleccionar todo, para eliminar, si hay, carpetas
  6. Pulsas borrar todo
  7. Pulsas finalizar

Luego me sacas unos nuevos informes con Fabar

#14

Hola, ya apliqué las acciones que me recomendaste. Dejo los reportes de Farbar.

1 de 2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.04.2019 01
Ran by Owner (administrator) on SONYVAIO (Sony Corporation VGN-NS190J) (22-04-2019 01:35:04)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intervideo, Inc. -> InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation -> Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio64.exe
(Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AimerSoft) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_131\bin\javaw.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
() [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
(Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(Byte Technologies LLC -> Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6453760 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1220392 2008-05-20] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [317280 2008-04-03] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe [77824 2008-06-27] (Sony Electronics Corporation) [File not signed]
HKLM-x32\...\Run: [VAIORegistration] => C:\Program Files\Sony\First Experience\WelcomeLauncher.exe [16384 2008-06-26] (Sony Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [VWLASU] => C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe [24576 2008-05-20] (Sony Electronics, Inc.) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2014720 2014-07-09] (AimerSoft) [File not signed]
HKLM-x32\...\Run: [Panda Security URL Filtering] => C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe [254448 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [Google Update] => C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateCore.exe [752424 2019-03-27] (Google Inc -> Google LLC)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\RunOnce: [Adobe Speed Launcher] => 1555865479
HKU\S-1-5-18\...\RunOnce: [{90120000-0030-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-0051-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90120000-006E-0C0A-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKLM\...\Drivers32: [VIDC.dvsd] => C:\Program Files (x86)\Common Files\Sony Shared\VideoLib\sonydv.dll [81920 2006-05-24] (Sony Corporation) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Universal Media Server.lnk [2018-05-20]
ShortcutTarget: Universal Media Server.lnk -> C:\Program Files (x86)\Universal Media Server\UMS.exe (Universal Media Server) [File not signed]
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-08-11]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C40DB2-BAC6-4CC9-A0D6-E0775EB06DBA} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe (Byte Technologies LLC -> Byte Technologies LLC) <==== ATTENTION
Task: {043D3E0B-4F53-4A67-BFE5-E9356196EA50} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe) [File not signed]
Task: {15FBFAA5-DFF4-4E59-9D14-C6AA96E9C899} - \{93E30113-6C0F-45FA-844D-C90EE05D1038} -> No File <==== ATTENTION
Task: {2C27DAC2-E84E-495F-997B-FB4AFC1FCC0B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe (Adobe Inc. -> Adobe) [File not signed]
Task: {3B02C961-213C-48DB-8BD3-6FDCBDC8D5A3} - \{7CAA9987-B25B-4543-9481-034760B048D7} -> No File <==== ATTENTION
Task: {40C89153-9321-423C-A3C4-406B57946E0E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core1d07019b67c8cd9 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4380D364-21BB-4BC6-9943-C5590E634F0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {547C19A2-8446-4483-9DD1-A878C35FD408} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe (Sony Corporation -> Sony Corporation)
Task: {550E5440-C894-4A42-840F-2F75FFD352B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6936C6F5-576E-4D23-931B-8D96166304EF} - \{157F64FD-D1D3-4FFC-B7DF-96E1194C72C5} -> No File <==== ATTENTION
Task: {694FCD52-3D55-4E8A-9E92-E9F750E784F3} - \{CC03BC11-1B49-4EEE-88C2-16FB34614442} -> No File <==== ATTENTION
Task: {756F3253-B083-4C41-A8A2-F70917870F3A} - \{C26F3111-C188-4A53-A67B-6453D7BE0F96} -> No File <==== ATTENTION
Task: {7A25D299-5642-4F06-9F0E-96190A7A5B8B} - System32\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F} => C:\Users\Owner\AppData\Local\Gomutolaso\Bapek.exe () [File not signed]
Task: {7AD3F419-B9A6-4C5F-A963-5D0C4E0B186B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {7F138393-4E57-4317-ABEA-95797F0F7D86} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe
Task: {943E77A0-59FB-4B8F-8DC0-9C0DD801F50D} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4124524400-2168589064-4251907036-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
Task: {956FC04C-3848-4CC7-8497-9522BB971204} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA1d07019b6cd7b99 => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {A24D421D-536C-47D2-A7B3-66FDBD9D0ADA} - \VAIO Care -> No File <==== ATTENTION
Task: {A2D5ADE7-5675-47C1-8BDA-02F3108E8242} - \{EB7C85B7-71F4-42F7-A626-CD67EC78849E} -> No File <==== ATTENTION
Task: {B18E3255-B1A9-4441-A607-3E5A495DEB07} - \{726D0428-DB0E-4546-8A4E-C4C4799E9273} -> No File <==== ATTENTION
Task: {B47FC636-EC9E-4DF2-9B6A-C9BECB55259B} - \User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949} -> No File <==== ATTENTION
Task: {B63281A3-D60D-45C4-943D-54150CF211BB} - \PC Cleaner Pro Update Job -> No File <==== ATTENTION
Task: {C2720C18-780A-481E-9B38-E2C427912E52} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {EDBE3029-8491-4F32-8672-59C88DC2772D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9B36462-B6F5-413B-A515-D62C8693581E} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe (Sony Corporation -> Sony Corporation)
Task: {F9DCFE55-088E-4702-A8B8-DE4AA69C381E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F}.job => C:\Users\Owner\AppData\Local\GOMUTO~1\Bapek.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{800319FD-DB0B-4984-B4E4-1DB828347ECF}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mx.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fptpeylhk2y2aegikmoqzd_19_17&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dmx%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FtBtCtDtCyB0FyCyDyEyB0CyCtN0D0Tzu0StByCyCzztN1L2XzuyEtFyDtCtFtDtFzztCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyEzzzyyDyBzz0EtGyCtDzz0DtG0FyByDtAtGtBtB0F0BtGtB0F0EtDtAyCzy0B0BtCyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC1TyBtA1Qzz1QtGyCtBzzyEtGyE1PzyzytG1S1RtAtDtGyCyD1QtAzyyE1Q1O1OyDyByC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtCyCtBzytN1Q2Z1B1P1RzutCyDyDyDzytCyEtAtCzz%26cr%3D944756385%26a%3Dwbf_fptpeylhk2y2aegikmoqzd_19_17%26os_ver%3D6.0%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fptpeylhk2y2aegikmoqzd_19_17&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmx%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FtBtCtDtCyB0FyCyDyEyB0CyCtN0D0Tzu0StByCyCzztN1L2XzuyEtFyDtCtFtDtFzztCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyEzzzyyDyBzz0EtGyCtDzz0DtG0FyByDtAtGtBtB0F0BtGtB0F0EtDtAyCzy0B0BtCyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC1TyBtA1Qzz1QtGyCtBzzyEtGyE1PzyzytG1S1RtAtDtGyCyD1QtAzyyE1Q1O1OyDyByC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtCyCtBzytN1Q2Z1B1P1RzutCyDyDyDzytCyEtAtCzz%26cr%3D944756385%26a%3Dwbf_fptpeylhk2y2aegikmoqzd_19_17%26os_ver%3D6.0%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://mx.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fptpeylhk2y2aegikmoqzd_19_17&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dmx%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0F0FtBtCtDtCyB0FyCyDyEyB0CyCtN0D0Tzu0StByCyCzztN1L2XzuyEtFyDtCtFtDtFzztCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyEzzzyyDyBzz0EtGyCtDzz0DtG0FyByDtAtGtBtB0F0BtGtB0F0EtDtAyCzy0B0BtCyCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC1TyBtA1Qzz1QtGyCtBzzyEtGyE1PzyzytG1S1RtAtDtGyCyD1QtAzyyE1Q1O1OyDyByC2QtN0A0LzutBtN1B2Z1V1T1S1NzutBtCyCtBzytN1Q2Z1B1P1RzutCyDyDyDzytCyEtAtCzz%26cr%3D944756385%26a%3Dwbf_fptpeylhk2y2aegikmoqzd_19_17%26os_ver%3D6.0%26os%3DWindows%2B(TM)%2BVista%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {6E8EC60F-4C59-433B-BEA5-949EB61225DB} URL = hxxp://www.google.com.mx/search?hl=es&q={searchTerms}&meta=
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {9E5FE3C3-6B64-4C63-9C9F-F2F31E988800} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B015US911D20140907&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> {EA50D82A-9D69-4ED7-801F-2322610FD8AA} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US0D20140907&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001 -> No Name - {5B291E6C-9A74-4034-971B-A4B007A0B315} -  No File
Handler: WSAMVCUchrome - No CLSID Value

