Ordenador lento, seguí estos pasos

Hola @Duq_Plex

Si es una notebook, revisa si en la parte inferior no tiene una estampilla de licencia de Microsoft que te diga con que Sistema Operativo vino de fabrica.

O si es un PC de escritorio puede estar en la torre.

Dinos marca y modelo del equipo.

Salu2

Hola pues mi ordenador es de torre pero no tiene marca ya que me lo montó un amigo y le instaló el windows 10.

Hola @Duq_Plex

El problema de lentitud de tu ordenador no se debe a Malwares.

Si veo varios problemas que pueden ser el causante:

  • Tienes una versión de Windows 10 obsoleta que quedo antigua y ya no tiene Soporte y al no actualizar te expones a todos los agujeros de seguridad de la red.

Tu versión es:

  • Windows 10 Enterprise 2016 LTSB Version 1607

Te dejo algo de información:

https://support.microsoft.com/es-ar/help/4503267/windows-10-update-kb4503267

  • Para la versión de Windows que tienes (Enterprise), tu Ram (4 gb) es algo limitada.
  • Incluso tu Procesador salió al mercado en el año 2008.

Con ese equipo te iría mejor una versión de Windows 10 Home , y al que puedas descargarle todas las actualizaciones.


Realiza lo siguiente para ver si mejora:

1.- Desinstala con Revo Uninstaller en su Modo Avanzado:

  • Baidu Antivirus

Manual de Revo Uninstaller.

2.- Luego de reiniciar sigue estos pasos:

Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

3.- Desactiva Temporalmente tu antivirus. En tu caso al desinstalar Baidu es probable que se active Windows Defender.

4.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\MountPoints2: {86037486-6e9f-11e9-b27e-806e6f6e6963} - "D:\weasis-win32.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/#spf=1573212087549
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-793460650-1082067395-1000565632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
S3 BdSandbox; \??\C:\Windows\System32\drivers\BdSandbox.sys [X]
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
ShellServiceObjects: No Name -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => 
ShellServiceObjects: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellServiceObjects-x32: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
FirewallRules: [TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File
FirewallRules: [UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Nos comentas .

Salu2.

Aquí te adjunto el log, espero haberlo hecho bien,por cierto no se me activó el windows defender por lo que estoy sin antivirus. pd: He instalado desde vuestra pagina el Bitdefender (por tener de momento antivirus)

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Core 2 duo (26-11-2019 19:41:30) Run:1
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\MountPoints2: {86037486-6e9f-11e9-b27e-806e6f6e6963} - "D:\weasis-win32.exe" 
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/#spf=1573212087549
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-793460650-1082067395-1000565632-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
S3 BdSandbox; \??\C:\Windows\System32\drivers\BdSandbox.sys [X]
U4 dcpsvc; no ImagePath
U4 DiagTrack; no ImagePath
ShellServiceObjects: No Name -> {872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => 
ShellServiceObjects: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellServiceObjects-x32: No Name -> {900c0763-5cad-4a34-bc1f-40cd513679d5} => 
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} =>  -> No File
FirewallRules: [TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe] => (Allow) E:\emule\emule\emule.exe No File
FirewallRules: [TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File
FirewallRules: [UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe] => (Allow) E:\kodi\kodi.exe No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86037486-6e9f-11e9-b27e-806e6f6e6963} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
Service KMSELDI => service not found.
HKLM\System\CurrentControlSet\Services\BdSandbox => removed successfully
BdSandbox => service removed successfully
HKLM\System\CurrentControlSet\Services\dcpsvc => removed successfully
dcpsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\DiagTrack => removed successfully
DiagTrack => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac}" => removed successfully
HKLM\Software\Classes\CLSID\{872f8dc8-dde4-43bd-ac7a-e3d9fe86ceac} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5} => removed successfully
HKLM\Software\Classes\CLSID\{900c0763-5cad-4a34-bc1f-40cd513679d5} => not found
HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellServiceObjects\{900c0763-5cad-4a34-bc1f-40cd513679d5} => removed successfully
HKLM\Software\WOW6432Node\Classes\CLSID\{900c0763-5cad-4a34-bc1f-40cd513679d5} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E3124B8B-0EB3-4CB0-9D98-5371088219EF}E:\emule\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{85CDC7A3-E658-4700-BF89-46DF55EE2558}E:\emule\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F29FF41-633A-4E4E-A9A0-904C0143421D}E:\kodi\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6062A62B-3DDB-4013-BCA0-75CC968394DF}E:\kodi\kodi.exe" => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2d2e:331e:4524:4241%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.38
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{A327B524-86ED-4B15-916E-5DE61F12FF61}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2851:782c:8ca:415:a7ee:160e
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8ca:415:a7ee:160e%16
   Puerta de enlace predeterminada . . . . . : ::

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 40822825 B
Java, Flash, Steam htmlcache => 1158 B
Windows/system/drivers => 46509 B
Edge => 0 B
Chrome => 0 B
Firefox => 441356367 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
defaultuser0 => 384 B
Core 2 duo => 11330321 B

RecycleBin => 4119604149 B
EmptyTemp: => 4.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:42:28 ====

Por cierto instalé el bitdefender por no quedarme sin antivirus y lo tuve que quitar por que me ralentizaba mucho la velocidad, he instalado avast y va algo mejor pero aún asi algo me ralentiza, ya me dirás que hacer tambien al respecto. un saludo

Hola @Duq_Plex

NO tenias que instalar ningún antivirus, ni ningún programa, con solo cuidar donde navegas o no descargar nada no te pasará ningún problema.

Desinstala Avast con su herramienta especifica de desinstalacion.

Vuelve a ejecutar FRT como la primera vez que lo hiciste y nos pegas los dos reportes, los necesitamos nuevamente para eliminar los restos.

Salu2

Adjunto log en 2 partes:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Core 2 duo (27-11-2019 18:57:40)
Running from C:\Users\Core 2 duo\Desktop
Windows 10 Enterprise 2016 LTSB Version 1607 (X64) (2018-12-06 18:36:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-793460650-1082067395-1000565632-500 - Administrator - Disabled)
Core 2 duo (S-1-5-21-793460650-1082067395-1000565632-1001 - Administrator - Enabled) => C:\Users\Core 2 duo
DefaultAccount (S-1-5-21-793460650-1082067395-1000565632-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-793460650-1082067395-1000565632-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-793460650-1082067395-1000565632-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.2 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.2.1.2185 - Open Media LLC)
8GadgetPack (HKLM-x32\...\{E6BA0C10-856E-452A-954C-85F41072385F}) (Version: 25.0.0 - 8GadgetPack.net)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Reader XI (11.0.03) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1331, 20.12.2013 - AIMP DevTeam)
Ashampoo Burning Studio 15 v.15.0.0 (HKLM-x32\...\{91B33C97-5B38-0A92-D04A-A0F26F3F87D4}_is1) (Version: 15.0.0 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{9D00A8DA-650F-21C6-E787-78756733F15F}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
ccc-core-static (HKLM-x32\...\{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}) (Version: 2010.0210.2339.42455 - Nombre de su organización) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CrystalDiskInfo 6.0.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.0 - Crystal Dew World)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Estudio para la mejora del producto HP ENVY 4500 series (HKLM\...\{7AB1C3CE-613B-4078-8FDA-DE70E8A917E7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
HP ENVY 4500 series Ayuda (HKLM-x32\...\{083DCC02-5EB2-48B0-8BFF-F2D367F5AFB7}) (Version: 30.0.0 - Hewlett Packard)
HP ENVY 4500 series Software básico del dispositivo (HKLM\...\{F1F56388-1766-41E4-BFBE-F23671D56574}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (HKLM-x32\...\{B7EC0338-EAE9-ABEA-D202-95025E66CC8C}) (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 es-ES) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-ES)) (Version: 70.0.1 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Plex Media Server (HKLM-x32\...\{656F5C13-45EE-4E5E-BD8D-4707CD70D1CE}) (Version: 1.16.1291 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{6da84f4d-438a-4113-8155-ca857e3c5379}) (Version: 1.16.1.1291 - Plex, Inc.)
Python 3.7.1 (64-bit) (HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation)
Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8437 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Skins (HKLM-x32\...\{B04D5DA5-11DA-830C-85C6-0FF9185787E7}) (Version: 2010.0210.2339.42455 - ATI) Hidden
Stopping Plex (HKLM-x32\...\{85724C87-8FC8-4791-BDAD-BFB2FF7CE24F}) (Version: 1.16.1291 - Plex, Inc.) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer 12_is1) (Version: 12.0.71503 - TeamViewer)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Win Updates Disabler v1.4 (HKLM\...\Win Updates Disabler_is1) (Version: 1.4.0.0 - site2unblock.com)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-793460650-1082067395-1000565632-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Core 2 duo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-793460650-1082067395-1000565632-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Core 2 duo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2018-12-07] (AIMP DevTeam) [File not signed]
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll [2018-12-07] (AIMP DevTeam) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ\Online Help.lnk -> hxxp://www.virtualdj.com/support
Shortcut: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) =============