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> ) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-14] (Adobe Inc. -> ) [File not signed]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] (Apple Inc. -> )
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4124524400-2168589064-4251907036-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-4124524400-2168589064-4251907036-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com.mx/
CHR StartupUrls: Default -> "hxxp://www.google.com.mx/","","hxxps://www.google.com/","hxxp://www.google.com/"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2019-04-22]
CHR Extension: (Kaspersky Protection) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-04-20]
CHR Extension: (Link All) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbplhdcnpcenkdciibplnkgmiffjfnni [2018-11-03]
CHR Extension: (2112) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohiccbldidfaianakiighjonjckahib [2014-01-06]
CHR Extension: (Panda Safe Web) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagakgcelolinfnkfgekcnedpaklfcok [2018-01-21]
CHR Extension: (Funky Karts) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbgibbcljlbkkeaogjofolcbakcokmie [2019-01-15]
CHR Extension: (Botón +1 de Google) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgoepmocgafhnchmokaimcmlojpnlkhp [2017-08-06]
CHR Extension: (Solitaire) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2019-01-15]
CHR Extension: (Search Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2019-04-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-19]
CHR Extension: (Secured Search Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdpcpceofkopegffcdnffeenbfdldock [2019-04-22]
CHR Extension: (Search Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2019-04-22]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.HC73AWHMEOVPFIYS4H77JTLMFE - C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-14] (Adobe Inc. -> Adobe) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc. -> Apple Inc.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ByteFenceService; c:\program files\bytefence\ByteFenceService.exe [156488 2019-03-27] (Byte Technologies LLC -> Byte Technologies LLC)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1371136 2008-04-30] (Intel(R) Corporation) [File not signed]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
S2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 lxcj_device; C:\Windows\system32\lxcjcoms.exe [452608 2006-05-11] ( ) [File not signed]
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [372144 2015-02-24] (McAfee, Inc. -> McAfee, Inc.)
S3 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [File not signed]
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [826368 2008-04-30] (Intel(R) Corporation) [File not signed]
R2 RtkAudioService; C:\Windows\RtkAudioService.exe [139808 2008-07-15] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 rtop; c:\program files\bytefence\rtop\bin\rtop_svc.exe [297288 2019-04-22] (Byte Technologies LLC -> Byte Technologies LLC.)
S3 SOHCImp; C:\Program Files (x86)\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SOHDms; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SOHDs; C:\Program Files (x86)\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation -> Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [File not signed]
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [File not signed]
R3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation -> Sony Corporation)
R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Windows -> Microsoft Corporation)
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe [410624 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2010-12-21] (MCCI Internal Testing Software -> Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S1 Beep; no ImagePath
R3 CAXHWAZL; C:\Windows\System32\DRIVERS\CAXHWAZL.sys [300032 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [102368 2013-01-31] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [10216 2008-07-11] (Sony Corporation -> Sony Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 HSFHWAZL; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [286720 2008-01-20] (Microsoft Windows -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1511936 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7907872 2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [72016 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [122496 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [86656 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [217432 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1214752 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1123664 2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56144 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [56656 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [57464 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [49280 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R1 kltdf; C:\Windows\System32\DRIVERS\kltdf.sys [105184 2017-11-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [201552 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [401736 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [337888 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-02-17] (McAfee, Inc. -> McAfee, Inc.)
R3 NETw5v64; C:\Windows\System32\DRIVERS\NETw5v64.sys [4730368 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [25600 2008-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 rimsptsk; C:\Windows\System32\DRIVERS\rimssn64.sys [85504 2008-06-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [64512 2008-07-17] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation -> MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation -> MCCI Corporation)
R3 SFEP; C:\Windows\System32\DRIVERS\SFEP.sys [11392 2008-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Sony Corporation)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203104 2013-01-31] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2008-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [731648 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio64.sys [9728 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 yukonx64; C:\Windows\System32\DRIVERS\yk60x64.sys [391680 2008-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Marvell)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 01:38 - 2019-04-22 01:38 - 000000000 ____D C:\ProgramData\ByteFence
2019-04-22 01:35 - 2019-04-22 01:41 - 000039802 _____ C:\Users\Owner\Desktop\FRST.txt
2019-04-22 01:34 - 2019-04-22 01:34 - 000000000 ____D C:\Users\Owner\Desktop\FRST-OlderVersion
2019-04-22 01:27 - 2019-04-22 01:28 - 000000000 ____D C:\Users\Owner\AppData\Local\{F312C54E-D7BA-A9F6-BA22-8C1E9E4A7086}
2019-04-22 01:27 - 2019-04-22 01:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
2019-04-22 01:26 - 2019-04-22 01:26 - 000003344 _____ C:\Windows\System32\Tasks\ByteFence
2019-04-22 01:26 - 2019-04-22 01:26 - 000003210 _____ C:\Windows\System32\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F}
2019-04-22 01:26 - 2019-04-22 01:26 - 000000270 _____ C:\Windows\Tasks\{05CE49D3-D370-02AD-4546-1460AAE14A1F}.job
2019-04-22 01:26 - 2019-04-22 01:26 - 000000000 ____D C:\Users\Owner\AppData\Local\Gomutolaso
2019-04-22 01:26 - 2019-04-22 01:26 - 000000000 ____D C:\Users\Owner\AppData\Local\chromium
2019-04-22 01:25 - 2019-04-22 01:38 - 000000000 ____D C:\Program Files\ByteFence
2019-04-22 01:25 - 2019-04-22 01:26 - 000000000 ____D C:\Users\Owner\AppData\Local\{196C2F30-3DC4-4388-505C-666074349AF8}
2019-04-22 01:25 - 2019-04-22 01:25 - 000001107 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk
2019-04-22 00:56 - 2019-04-22 00:56 - 000000978 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-04-22 00:56 - 2019-04-22 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-04-22 00:56 - 2019-04-22 00:56 - 000000000 ____D C:\Program Files\VS Revo Group
2019-04-22 00:54 - 2019-04-22 00:55 - 007127416 _____ (VS Revo Group ) C:\Users\Owner\Desktop\revosetup.exe
2019-04-21 00:28 - 2019-04-21 00:28 - 000001760 _____ C:\Users\Owner\Desktop\Kapersky.txt
2019-04-20 20:45 - 2019-04-20 20:45 - 000001097 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-04-20 20:45 - 2019-04-20 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-04-20 20:41 - 2019-04-20 20:41 - 000001952 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-04-20 20:41 - 2019-04-20 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-04-20 20:39 - 2019-04-22 01:33 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-04-20 20:39 - 2019-04-20 20:43 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-04-20 20:35 - 2019-04-20 21:46 - 001123664 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-04-20 20:35 - 2019-04-20 21:45 - 000217432 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-04-20 20:35 - 2019-04-20 20:35 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-04-20 20:35 - 2019-04-20 20:35 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-04-20 20:10 - 2019-04-20 20:11 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-04-19 23:23 - 2019-04-19 23:23 - 724604335 _____ C:\Windows\MEMORY.DMP
2019-04-19 23:23 - 2019-04-19 23:23 - 000273592 _____ C:\Windows\Minidump\Mini041919-01.dmp
2019-04-19 09:03 - 2019-04-19 09:05 - 000018382 _____ C:\Users\Owner\Desktop\Fixlog.txt
2019-04-19 03:13 - 2019-04-19 02:48 - 000005605 _____ C:\Users\Owner\Desktop\AdwCleaner[C00].txt
2019-04-19 03:04 - 2019-04-22 01:35 - 000000000 ____D C:\FRST
2019-04-19 03:03 - 2019-04-19 03:03 - 000004446 _____ C:\Users\Owner\Desktop\JRT.txt
2019-04-19 02:46 - 2019-04-19 02:48 - 000000000 ____D C:\AdwCleaner
2019-04-19 02:20 - 2019-04-19 02:20 - 000001499 _____ C:\Users\Owner\Desktop\Mwb1.txt
2019-04-19 01:37 - 2019-04-19 01:37 - 076534856 _____ (Malwarebytes ) C:\Users\Owner\Desktop\mb3-setup-legacywos-3.5.1.2522-1.0.365-1.0.5292.exe
2019-04-19 01:26 - 2019-04-19 01:26 - 000260022 _____ C:\Users\Owner\Documents\cc_20190419_012601.reg
2019-04-19 01:18 - 2019-04-19 02:42 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-19 01:18 - 2019-04-19 01:18 - 000002808 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-19 01:18 - 2019-04-19 01:18 - 000000770 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-19 01:18 - 2019-04-19 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-19 01:18 - 2019-04-19 01:18 - 000000000 ____D C:\Program Files\CCleaner
2019-04-19 01:15 - 2019-04-22 01:34 - 002435072 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2019-04-19 01:14 - 2019-04-19 01:14 - 007025360 _____ (Malwarebytes) C:\Users\Owner\Desktop\adwcleaner_7.3.exe
2019-04-19 01:12 - 2019-04-19 01:12 - 001790024 _____ (Malwarebytes) C:\Users\Owner\Desktop\JRT.exe
2019-04-19 01:10 - 2019-04-19 01:11 - 021254208 _____ (Piriform Software Ltd) C:\Users\Owner\Desktop\ccsetup556.exe
2019-04-06 18:51 - 2019-04-06 18:51 - 000000000 ____D C:\Program Files\Common Files\avast software
2019-04-06 18:48 - 2019-04-20 05:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-04-06 13:30 - 2019-04-06 13:30 - 000040116 _____ C:\Users\Owner\Desktop\Acuse transferencia consulta Rebeca dermatólogo.pdf
2019-04-05 21:38 - 2019-04-05 21:38 - 000000000 __SHD C:\found.002
2019-04-02 23:10 - 2019-04-06 13:04 - 000000000 ____D C:\Users\Owner\AppData\Local\SmartView2