2018-12-06 22:08 - 2018-12-06 22:08 - 000013312 _____ ( ) [File not signed] C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007168 _____ ( ) [File not signed] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2009-11-24 13:36 - 2009-11-24 13:36 - 000016384 ____R () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2008-11-25 10:19 - 2008-11-25 10:19 - 001193472 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\wbocx.ocx
2018-12-07 22:17 - 2007-09-02 13:57 - 000069632 _____ () [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000014848 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
2011-11-09 22:06 - 2011-11-09 22:06 - 002508800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\Common Files\ATI Technologies\Multimedia\atimpenc64.dll
2011-11-09 22:06 - 2011-11-09 22:06 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\Common Files\ATI Technologies\Multimedia\atixcode64.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000208896 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3693.42556__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000438272 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000675840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000692224 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000798720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000589824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000712704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001728512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000126976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000192512 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3693.42553__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000225280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000204800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000258048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3693.42557__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000811008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000405504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000286720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3693.42559__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3693.42558__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001036288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000364544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000491520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000544768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
2007-10-29 14:56 - 2007-10-29 14:56 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2008-01-18 11:35 - 2008-01-18 11:35 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2008-05-15 14:51 - 2008-05-15 14:51 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000450560 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000032768 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000040960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 001142784 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000081920 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000405504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000503808 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000139264 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000290816 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000061440 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2018-12-07 22:26 - 2018-12-07 22:26 - 000590848 _____ (AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP3\Modules\aimp_menu64.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000024576 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2018-12-06 22:08 - 2018-12-06 22:08 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2018-12-06 19:35 - 2017-12-07 23:23 - 000608256 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000327680 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\container.dll
2016-07-16 12:42 - 2017-11-29 00:21 - 000092160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UXINIT.dll
2016-07-16 12:42 - 2017-11-29 00:21 - 000587264 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\UxTheme.dll
2006-08-12 16:05 - 2006-08-12 16:05 - 000126976 _____ (Stardock Corporation) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\dshelp64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-26 19:42 - 2019-11-26 19:42 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Welcome.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SWPROguard"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-11-2019 21:16:27 ZHPcleaner
26-11-2019 19:27:33 Revo Uninstaller's restore point - Baidu Antivirus
26-11-2019 19:30:16 Revo Uninstaller's restore point - eMule
26-11-2019 19:31:09 Revo Uninstaller's restore point - Malwarebytes version 4.0.4.49

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/26/2019 07:41:52 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (11/26/2019 07:41:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/26/2019 07:41:31 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {da060c45-0377-48c6-9eb4-4acd9ade17de}

Error: (11/26/2019 07:31:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/26/2019 07:31:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary (Bnmon).

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (11/26/2019 07:30:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.

Error: (11/26/2019 07:30:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary (Bnmon).

System Error:
El sistema no puede encontrar el archivo especificado.
.

Error: (11/26/2019 07:27:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Error en Servicios de cifrado mientras se procesaba el objeto "System Writer" de la llamada OnIdentity().

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protocolo de detección de nivel de vínculo de Microsoft.

System Error:
Acceso denegado.
.


System errors:
=============
Error: (11/27/2019 06:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BavSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:53:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio AvastWscReporter no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:47:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 06:47:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BavSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 08:55:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BavSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 08:55:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/26/2019 09:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio BHipsSvc no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 0304 03/14/2008
Motherboard: ASUSTeK Computer INC. P5K SE/EPU
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 37%
Total physical RAM: 4095.11 MB
Available physical RAM: 2557.44 MB
Total Virtual: 4799.11 MB
Available Virtual: 3247.01 MB

==================== Drives ================================

Drive c: (Nuevo vol) (Fixed) (Total:928.72 GB) (Free:898.01 GB) NTFS

\\?\Volume{f9aed71f-0000-0000-0000-100000000000}\ (Reservado para el sistema) (Fixed) (Total:2.8 GB) (Free:2.74 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F9AED71F)
Partition 1: (Active) - (Size=2.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=928.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

log 2:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{72d85931-d2c8-4899-a78a-7e0d319854c0}: [DhcpNameServer] 212.166.211.4 62.81.16.164
Tcpip\..\Interfaces\{a327b524-86ed-4b15-916e-5de61f12ff61}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bc6103c1-46b4-4381-8674-9cb3e4f607bc}: [DhcpNameServer] 212.166.211.4 62.81.16.164