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 01:26 - 2014-09-28 21:58 - 000000000 ____D C:\Users\Owner\Documents\Descargas
2019-04-22 01:26 - 2008-12-14 12:27 - 000000000 ____D C:\Users\Owner
2019-04-21 23:47 - 2006-11-02 10:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-21 23:47 - 2006-11-02 10:22 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-21 19:15 - 2008-12-20 18:12 - 000000424 ____H C:\Windows\Tasks\User_Feed_Synchronization-{6F9A8033-5389-4466-9384-F01B81356949}.job
2019-04-21 18:33 - 2011-12-28 17:02 - 000001046 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA.job
2019-04-21 11:52 - 2018-05-20 01:35 - 000000000 ____D C:\ProgramData\UMS
2019-04-21 11:47 - 2006-11-02 10:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-21 01:24 - 2014-01-05 13:31 - 000000000 ____D C:\Users\Owner\Documents\Movies
2019-04-21 01:13 - 2014-03-09 11:37 - 000000000 ____D C:\Program Files (x86)\FreeTime
2019-04-21 00:12 - 2018-02-24 05:17 - 000201552 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2019-04-21 00:12 - 2018-02-12 04:17 - 000056144 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klim6.sys
2019-04-21 00:12 - 2018-01-15 05:16 - 000056656 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klkbdflt.sys
2019-04-21 00:12 - 2017-12-11 11:49 - 000057464 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klmouflt.sys
2019-04-21 00:12 - 2017-05-30 18:51 - 000049280 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2019-04-21 00:11 - 2019-02-14 22:09 - 000122496 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupflt.sys
2019-04-20 22:33 - 2011-12-28 17:02 - 000000994 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core.job
2019-04-20 21:44 - 2019-02-14 22:09 - 000086656 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kldisk.sys
2019-04-20 21:42 - 2019-02-14 22:09 - 000072016 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys
2019-04-20 20:44 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\inf
2019-04-20 20:25 - 2015-10-25 23:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-20 20:25 - 2006-11-02 10:42 - 000032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-04-20 20:10 - 2017-03-15 12:09 - 000000000 ____D C:\Users\Owner\Documents\Programas
2019-04-19 23:23 - 2013-04-11 21:47 - 000000000 ____D C:\Windows\Minidump
2019-04-19 12:16 - 2008-11-24 09:24 - 000000000 ____D C:\Users\Best Buy
2019-04-19 12:16 - 2006-11-02 07:33 - 110624768 _____ C:\Windows\system32\config\software_previous
2019-04-19 12:16 - 2006-11-02 07:33 - 031719424 _____ C:\Windows\system32\config\system_previous
2019-04-19 12:15 - 2018-11-03 11:22 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-04-19 12:15 - 2018-05-20 01:33 - 000000000 ____D C:\Program Files (x86)\Universal Media Server
2019-04-19 12:15 - 2017-09-17 01:18 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
2019-04-19 12:15 - 2017-08-11 23:52 - 000000000 ___RD C:\Users\Owner\Documents\MEGA
2019-04-19 12:15 - 2017-05-09 22:06 - 000000000 ____D C:\Users\Owner\AppData\Roaming\DVDVideoSoft
2019-04-19 12:15 - 2017-03-15 12:07 - 000000000 ____D C:\Users\Owner\AppData\Roaming\vlc
2019-04-19 12:15 - 2017-03-14 22:40 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivx0e6e
2019-04-19 12:15 - 2017-03-14 00:26 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivx9984
2019-04-19 12:15 - 2016-11-02 11:45 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivxfe27
2019-04-19 12:15 - 2016-09-21 06:08 - 000000000 ____D C:\Users\Owner\AppData\Local\Tempdivx0e71
2019-04-19 12:15 - 2014-09-07 21:48 - 000000000 ____D C:\ProgramData\McAfee
2019-04-19 12:15 - 2012-08-04 13:29 - 000000000 ____D C:\Users\Owner\AppData\Roaming\FreeAudioPack
2019-04-19 12:15 - 2010-08-22 11:57 - 000000000 ____D C:\Users\Owner\AppData\Local\PokerStars.NET
2019-04-19 12:15 - 2009-10-13 17:18 - 000000000 ___SD C:\Users\Owner\Documents\Mis formas
2019-04-19 12:15 - 2009-06-06 11:53 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Azureus
2019-04-19 12:15 - 2009-01-15 00:12 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-19 12:15 - 2009-01-14 22:18 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2019-04-19 12:15 - 2009-01-07 16:14 - 000000000 ____D C:\Users\Owner\AppData\Local\Microsoft Help
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\spool
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\Msdtc
2019-04-19 12:15 - 2006-11-02 08:34 - 000000000 ____D C:\Windows\system32\GroupPolicy
2019-04-19 12:15 - 2006-11-02 08:33 - 000000000 ____D C:\Windows\registration
2019-04-19 12:13 - 2018-07-08 19:11 - 000000000 ____D C:\Program Files\Common Files\AV
2019-04-19 12:13 - 2014-09-07 21:48 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-04-19 12:08 - 2006-11-02 07:33 - 078118912 _____ C:\Windows\system32\config\components_previous
2019-04-19 12:08 - 2006-11-02 07:33 - 000262144 _____ C:\Windows\system32\config\sam_previous
2019-04-19 09:05 - 2006-11-02 07:33 - 000524288 _____ C:\Windows\system32\config\default_previous
2019-04-19 09:05 - 2006-11-02 07:33 - 000262144 _____ C:\Windows\system32\config\security_previous
2019-04-19 08:56 - 2014-08-28 21:54 - 000000270 _____ C:\DelFix.txt
2019-04-14 21:59 - 2018-03-13 15:59 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-14 21:59 - 2013-02-08 08:37 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-14 21:59 - 2013-02-08 08:37 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-14 21:59 - 2011-11-13 17:14 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-14 21:59 - 2011-05-16 06:58 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-14 21:59 - 2008-08-12 16:01 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-08 22:26 - 2014-09-16 21:28 - 000000732 _____ C:\Users\Owner\AppData\Local\d3d9caps64.dat
2019-04-08 20:34 - 2006-11-02 07:46 - 000006580 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-06 19:05 - 2014-09-12 10:39 - 000000000 ____D C:\Program Files\WinRAR
2019-04-06 19:05 - 2009-01-15 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-04-06 18:36 - 2014-11-17 08:38 - 000118216 _____ C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-06 18:34 - 2009-06-08 19:52 - 000001356 _____ C:\Users\Owner\AppData\Local\d3d9caps.dat
2019-04-06 18:10 - 2014-11-17 08:36 - 000453640 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-06 16:53 - 2015-10-10 13:20 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-04-06 16:53 - 2015-10-10 13:16 - 000000000 ____D C:\ProgramData\Panda Security
2019-04-06 16:52 - 2015-10-10 13:21 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Panda Security
2019-03-27 15:51 - 2015-04-05 22:28 - 000003560 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001UA1d07019b6cd7b99
2019-03-27 15:51 - 2015-04-05 22:28 - 000003288 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4124524400-2168589064-4251907036-1001Core1d07019b67c8cd9