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: azv8rvwh.default
FF ProfilePath: C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default [2019-11-27]
FF Homepage: Mozilla\Firefox\Profiles\azv8rvwh.default -> hxxp://www.google.es/
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-26]
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2120680 2019-06-28] (Plex, Inc -> Plex, Inc.)
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; C:\Windows\System32\drivers\l160x64.sys [65024 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2016-07-16] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\drivers\L1E62x64.sys [59904 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (Microsoft Windows -> MediaTek Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Microsoft Windows -> Realtek )
S3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2016-07-16] (Microsoft Windows -> Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 18:56 - 2019-11-27 18:57 - 000007767 _____ C:\Users\Core 2 duo\Desktop\FRST.txt
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-27 09:06 - 2019-11-27 09:06 - 002066743 _____ C:\Users\Core 2 duo\Downloads\joinPdf_58da73a2188a062702c0956c57e89d2f.pdf
2019-11-26 21:39 - 2019-11-26 21:39 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\CEF
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\Users\Core 2 duo\ntuser.pol
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-26 19:41 - 2019-11-27 18:56 - 000000000 ____D C:\FRST
2019-11-26 19:41 - 2019-11-26 19:42 - 000010454 _____ C:\Users\Core 2 duo\Desktop\Fixlog.txt
2019-11-26 19:40 - 2019-11-26 19:40 - 002262016 _____ (Farbar) C:\Users\Core 2 duo\Desktop\FRST64.exe
2019-11-26 19:36 - 2019-11-26 19:36 - 000000268 _____ C:\Users\Core 2 duo\Desktop\DelFix.txt
2019-11-26 19:35 - 2019-11-26 19:35 - 000797760 _____ C:\Users\Core 2 duo\Desktop\delfix.exe
2019-11-26 19:35 - 2019-11-26 19:35 - 000000268 _____ C:\DelFix.txt
2019-11-26 19:35 - 2019-11-26 19:35 - 000000000 ____D C:\Windows\ERUNT
2019-11-26 19:26 - 2019-11-26 19:26 - 000001100 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\Program Files\VS Revo Group
2019-11-26 19:24 - 2019-11-26 19:24 - 007411912 _____ (VS Revo Group ) C:\Users\Core 2 duo\Desktop\revosetup.exe
2019-11-25 12:32 - 2019-11-25 12:32 - 000006668 _____ C:\Users\Core 2 duo\Downloads\document.pdf
2019-11-23 21:06 - 2019-11-23 21:18 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\ZHP
2019-11-23 21:06 - 2019-11-23 21:06 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ZHP
2019-11-23 20:43 - 2019-11-23 20:43 - 000320874 _____ C:\Users\Core 2 duo\Documents\Scan0009.pdf
2019-11-23 20:43 - 2019-11-23 20:43 - 000137659 _____ C:\Users\Core 2 duo\Documents\Scan0010.pdf
2019-11-23 20:42 - 2019-11-23 20:42 - 000536877 _____ C:\Users\Core 2 duo\Documents\Scan0008.pdf
2019-11-23 20:41 - 2019-11-23 20:41 - 000410788 _____ C:\Users\Core 2 duo\Documents\Scan0007.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000346708 _____ C:\Users\Core 2 duo\Documents\Scan0005.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000315055 _____ C:\Users\Core 2 duo\Documents\Scan0006.pdf
2019-11-23 20:39 - 2019-11-23 20:39 - 000173321 _____ C:\Users\Core 2 duo\Documents\Scan0004.pdf
2019-11-23 20:37 - 2019-11-23 20:37 - 000482263 _____ C:\Users\Core 2 duo\Documents\Scan0003.pdf
2019-11-22 10:11 - 2019-11-22 10:12 - 000703513 _____ C:\Users\Core 2 duo\Documents\Scan0002.pdf
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\mbamtray
2019-11-21 20:40 - 2019-11-21 20:39 - 000020936 _____ (Malwarebytes) C:\Windows\ELAMBKUP
2019-11-21 11:04 - 2019-11-27 09:07 - 000000000 ____D C:\Users\Core 2 duo\Desktop\facturas luz
2019-11-21 10:38 - 2019-11-21 10:38 - 000441117 _____ C:\Users\Core 2 duo\Documents\Scan0001.pdf
2019-11-17 19:56 - 2019-11-17 19:56 - 000133163 _____ C:\Users\Core 2 duo\Desktop\vida laboral.pdf
2019-11-17 19:41 - 2019-11-17 19:41 - 000162105 _____ C:\Users\Core 2 duo\Desktop\justificante.pdf
2019-11-06 15:19 - 2019-11-13 15:37 - 000004586 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-06 15:19 - 2019-11-13 15:37 - 000004388 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-06 15:19 - 2019-11-13 15:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-06 15:19 - 2019-11-06 15:19 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Macromedia
2019-11-03 21:08 - 2019-11-03 21:08 - 000000299 _____ C:\Users\Core 2 duo\Documents\Presupuesto Almussafes.txt
2019-10-31 16:13 - 2019-10-31 16:13 - 000000246 _____ C:\Users\Core 2 duo\Desktop\Prime Video.URL
2019-10-30 19:32 - 2019-10-30 19:31 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-10-28 20:47 - 2019-10-31 20:20 - 000000000 ____D C:\Torrents

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 18:55 - 2019-07-03 20:50 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Mozilla
2019-11-27 18:53 - 2018-12-06 16:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-27 18:52 - 2018-12-06 19:42 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ClassicShell
2019-11-27 08:59 - 2018-12-06 16:08 - 006775028 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-27 08:59 - 2016-07-16 23:39 - 003301242 _____ C:\Windows\system32\perfh00A.dat
2019-11-27 08:59 - 2016-07-16 23:39 - 000941780 _____ C:\Windows\system32\perfc00A.dat
2019-11-27 08:54 - 2018-12-06 21:08 - 000000000 ____D C:\Program Files\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:32 - 2018-12-07 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-11-26 21:17 - 2018-12-06 16:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-26 20:45 - 2019-06-28 19:20 - 000005338 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH
2019-11-26 20:02 - 2018-12-07 22:46 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\MPC-HC
2019-11-26 20:02 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2019-11-26 19:43 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo
2019-11-26 19:42 - 2019-10-15 09:33 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Temp
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-11-26 13:11 - 2018-12-07 22:29 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Microsoft Help
2019-11-25 20:05 - 2019-10-05 14:44 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Kodi
2019-11-25 15:06 - 2019-09-25 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-22 10:06 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Packages
2019-11-21 20:40 - 2019-06-30 15:49 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\cache
2019-11-21 12:09 - 2016-07-16 07:04 - 000008192 _____ C:\Windows\system32\config\BBI
2019-11-19 09:49 - 2019-10-19 08:20 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Ofimatica Pdf
2019-11-13 15:36 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-06 15:19 - 2018-12-07 22:47 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Adobe
2019-11-04 11:37 - 2019-10-10 11:25 - 000000000 ____D C:\Users\Core 2 duo\Desktop\correos
2019-11-03 20:21 - 2018-12-07 22:21 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\Program Files (x86)\Java

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-20 16:13
==================== End of FRST.txt ========================

Hola @Duq_Plex

El informe de Addition entró completo, pero el reporte de Frst te falto la primera parte antes de:

==================== Internet (Whitelisted) ====================

La necesito para continuar.