==================== Files in the root of some directories =======

2015-11-03 22:31 - 2015-11-03 23:17 - 000003072 _____ () C:\Users\Owner\AppData\Roaming\FOTOsmile 2 Prefsv3
2017-09-14 06:57 - 2017-09-14 22:06 - 000099384 _____ () C:\Users\Owner\AppData\Roaming\inst.exe
2017-09-14 06:57 - 2017-09-14 22:06 - 000007859 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.cat
2017-09-14 06:57 - 2017-09-14 22:06 - 000001167 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.inf
2017-09-14 06:58 - 2017-09-14 22:06 - 000000033 _____ () C:\Users\Owner\AppData\Roaming\pcouffin.log
2017-09-14 06:57 - 2017-09-14 22:06 - 000082816 _____ (VSO Software) C:\Users\Owner\AppData\Roaming\pcouffin.sys
2009-10-12 13:49 - 2009-10-12 13:49 - 000025773 _____ () C:\Users\Owner\AppData\Roaming\UserTile.png
2009-06-08 19:52 - 2019-04-06 18:34 - 000001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2014-09-16 21:28 - 2019-04-08 22:26 - 000000732 _____ () C:\Users\Owner\AppData\Local\d3d9caps64.dat
2009-02-15 11:44 - 2017-09-18 06:11 - 000054784 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-04-22 00:04
==================== End of FRST.txt ============================
#15

Y el 2 de 2, parte 1

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.04.2019 01
Ran by Owner (22-04-2019 01:43:29)
Running from C:\Users\Owner\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) (2008-11-22 21:20:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4124524400-2168589064-4251907036-500 - Administrator - Disabled)
Guest (S-1-5-21-4124524400-2168589064-4251907036-501 - Limited - Enabled)
Owner (S-1-5-21-4124524400-2168589064-4251907036-1001 - Administrator - Enabled) => C:\Users\Owner

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Free (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2Wire Wireless Client (HKLM-x32\...\{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}) (Version:  - )
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.171 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft WebCam Companion 2 (HKLM-x32\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version:  - ArcSoft)
AviSynth (HKLM-x32\...\AviSynth) (Version: 2.6.0 MT - GPL Public release.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 5.4.1.19 - Byte Technologies LLC) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Click to Disc (HKLM-x32\...\{363611D9-1106-41F2-B74E-BD8481C41219}) (Version: 1.2.00.06190 - Sony Corporation) Hidden
Click to Disc (HKLM-x32\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.00.06190 - Sony Corporation)
Click to Disc Editor (HKLM-x32\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation) Hidden
Click to Disc Editor (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.2.00 - Sony Corporation)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.0.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.0.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Google Chrome (HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{26921B2E-3E62-47F9-A514-1FC4A83BD738}) (Version: 12.00.0004 - Intel(R) Corporation)
iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
MakeMKV v1.10.7 (HKLM-x32\...\MakeMKV) (Version: v1.10.7 - GuinpinSoft inc)
MediaInfo 0.7.93 (HKLM\...\MediaInfo) (Version: 0.7.93 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{AF5020D9-116A-46AC-A922-087592F37EC9}) (Version: 3.1.8.0 - Apple Inc.)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
Ogg Codecs 0.81.15562 (HKLM-x32\...\Ogg Codecs) (Version: 0.81.15562 - Xiph.Org)
OpenMG Secure Module 5.1.00 (HKLM-x32\...\{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}) (Version: 5.1.00.05200 - Sony Corporation) Hidden
OpenMG Secure Module 5.1.00 (HKLM-x32\...\InstallShield_{C1083DBC-C541-4E8C-91EA-D92397AB9A2C}) (Version: 5.1.00.05200 - Sony Corporation)
Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.3.6 - Panda Security)
Primo (HKLM-x32\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5653 - Realtek Semiconductor Corp.)
Regi (HKLM\...\{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}) (Version: 1.00.0000 - InterVideo Inc.) Hidden
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
Search Powered by Yahoo! (HKLM-x32\...\{ADF94539-FD79-94B9-4CF9-E4399C7937B9}) (Version:  - )
Segoe UI (HKLM-x32\...\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}) (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.1.01.09230 - Sony Corporation)
SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.4.0.20080627.1647 - Sony Corporation)
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.2.02.06170 - Sony Corporation)
Sony Video Shared Library (HKLM-x32\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.4.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.7.0 - Synaptics)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.8 - Transmission)
Universal Media Server (HKLM-x32\...\Universal Media Server) (Version: 7.0.1 - Universal Media Server)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 1.00.0813 - Sony)
VAIO Content Folder Setting (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.0.00.17290 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{6C50525A-2D77-4C22-B058-9AA2F27ACFF2}) (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{B513C7B0-024A-498F-B0F5-00C67E2440A9}) (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{E09A5851-B293-465E-A9FE-DFC11E0F4586}) (Version: 3.2.00.06115 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{FD72E69E-CF34-4071-BFD6-FD081A365E2C}) (Version: 3.2.00.06115 - Sony Corporation)
VAIO Content Metadata Manager Setting (HKLM-x32\...\{4314FCA1-7D0D-45E7-B115-C142466BC60A}) (Version: 3.2.00.06062 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM-x32\...\{FE697886-F392-4E0D-A0C0-47587BF60992}) (Version: 3.2.00.06062 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{2B27EB8B-3AA6-438F-BCB0-719CE2C52E32}) (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{CB8A8696-93EC-414E-A752-850AB133F68A}) (Version: 3.2.00.06112 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{EE59BBF9-415C-45DB-8C4B-EE43CF635FEA}) (Version: 3.2.00.06112 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.1.00.07110 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.2.00.06200 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{A552C4EA-D41E-4C61-A0FB-C0E05440F7D7}) (Version: 3.2.00.06200 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.1.00.07280 - Sony Corporation)
VAIO Help and Support (HKLM-x32\...\{D47FE987-EA3D-424B-9886-B752501D7CE7}) (Version: 6.00.0806.64.NS - Sony Corporation)
VAIO Launcher (HKLM-x32\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.1.00.06130 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}) (Version: 1.1.00.05240 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{BACD22AE-5B6B-4F23-B506-3FCFF13AC137}) (Version: 1.1.00.05240 - Sony Corporation) Hidden
VAIO Movie Story (HKLM-x32\...\{8BD60AEF-3F9D-47AE-B80A-FB7FFCE335A0}) (Version: 1.3.00.06240 - Sony Corporation) Hidden
VAIO Movie Story (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.3.00.06240 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.3.00.06120 - Sony Corporation)
VAIO MusicBox (HKLM-x32\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 2.1.00.06110 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM-x32\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO My Memory Center (HKLM-x32\...\{E1D25278-B51A-4163-BC3D-20A4D2D09F98}) (Version: 1.00.0229 - Sony)
VAIO OOBE and Welcome Center (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 6.00.0813.64.US - Sony Corporation)
VAIO Original Function Setting (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.4.00.04230 - Sony Corporation)
VAIO Power Management (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.1.00.08060 - Sony Corporation)
VAIO Startup Assistant (HKLM-x32\...\{DFD0E9A9-F24A-492B-8975-8C938E32408F}) (Version: 3.00.0731 - Sony)
VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.0722 - Sony Corporation)
VAIO Update 4 (HKLM-x32\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.0.0.07150 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.2.00.05200 - Sony Corporation)
VAIO Wireless Wizard (HKLM-x32\...\{BCED773C-99EE-48DD-8915-25733F69F0A8}) (Version: 1.01.0722 - Sony)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinDVD BD for VAIO (HKLM-x32\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.754 - InterVideo Inc.) Hidden
WinDVD BD for VAIO (HKLM-x32\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.754 - InterVideo Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\...\ChromeHTML: -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\GoogleUpdateOnDemand.exe (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-4124524400-2168589064-4251907036-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Owner\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll (Google Inc -> Google LLC)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\Windows\SysWOW64\AiCM64.dll [2013-08-23] () [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2013-10-31] (Apple Inc. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2019-02-27] (Mega Limited -> )
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-20] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Owner\Desktop\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Funky Karts.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jbgibbcljlbkkeaogjofolcbakcokmie
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Link All.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bbplhdcnpcenkdciibplnkgmiffjfnni
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Solitaire.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep
ShortcutWithArgument: C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2019-04-20 20:40 - 2019-04-20 20:40 - 000824608 _____ (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\remote_eka_prague_loader.dll
2019-04-20 20:40 - 2019-04-20 20:40 - 000559136 _____ (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\prremote.dll
2019-04-20 20:40 - 2019-04-20 20:40 - 000259632 _____ (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\product_info.dll
2017-09-10 01:47 - 2013-08-23 13:36 - 000721263 _____ () [File not signed] C:\Windows\SysWOW64\AiCM64.dll
2008-04-30 21:57 - 2008-04-30 21:57 - 001518080 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2007-09-06 12:27 - 2007-09-06 12:27 - 001331712 _____ () [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2008-04-30 21:42 - 2008-04-30 21:42 - 001064448 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2008-04-30 21:44 - 2008-04-30 21:44 - 000968192 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2008-04-30 21:45 - 2008-04-30 21:45 - 000335872 _____ () [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2009-12-27 19:06 - 2006-05-11 08:07 - 000365568 _____ ( ) [File not signed] C:\Windows\System32\lxcjlmpm.dll
2009-12-27 19:09 - 2006-05-11 08:07 - 000141824 _____ (Lexmark International, Inc.) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\lxcjpp6c.dll
2008-08-26 23:34 - 2008-07-15 11:15 - 000385024 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Update 4\VURes.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 000440808 _____ (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
2008-04-30 22:20 - 2008-04-30 22:20 - 001371136 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
2008-04-30 21:48 - 2008-04-30 21:48 - 002133504 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2008-04-30 21:59 - 2008-04-30 21:59 - 001304576 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2008-04-30 21:45 - 2008-04-30 21:45 - 000816640 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2008-04-30 21:46 - 2008-04-30 21:46 - 000176640 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2008-04-30 21:42 - 2008-04-30 21:42 - 000826368 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2008-08-12 16:05 - 2008-08-12 16:05 - 000081920 _____ (Sony Corporation) [File not signed] C:\Windows\assembly\GAC_64\SPMCommon\3.1.0.6020__e3c7096ba83f9295\SPMCommon.dll