Salu2

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by Core 2 duo (administrator) on DESKTOP-62I3FUH (28-11-2019 18:37:26)
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Platform: Windows 10 Enterprise 2016 LTSB Version 1607 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\RocketDock\RocketDock.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ATI Technologies, Inc -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies, Inc -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Baidu Antivirus] => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe" -auto
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
HKU\S-1-5-21-793460650-1082067395-1000565632-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [File not signed]
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24869352 2019-06-28] (Plex, Inc -> Plex, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Welcome.lnk [2017-11-09]
ShortcutTarget: Welcome.lnk -> C:\Welcome\Welcome.exe () [File not signed]
Startup: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar662.lnk [2019-11-28]
ShortcutTarget: Sidebar662.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
Startup: C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP ENVY 4500 series.lnk [2019-11-28]
ShortcutAndArgument: Supervisar alertas de tinta - HP ENVY 4500 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP ENVY 4500 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN53H221HJ060F;CONNECTION=USB;MONITOR=1;
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01795000-5B9E-4D32-A575-159B4938508A} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [5745672 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {0F9B572B-F328-407E-9BB1-BB723B05012E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
Task: {1E89733F-A4C0-47B9-83B4-8487BA5C6D55} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4F65979C-3296-41F0-8163-FA972A47A276} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {676E0A73-BC47-4DE0-B9D4-85118816C2D5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B22DFE2-D005-4200-A225-C05BB5CB6FEA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {81F8D840-9F75-4885-9880-AA638DB0D8BF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe)
Task: {8A22C4BA-0816-4DF4-B67E-57E2B348A200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {EB524607-9629-441C-A41E-D4F9B5262537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe)
Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
Task: {FABCE7CC-AE7E-418D-AC78-12EB16028359} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{72d85931-d2c8-4899-a78a-7e0d319854c0}: [DhcpNameServer] 212.166.211.4 62.81.16.164
Tcpip\..\Interfaces\{a327b524-86ed-4b15-916e-5de61f12ff61}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{bc6103c1-46b4-4381-8674-9cb3e4f607bc}: [DhcpNameServer] 212.166.211.4 62.81.16.164