2008-08-12 16:05 - 2008-08-12 16:05 - 000040960 _____ (Sony Corporation) [File not signed] C:\Windows\assembly\GAC_64\SPMDam\3.1.0.6020__1b3c579b6925895f\SPMDam.dll
2008-06-20 10:56 - 2008-06-20 10:56 - 000415744 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
2008-08-12 16:05 - 2008-08-06 20:06 - 000032768 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll
2008-08-12 16:05 - 2008-08-06 20:06 - 000151552 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VAIO Power Management\SnyUtils.dll
2008-08-26 23:33 - 2008-05-22 16:23 - 000192512 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2008-08-26 23:13 - 2008-05-20 15:48 - 000024576 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
2017-09-10 01:48 - 2014-07-09 12:04 - 002014720 _____ (AimerSoft) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
2008-08-26 22:52 - 2008-06-02 14:37 - 000028672 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
2008-08-26 22:52 - 2008-06-23 14:22 - 000040960 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
2008-08-26 22:52 - 2008-06-23 14:22 - 000028672 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
2008-08-26 22:52 - 2008-06-02 14:37 - 000065536 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
2017-11-16 08:11 - 2017-11-16 08:11 - 000310784 _____ (GitHub Community) [File not signed] C:\Program Files\ByteFence\Microsoft.Win32.TaskScheduler.dll
2019-03-27 07:25 - 2019-03-27 07:25 - 000077312 _____ () [File not signed] C:\Program Files\ByteFence\RsMessages.dll
2019-03-27 07:25 - 2019-03-27 07:25 - 000197632 _____ (Marc Gravell) [File not signed] C:\Program Files\ByteFence\protobuf-net.dll
2019-03-27 07:25 - 2019-03-27 07:25 - 000250368 _____ () [File not signed] C:\Program Files\ByteFence\websocket-sharp.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 000197096 _____ (Digital Wave Ltd -> Digital Wave Ltd) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 002094568 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcrypto-1_1.dll
2017-05-09 22:07 - 2017-03-20 17:17 - 000114664 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2017-05-09 22:06 - 2017-03-22 11:10 - 000305640 _____ (Digital Wave Ltd -> Digital Wave LTD) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll
2017-05-09 22:06 - 2017-03-20 17:17 - 000289768 _____ (Digital Wave Ltd -> The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll
2017-05-09 22:06 - 2017-03-20 17:17 - 000280040 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\SSLEAY32MD.dll
2017-05-09 22:06 - 2017-03-20 17:17 - 001336808 _____ (Digital Wave Ltd -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\LIBEAY32MD.dll
2017-05-09 22:09 - 2017-03-22 11:10 - 000133608 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll
2017-05-09 22:07 - 2017-03-22 11:10 - 000737768 _____ (Digital Wave Ltd -> DVDVideoSoft Ltd.) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\wbrhelper.dll
2017-05-09 22:09 - 2017-03-20 17:17 - 000108008 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2017-05-09 22:09 - 2017-03-20 17:17 - 000024040 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2017-05-09 22:09 - 2017-03-20 17:17 - 000048104 _____ (Digital Wave Ltd -> ) [File not signed] C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000344064 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\MSVCR70.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000126976 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000010752 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000074240 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
2008-08-12 15:59 - 2008-07-11 18:42 - 000102400 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000086016 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000151552 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000090112 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPowerMgr.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000090112 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSemiPnP.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000094208 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuPerform.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000139264 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESVideo.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000212992 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000098304 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
2008-08-26 23:33 - 2008-06-13 17:07 - 000131072 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Launcher\VESAVModeButton.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000565248 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESHKWndCommon.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2008-08-12 16:04 - 2008-07-11 18:25 - 000167936 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll
2008-08-12 16:04 - 2008-07-28 19:45 - 000005632 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll
2008-05-22 16:21 - 2008-05-22 16:21 - 000126976 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCs.dll
2008-05-29 15:33 - 2008-05-29 15:33 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\MSVCR71.dll
2008-05-29 15:33 - 2008-05-29 15:33 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\MSVCP71.dll
2008-05-22 16:41 - 2008-05-22 16:41 - 000188416 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsDsAudioFile.vzcs
2007-04-03 16:46 - 2007-04-03 16:46 - 000139264 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsDsfFile.vzcs
2008-05-22 16:29 - 2008-05-22 16:29 - 000143360 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsDsVideoFile.vzcs
2008-05-22 16:40 - 2008-05-22 16:40 - 000864256 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsImageFile.vzcs
2008-05-22 16:41 - 2008-05-22 16:41 - 000131072 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsOmgFile.vzcs
2008-05-20 03:35 - 2008-05-20 03:35 - 000090112 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OmgPcMan.dll
2008-05-20 03:43 - 2008-05-20 03:43 - 000245760 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\AVLib\OpcOmg.dll
2008-05-20 03:33 - 2008-05-20 03:33 - 000253952 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\omgmisc.dll
2008-05-20 03:31 - 2008-05-20 03:31 - 000196608 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\pfcom.DLL
2008-05-20 03:29 - 2008-05-20 03:29 - 000217088 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OMGUtils.dll
2008-05-20 03:30 - 2008-05-20 03:30 - 000307200 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\salwrap.dll
2008-05-20 03:41 - 2008-05-20 03:41 - 000258048 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OpcEa3.dll
2008-05-20 03:37 - 2008-05-20 03:37 - 000663552 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\omgconv2.DLL
2008-05-20 03:36 - 2008-05-20 03:36 - 000077824 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\omglgd.DLL
2008-05-20 03:38 - 2008-05-20 03:38 - 000106496 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\OmgTrans.ax
2008-05-20 03:36 - 2008-05-20 03:36 - 000081920 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\OpenMG\MigrateToGM.dll
2008-05-22 16:33 - 2008-05-22 16:33 - 000249856 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsVideoCapsule.vzcs
2008-05-22 16:38 - 2008-05-22 16:38 - 000098304 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VzCsWmaFile.vzcs
2008-06-10 17:21 - 2008-06-10 17:21 - 000091648 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFwPluginVzCdb.dll
2008-08-26 23:33 - 2008-06-20 10:56 - 000122880 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdb.dll
2008-08-26 23:33 - 2008-05-22 16:24 - 000011776 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvcPS.dll
2011-06-18 22:42 - 2011-06-18 22:42 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2008-08-26 23:31 - 2008-06-12 00:00 - 000057344 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzTimerWapi.dll
2008-08-26 23:31 - 2008-06-12 00:04 - 000167936 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzQueueContents.dll
2008-08-26 23:31 - 2008-06-12 00:04 - 000196608 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzDbNotifyVep.dll
2008-08-26 23:33 - 2008-05-05 13:47 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCP71.dll
2008-08-26 23:31 - 2008-06-02 21:41 - 000028672 _____ (Sony Corporation) [File not signed] C:\Program Files\Common Files\Sony Shared\VcmMgr\VcmMgrPluginIf.dll
2008-08-26 23:31 - 2008-06-12 05:04 - 000147456 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineThumbnail.dll
2008-08-26 23:31 - 2008-06-17 22:45 - 000401408 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineAVMarker.dll
2008-08-26 23:31 - 2005-09-02 17:00 - 000106496 _____ (Sony Corp.) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\MpegSysDec.dll
2008-08-26 23:31 - 2005-09-02 17:00 - 000106496 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\sonymad2.dll
2008-08-26 23:31 - 2008-06-17 22:36 - 000192512 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineIrfTopic.dll
2008-08-26 23:31 - 2007-09-04 22:05 - 000167936 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\IrfLib.dll
2008-08-26 23:31 - 2007-03-01 19:48 - 000135168 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\smvd2.dll
2008-08-26 23:31 - 2008-06-17 22:44 - 000172032 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineMMLib.dll
2008-08-26 23:31 - 2008-06-20 13:12 - 000102400 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineSFace.dll
2008-08-26 23:31 - 2008-06-12 00:03 - 000393216 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEnginePMD.dll
2008-08-26 23:31 - 2008-06-12 05:03 - 000098304 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineVideoProp.dll
2008-08-26 23:31 - 2008-06-17 23:48 - 000139264 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineVMLib.dll
2008-08-26 23:31 - 2008-06-12 00:00 - 000122880 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineEpg.dll
2008-08-26 23:31 - 2008-06-17 22:44 - 000335872 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineCM.dll
2008-08-26 23:31 - 2008-06-18 01:22 - 000299008 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzEngineHarp.dll
2008-08-26 23:31 - 2008-05-02 13:18 - 000069632 _____ (Sony Corporation) [File not signed] C:\Program Files\Sony\VCM Intelligent Analyzing Manager\harp.dll
2008-08-26 23:33 - 2008-05-05 13:47 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\MSVCR71.dll
2008-08-26 23:33 - 2008-05-22 16:24 - 000163840 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbVcds.dll
2008-08-26 23:33 - 2008-05-22 16:24 - 000241664 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSsDB.dll
2008-08-26 23:33 - 2008-06-12 19:37 - 000630784 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbLocalDB.dll
2008-08-26 23:33 - 2008-04-10 18:44 - 000143360 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSWEXEps.dll
2008-08-26 23:33 - 2008-04-10 18:55 - 001064960 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\sonyuppc.dll
2008-08-26 23:33 - 2007-04-03 16:46 - 000094208 _____ (Sony Corporation) [File not signed] C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\UPnPCtrl.dll
2019-04-20 20:40 - 2019-04-20 20:40 - 000214552 _____ (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\product_info.dll
2019-04-20 20:39 - 2019-04-20 20:39 - 000473392 _____ (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\prremote.dll
2019-04-20 20:40 - 2019-04-20 20:40 - 000422800 _____ (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) [File not signed] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\plugins_meta.dll
2008-08-26 23:13 - 2008-04-22 22:39 - 000057344 _____ (Sony Electronics Corporation) [File not signed] C:\Program Files\Sony\VAIO Wireless Wizard\SnyUtilsWrapper.dll
2011-06-18 22:42 - 2011-06-18 22:42 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2011-06-18 22:42 - 2011-06-18 22:42 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2008-08-26 23:13 - 2008-03-21 18:31 - 000020480 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Sony\VAIO Wireless Wizard\VESWrap.dll
2018-01-21 00:13 - 2018-01-21 00:13 - 023927296 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avcodec-57.dll
2018-01-21 00:13 - 2018-01-21 00:13 - 000599552 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avutil-55.dll
2018-01-21 00:13 - 2018-01-21 00:13 - 000287232 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\swresample-2.dll
2018-01-21 00:13 - 2018-01-21 00:13 - 006306816 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\avformat-57.dll
2018-01-21 00:13 - 2018-01-21 00:13 - 000513024 _____ (FFmpeg Project) [File not signed] C:\ProgramData\MEGAsync\swscale-4.dll
2016-07-11 12:23 - 2018-05-19 18:01 - 000275456 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\libcurl.dll
2016-10-01 06:44 - 2019-01-21 18:13 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\LIBEAY32.dll
2016-10-01 06:44 - 2019-01-21 18:13 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\SSLEAY32.dll
2016-06-27 10:33 - 2017-11-16 18:50 - 000061952 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\cares.dll
2016-04-13 03:38 - 2017-11-16 18:51 - 000798208 _____ () [File not signed] C:\ProgramData\MEGAsync\libsodium.dll
2016-09-25 02:12 - 2017-11-16 18:54 - 004433920 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Widgets.dll
2016-09-25 02:07 - 2017-11-16 18:54 - 005016576 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Gui.dll
2016-10-19 03:26 - 2017-11-16 18:52 - 004641792 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll
2016-09-25 02:04 - 2017-11-16 18:54 - 000851968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Network.dll
2016-09-25 02:15 - 2017-11-16 18:52 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\platforms\qwindows.dll
2016-09-25 02:14 - 2017-11-16 18:50 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qgif.dll
2016-09-25 04:36 - 2017-11-16 18:50 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qicns.dll
2016-09-25 02:14 - 2017-11-16 18:50 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qico.dll
2016-09-25 02:15 - 2017-11-16 18:50 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qjpeg.dll
2016-09-25 04:36 - 2017-11-16 18:50 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qsvg.dll
2016-09-25 04:35 - 2017-11-16 18:54 - 000255488 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\Qt5Svg.dll
2016-09-25 04:36 - 2017-11-16 18:50 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtga.dll
2016-09-25 04:36 - 2017-11-16 18:50 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qtiff.dll
2016-09-25 04:36 - 2017-11-16 18:50 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwbmp.dll
2016-09-25 04:37 - 2017-11-16 18:50 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\ProgramData\MEGAsync\imageformats\qwebp.dll
2017-09-10 01:48 - 2014-07-09 12:01 - 001459712 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2017-09-10 01:48 - 2014-05-19 17:19 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2017-09-09 19:22 - 2014-07-09 12:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
2017-03-20 16:44 - 2017-03-20 16:44 - 000111104 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2008-08-26 22:52 - 2008-06-02 14:37 - 000118784 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SonyCommonLib.dll
2008-08-26 22:52 - 2008-06-02 14:37 - 000020480 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\DebugMsg.dll
2008-08-26 22:52 - 2008-04-17 02:59 - 000020480 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Resources.dll
2008-08-26 22:52 - 2008-06-02 14:37 - 000028672 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SharedInterfaces.dll
2008-08-26 22:52 - 2008-04-17 02:59 - 000028672 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\DictionaryLookup.dll
2008-08-26 22:52 - 2008-05-27 18:27 - 000061440 _____ (Sony Electronics Corporation) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SnyUtilsWrapper.dll
2008-08-26 22:52 - 2008-04-17 02:59 - 000024576 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\MessageXML.dll
2019-04-21 11:53 - 2019-04-21 11:53 - 000207360 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Owner\AppData\Local\temp\jna-76612243\jna4192584849438889585.dll
2017-07-28 02:57 - 2017-07-28 02:57 - 004542584 _____ (MediaArea.net -> MediaArea.net) [File not signed] C:\Program Files (x86)\Universal Media Server\mediainfo.dll
2008-08-26 22:52 - 2008-06-02 14:37 - 000016384 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000036864 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000040960 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000016384 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000024576 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000024576 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
2008-08-26 22:52 - 2008-04-16 23:26 - 000049152 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\TosBtWrap.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000020480 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000016384 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
2008-08-26 22:52 - 2008-06-02 14:37 - 000020480 _____ (Sony Electronics, Inc.) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SendMessage.dll
2008-08-26 22:52 - 2008-06-23 14:22 - 000065536 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\NativeWifiWrap.dll
2008-08-26 22:52 - 2008-04-17 03:00 - 000016384 _____ () [File not signed] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWGadgetInterface.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 07:34 - 2019-04-22 01:38 - 000001545 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0  data.service.malwarebytes.org
127.0.0.1  skipittok.com
0.0.0.0  telemetry.malwarebytes.com
127.0.0.1                   license.avira.com
127.0.0.1                   62.146.210.6
127.0.0.1                   62.146.210.10
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Roxio Shared\9.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\DLLShared;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared;C:\Program Files\Intel\WiFi\bin;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-4124524400-2168589064-4251907036-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: VAIOSurvey => "C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe No File
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{116A5ED3-C596-4A84-96A2-0E32E08D1CBB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A25CE01E-8647-4097-BFF3-0B0F0B4E2A56}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{58F065DF-3241-4397-985E-A4BC7A05460D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF090BFC-D677-464B-B5BC-3FE8186A876A}] => (Allow) LPort=2869
FirewallRules: [{0734180A-52DF-48A1-9265-778EF9A3C623}] => (Allow) LPort=1900
FirewallRules: [{C06B0F85-5E4A-431F-8E77-52700C035831}] => (Allow) LPort=80
FirewallRules: [{2880CF99-BB85-427F-81B0-4995E1B58F2F}] => (Allow) LPort=80
FirewallRules: [{04407267-414B-459E-9872-145B76035AD1}] => (Allow) LPort=80
FirewallRules: [{D50C426C-4BC2-445B-B91E-21A3FB010A36}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B9F21B1-15B2-4DB3-9A30-4E1F99D2D033}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AB535CA6-38FA-4160-8AA6-C88A440A7CDC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{34631663-61E2-4584-A8C5-203CD4413B0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D70E1556-C8B7-4B76-9915-D2AC5D492D51}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1E186CB-3CB3-4CA1-95A8-F192BCCA3811}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{F7DFF4F0-8B0E-4342-BB8F-645F6236E575}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{67DBC888-91D0-41AC-AEF6-49B52872844D}] => (Allow) 㩃啜敳獲作湷牥䅜灰慄慴剜慯業杮獜湳獜湳攮數 No File
FirewallRules: [{A94ABA1D-553A-42A5-AF60-CF9474DD0542}] => (Allow) 㩃啜敳獲作湷牥䅜灰慄慴剜慯業杮獜湳獜癡略⹰硥e No File
FirewallRules: [TCP Query User{417C2303-517C-4DAC-A73A-9EADA1705A4F}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{F780F2A5-48EC-407C-8BE8-BA0A8101CE7A}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [TCP Query User{3C3327F3-2F94-4F54-878A-2811061BA3D7}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [UDP Query User{787A7CDB-43EA-49FA-A981-2E30CC96034F}C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_131\bin\javaw.exe
FirewallRules: [{51B722B2-EE21-4CE2-95CE-0DE5981F7557}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe No File
FirewallRules: [{5D77152A-2EAD-4F00-A653-B7C35AA50B2D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe No File