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: azv8rvwh.default
FF ProfilePath: C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default [2019-11-28]
FF Homepage: Mozilla\Firefox\Profiles\azv8rvwh.default -> hxxp://www.google.es/
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2120680 2019-06-28] (Plex, Inc -> Plex, Inc.)
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; C:\Windows\System32\drivers\l160x64.sys [65024 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
S3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2016-07-16] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S3 L1E; C:\Windows\System32\drivers\L1E62x64.sys [59904 2016-07-16] (Microsoft Windows -> Atheros Communications, Inc.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
S3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (Microsoft Windows -> MediaTek Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Microsoft Windows -> Realtek )
S3 RtlWlanu_OldIC; C:\Windows\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 yukonw8; C:\Windows\System32\drivers\yk63x64.sys [288768 2016-07-16] (Microsoft Windows -> Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 19:02 - 2019-11-27 19:03 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Documentos Manoli
2019-11-27 18:57 - 2019-11-27 18:59 - 000052821 _____ C:\Users\Core 2 duo\Desktop\Addition.txt
2019-11-27 18:56 - 2019-11-28 18:38 - 000016887 _____ C:\Users\Core 2 duo\Desktop\FRST.txt
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-27 09:06 - 2019-11-27 09:06 - 002066743 _____ C:\Users\Core 2 duo\Downloads\joinPdf_58da73a2188a062702c0956c57e89d2f.pdf
2019-11-26 21:39 - 2019-11-26 21:39 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\CEF
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\Users\Core 2 duo\ntuser.pol
2019-11-26 19:43 - 2019-11-26 19:43 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-11-26 19:41 - 2019-11-28 18:38 - 000000000 ____D C:\FRST
2019-11-26 19:40 - 2019-11-26 19:40 - 002262016 _____ (Farbar) C:\Users\Core 2 duo\Desktop\FRST64.exe
2019-11-26 19:35 - 2019-11-26 19:35 - 000797760 _____ C:\Users\Core 2 duo\Desktop\delfix.exe
2019-11-26 19:35 - 2019-11-26 19:35 - 000000268 _____ C:\DelFix.txt
2019-11-26 19:35 - 2019-11-26 19:35 - 000000000 ____D C:\Windows\ERUNT
2019-11-26 19:26 - 2019-11-26 19:26 - 000001100 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-11-26 19:26 - 2019-11-26 19:26 - 000000000 ____D C:\Program Files\VS Revo Group
2019-11-26 19:24 - 2019-11-26 19:24 - 007411912 _____ (VS Revo Group ) C:\Users\Core 2 duo\Desktop\revosetup.exe
2019-11-25 12:32 - 2019-11-25 12:32 - 000006668 _____ C:\Users\Core 2 duo\Downloads\document.pdf
2019-11-23 21:06 - 2019-11-23 21:18 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\ZHP
2019-11-23 21:06 - 2019-11-23 21:06 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ZHP
2019-11-23 20:43 - 2019-11-23 20:43 - 000320874 _____ C:\Users\Core 2 duo\Documents\Scan0009.pdf
2019-11-23 20:43 - 2019-11-23 20:43 - 000137659 _____ C:\Users\Core 2 duo\Documents\Scan0010.pdf
2019-11-23 20:42 - 2019-11-23 20:42 - 000536877 _____ C:\Users\Core 2 duo\Documents\Scan0008.pdf
2019-11-23 20:41 - 2019-11-23 20:41 - 000410788 _____ C:\Users\Core 2 duo\Documents\Scan0007.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000346708 _____ C:\Users\Core 2 duo\Documents\Scan0005.pdf
2019-11-23 20:40 - 2019-11-23 20:40 - 000315055 _____ C:\Users\Core 2 duo\Documents\Scan0006.pdf
2019-11-23 20:39 - 2019-11-23 20:39 - 000173321 _____ C:\Users\Core 2 duo\Documents\Scan0004.pdf
2019-11-23 20:37 - 2019-11-23 20:37 - 000482263 _____ C:\Users\Core 2 duo\Documents\Scan0003.pdf
2019-11-22 10:11 - 2019-11-22 10:12 - 000703513 _____ C:\Users\Core 2 duo\Documents\Scan0002.pdf
2019-11-21 20:40 - 2019-11-21 20:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\mbamtray
2019-11-21 20:40 - 2019-11-21 20:39 - 000020936 _____ (Malwarebytes) C:\Windows\ELAMBKUP
2019-11-21 10:38 - 2019-11-21 10:38 - 000441117 _____ C:\Users\Core 2 duo\Documents\Scan0001.pdf
2019-11-06 15:19 - 2019-11-13 15:37 - 000004586 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-06 15:19 - 2019-11-13 15:37 - 000004388 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-06 15:19 - 2019-11-13 15:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-06 15:19 - 2019-11-06 15:19 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Macromedia
2019-11-03 21:08 - 2019-11-03 21:08 - 000000299 _____ C:\Users\Core 2 duo\Documents\Presupuesto Almussafes.txt
2019-10-31 16:13 - 2019-10-31 16:13 - 000000246 _____ C:\Users\Core 2 duo\Desktop\Prime Video.URL
2019-10-30 19:32 - 2019-10-30 19:31 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-28 18:33 - 2019-07-03 20:50 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Mozilla
2019-11-28 18:33 - 2018-12-06 16:07 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-11-28 18:27 - 2019-06-28 19:20 - 000005338 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-62I3FUH-Core 2 duo DESKTOP-62I3FUH
2019-11-28 18:18 - 2018-12-06 16:08 - 006833880 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-28 18:18 - 2016-07-16 23:39 - 003332618 _____ C:\Windows\system32\perfh00A.dat
2019-11-28 18:18 - 2016-07-16 23:39 - 000951288 _____ C:\Windows\system32\perfc00A.dat
2019-11-28 18:13 - 2018-12-06 16:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-27 21:04 - 2018-12-06 19:42 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\ClassicShell
2019-11-27 20:57 - 2019-10-05 14:44 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Kodi
2019-11-27 08:54 - 2018-12-06 21:08 - 000000000 ____D C:\Program Files\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:43 - 2018-12-06 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-26 21:32 - 2018-12-07 22:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-11-26 20:02 - 2018-12-07 22:46 - 000000000 ____D C:\Users\Core 2 duo\AppData\Roaming\MPC-HC
2019-11-26 20:02 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2019-11-26 19:43 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo
2019-11-26 19:42 - 2019-10-15 09:33 - 000000000 ____D C:\Users\Core 2 duo\AppData\LocalLow\Temp
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-11-26 19:41 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-11-26 13:11 - 2018-12-07 22:29 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Microsoft Help
2019-11-25 15:06 - 2019-09-25 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-22 10:06 - 2018-12-06 19:40 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Packages
2019-11-21 20:40 - 2019-06-30 15:49 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\cache
2019-11-21 12:09 - 2016-07-16 07:04 - 000008192 _____ C:\Windows\system32\config\BBI
2019-11-19 09:49 - 2019-10-19 08:20 - 000000000 ____D C:\Users\Core 2 duo\Desktop\Ofimatica Pdf
2019-11-13 15:36 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-06 15:19 - 2018-12-07 22:47 - 000000000 ____D C:\Users\Core 2 duo\AppData\Local\Adobe
2019-11-04 11:37 - 2019-10-10 11:25 - 000000000 ____D C:\Users\Core 2 duo\Desktop\correos
2019-11-03 20:21 - 2018-12-07 22:21 - 000001240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-10-31 20:20 - 2019-10-28 20:47 - 000000000 ____D C:\Torrents
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-10-30 19:32 - 2019-07-10 17:56 - 000000000 ____D C:\Program Files (x86)\Java

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-20 16:13
==================== End of FRST.txt ========================

Hola @Duq_Plex

Aun tienes muchos restos de todos los AV, especialmente de Baidu.