==================== Restore Points =========================

20-04-2019 20:35:12 First Restore Point
20-04-2019 20:36:11 Device Driver Package Install: Kaspersky Lab System devices
20-04-2019 20:40:40 Device Driver Package Install: Kaspersky Lab Network Service
20-04-2019 20:42:25 First Restore Point
20-04-2019 20:43:34 Device Driver Package Install: Kaspersky Security Data Escort Provider Network adapters
20-04-2019 21:09:20 First Restore Point
20-04-2019 21:12:13 First Restore Point
21-04-2019 12:43:15 Scheduled Checkpoint
22-04-2019 01:16:43 Revo Uninstaller's restore point - FormatFactory 4.5.0.0
22-04-2019 01:18:37 Revo Uninstaller's restore point - FormatFactory 4.5.0.0
22-04-2019 01:27:22 Revo Uninstaller's restore point - FormatFactory 4.5.0.0
22-04-2019 01:29:45 Revo Uninstaller's restore point - FormatFactory 4.5.0.0
#16

Reporte 2 de 2, parte 2

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2019 01:29:44 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a495424f-f098-4395-8158-460228d5710d}

Error: (04/22/2019 01:27:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a495424f-f098-4395-8158-460228d5710d}

Error: (04/22/2019 01:18:36 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a495424f-f098-4395-8158-460228d5710d}

Error: (04/22/2019 01:16:42 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {a495424f-f098-4395-8158-460228d5710d}

Error: (04/21/2019 11:51:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application AppleSyncNotifier.exe, version 1.6.77.0, time stamp 0x4eb1660b, faulting module MSVCR80.dll, version 8.0.50727.6195, time stamp 0x4dcddbf3, exception code 0xc000000d, fault offset 0x00008aa0,
process id 0x1268, application start time 0x01d4f8625d1cbc30.

Error: (04/21/2019 11:49:18 AM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (04/21/2019 11:49:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/20/2019 11:47:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application AppleSyncNotifier.exe, version 1.6.77.0, time stamp 0x4eb1660b, faulting module MSVCR80.dll, version 8.0.50727.6195, time stamp 0x4dcddbf3, exception code 0xc000000d, fault offset 0x00008aa0,
process id 0x44c, application start time 0x01d4f7fd466f9217.


System errors:
=============
Error: (04/21/2019 12:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 12:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 12:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 12:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 12:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 12:55:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 11:53:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

Error: (04/21/2019 11:53:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================

Date: 2019-04-22 01:43:12.325
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:11.138
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:09.935
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:08.255
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\kneps.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:06.473
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:04.346
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:02.622
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-04-22 01:43:00.867
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\klpd.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 94%
Total physical RAM: 3934.13 MB
Available physical RAM: 225.23 MB
Total Virtual: 8059.49 MB
Available Virtual: 3073.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.1 GB) (Free:33.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{bb3d79a1-b8da-11dd-8448-806e6f6e6963}\ (Recovery) (Fixed) (Total:9.78 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 6017062B)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
#17

Al resturar a un punto, se recuperaron lo errores que tenias.

Vuelve a ejecutar Delfix y el script que te habia indicado para hacer el Fixlist del post #5

#18

Pues ya hice lo que me recomendaste y no me permite iniciar normalmente el PC, diciéndome que debo uniciar el startup repair:

IMAG0545|673x500

¿Que procede en este caso?

#19

No puedo ver la imagen,pero dale a reparar inicio

#20

Tardó un poco, pero ya se reparó. ¿Qué procede?