Sigue estos pasos:

1.- Muy Importante >>> Realizar una copia de Seguridad de su Registro.

  • Descarga DelFix en el escritorio de Windows.
  • Clic Derecho, “Ejecutar como Administrador”.
  • En la ventana principal, marca solamente la casilla “Create Registry Backup”.
  • Clic en Run.

Al terminar se abrirá un reporte llamado DelFix.txt, guárdelo por si fuera necesario y cierre la herramienta…

2.- Desactiva Temporalmente tu antivirus. en tu caso Windows Defender

3.- Abre un nuevo archivo Notepad/Bloc de Notas y copia y pega este contenido:

Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Baidu Antivirus] => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe" -auto
C:\Program Files (x86)\Baidu Security
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
C:\ProgramData\Baidu Security
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Recuerda que estarás sin AV, no instales ni descargues nada que no te diga.

Por tu seguridad instala Malwarebytes Browser Guard en tus navegadores.

Nos comentas .

Salu2.

Hola aquí te adjunto el log

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Core 2 duo (29-11-2019 20:53:10) Run:2
Running from C:\Users\Core 2 duo\Desktop
Loaded Profiles: Core 2 duo (Available Profiles: defaultuser0 & Core 2 duo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Baidu Antivirus] => "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavTray.exe" -auto
C:\Program Files (x86)\Baidu Security
HKLM\...\Policies\Explorer: [SettingsPageVisibility] hide:gaming-broadcasting;gaming-gamebar;gaming-gamedvr;gaming-gamemode;gaming-trueplay;gaming-xboxnetworking;maps;pen;recovery;speech;tabletmode;windowsdefender;windowsinsider
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {1BCDB4BD-7AD3-4E67-85C0-61F100D7718D} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\Windows\system32\CScript.exe "C:\ProgramData\Baidu Security\Duplicaterecord.js"
C:\ProgramData\Baidu Security
Task: {FD05758A-94CC-47DE-8247-A4FA9B2908C4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: (Avast Online Security) - C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] [2019-11-27]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/groups/windowsminios
S2 BavSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BavSvc.exe" [X]
S2 BHipsSvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.147185.0\BHipsSvc.exe" [X]
S3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-05-27] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> )
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [485672 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [169416 2018-12-06] (Baidu Online Network Technology (Beijing) Co.,Ltd. -> Baidu, Inc.)
2019-11-27 18:50 - 2019-11-27 18:50 - 010823512 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avastclear.exe
2019-11-26 21:38 - 2019-11-27 18:53 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-26 21:37 - 2019-11-27 18:53 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-26 21:36 - 2019-11-26 21:36 - 000233080 _____ (AVAST Software) C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe
2019-11-26 21:32 - 2019-11-26 21:32 - 000066588 _____ C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin
2019-11-26 20:11 - 2019-11-26 20:11 - 000075164 _____ C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin
2019-11-26 20:07 - 2019-11-26 20:07 - 000001219 _____ C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk
2019-11-26 20:05 - 2019-11-26 20:05 - 000000000 ____D C:\ProgramData\Bitdefender
2019-11-26 20:04 - 2019-11-26 20:04 - 000103488 _____ C:\ProgramData\agent.1574795055.bdinstall.v2.bin
2019-11-26 20:04 - 2019-11-26 20:04 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-11-26 20:03 - 2019-11-26 20:03 - 010527368 _____ C:\Users\Core 2 duo\Downloads\bitdefender_online.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers2: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File
ContextMenuHandlers6: [Baidu_Scan] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CB} =>  -> No File

CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Baidu Antivirus" => removed successfully
C:\Program Files (x86)\Baidu Security => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\SettingsPageVisibility" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BCDB4BD-7AD3-4E67-85C0-61F100D7718D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BCDB4BD-7AD3-4E67-85C0-61F100D7718D}" => removed successfully
C:\Windows\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => removed successfully
C:\ProgramData\Baidu Security => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD05758A-94CC-47DE-8247-A4FA9B2908C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD05758A-94CC-47DE-8247-A4FA9B2908C4}" => removed successfully
C:\Windows\System32\Tasks\DriverEasy Scheduled Scan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DriverEasy Scheduled Scan" => removed successfully
C:\Windows\Tasks\DriverEasy Scheduled Scan.job => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
C:\Users\Core 2 duo\AppData\Roaming\Mozilla\Firefox\Profiles\azv8rvwh.default\Extensions\[email protected] => moved successfully
"FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones)" => not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
HKLM\System\CurrentControlSet\Services\BavSvc => removed successfully
BavSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\BHipsSvc => removed successfully
BHipsSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\bdark64 => removed successfully
bdark64 => service removed successfully
Bfilter => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bfilter => removed successfully
Bfilter => service removed successfully
Bfmon => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bfmon => removed successfully
Bfmon => service removed successfully
Bnbase => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bnbase => removed successfully
Bnbase => service removed successfully
Bndef => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bndef => removed successfully
Bndef => service removed successfully
Bprotect => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bprotect => removed successfully
Bprotect => service removed successfully
C:\Users\Core 2 duo\Downloads\avastclear.exe => moved successfully
C:\Program Files\Common Files\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Users\Core 2 duo\Downloads\avast_free_antivirus_setup_online.exe => moved successfully
C:\ProgramData\agent.uninstall.1574800366.bdinstall.v2.bin => moved successfully
C:\ProgramData\agent.update.1574795472.bdinstall.v2.bin => moved successfully
C:\Users\Core 2 duo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitdefender Antivirus Free.lnk => moved successfully
C:\ProgramData\Bitdefender => moved successfully
C:\ProgramData\agent.1574795055.bdinstall.v2.bin => moved successfully
C:\ProgramData\Bitdefender Agent => moved successfully
C:\Users\Core 2 duo\Downloads\bitdefender_online.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Baidu_Scan => removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet 2:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2d2e:331e:4524:4241%15
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.38
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de t£nel isatap.{A327B524-86ED-4B15-916E-5DE61F12FF61}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel Teredo Tunneling Pseudo-Interface:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2001:0:2851:782c:8ca:415:a7ee:160e
   V¡nculo: direcci¢n IPv6 local. . . : fe80::8ca:415:a7ee:160e%16
   Puerta de enlace predeterminada . . . . . : ::

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Interfaz se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-793460650-1082067395-1000565632-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10666189 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6586 B
Edge => 0 B
Chrome => 0 B
Firefox => 137378825 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
defaultuser0 => 128 B
Core 2 duo => 42615181 B

RecycleBin => 0 B
EmptyTemp: => 181.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:54:36 ====

Hola @Duq_Plex

Perfecto…:+1:

Solo falto que comentes como sientes el equipo.


Sigue optimizando de la siguiente manera:

1.- Ejecuta CCleaner desde tu escritorio.

  • Siguiendo su manual lo ejecutas y utilizas las opciones Limpiador y Registro del mismo, tal como se explican en su Manual.

2.- Realiza un análisis completo del Disco Duro siguiendo la guía:

IMPORTANTE: Si el porcentaje de Avance parece pararse, NO Canceles el proceso. Déjalo continuar si es necesario durante 24 horas más. .

3.- Libera espacio en disco siguiendo los pasos de:

4. Desfragmenta el/los discos duros y particiones del PC, siguiendo los pasos de:

Nota:: Si tu disco es un SSD este paso no es necesario.

Luego de reiniciar, nos comentas como sigue el equipo.

Salu2.

Hola seguí todos los pasos, parece el equipo va algo más fluido, al menos de momento, tambien he de decir estoy sin antivirus ya que el windows defender no lo lleva este equipo , ¿qué antivirus me recomiendas instale?. por cierto aún tengo las herramientas FRST,Delfix y Revo en escritorio.

Un Saludo

Hola @Duq_Plex

Sobre Revo Uninstaller puedes dejarlo en el equipo ya que te servirá para cuando quieras desinstalar un programa para que no te quede basura en tu ordenador.

Sobre el Antivirus, prueba con Kaspersky Free a ver como te va.

Te recuerdo la mejor recomendación para ese equipo es que le coloques una versión mas actualizada de Windows 10 y mas liviana como la Home.

Ademas si te es posible aumentarle la Ram ya que estas muy limitado.


Para eliminar las herramientas utilizadas:

Descargas/Ejecutas >> Delfix, desde tu escritorio.

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7 /8 /10,presiona clic derecho y selecciona >> “Ejecutar como Administrador”)
  • Marca las casilla Remove disinfection tools y Purgue Sistem Restore
  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Nos comentas si todo esta en orden para dar por Solucionado el tema.

Salu2.

Hola el antivirus que me recomendaste lo desinstale ya que perdia mucha velocidad de conexión ,tengo 300 y me bajaba a menos de 100, sin antivirus me coge los 300, he instalado avast y lo mismo y con panda igual así que no se cual instalar que no me ralentice tanto.

Hola @Duq_Plex

Deberías haber venido por aquí y comentarlo antes, ahora ya has desinstalado y reinstalado y siempre te quedan restos.

Con tu equipo de escasos recursos todos te ralentizaran lamentablemente, yo tengo en un equipo de solo dos gigas de Ram Malwarebytes Premium y es el único que va de maravilla, obviamente es pago.

Algo interesante sobre Kaspersky:

Reducción de la velocidad de conexión a Internet después de instalar un producto de Kaspersky

Salu2

Hola, no he podido pasar antes y respondo ahora desde el móvil, ahora resulta que no entra a, windows y se queda en un pantallazo azul.

Hola @Duq_Plex

Recuerdas que estabas haciendo? Instalaste algo nuevo? Algún cambio de Hardware?

Para poder ayudarte toma una imagen de la pantalla azul (o copias el detalle de lo que te aparezca en la misma).

Salu2

No recuerdo estar haciendo nada raro, he de decir el cd de Windows no lo tengo. Adjunto imagen del pantallazo.