Portátil muy lento, no deja utilizar el antivirus, etc

Hola buenas tardes.

Tengo un portátil Acer Aspire E5 con windows10 que tarda mucho en encender y tiene un comportamiento muy lento en general.

Estoy entrando en modo a prueba de fallos y estos son los sintomas:

• No me deja abrir el antivirus avast ( dice que ha ocurrido un error)
• No puedo acceder a las actualizaciones de windows update.
• Muy lento en general.

Lo que he realizado es lo siguiente:

• Ccleaner
• Instalar y ejecutar malwarebytes antimalware
• Ejecutar Adwcleaner
• Pasar el antivirus eset online

dice que eliminó algunos malwares pero sigue sin abrirme el antivirus, ni las actualizaciones de windows, y sigue lento.

Ya que no se que mas hacer recurro a vosotros de nuevo, ya lo hice hace unos años con otra cuenta que tenía.

Un saludo y gracias

Hola

Ejecuta en orden y me pegas los logs

• Desactiva Temporalmente tu antivirus y cualquier programa de seguridad.

• Descarga a Tu Escritorio >> Esto es muy importante<<.,Fabar Recovery Scan Tool, considerando la versión adecuada para tu equipo. (32 o 64 bits) ¿Cómo saber si mi Windows es de 32 o 64 bits?

• Doble clic para ejecutar Frst.exe. En la ventana del Disclaimer, presiona Yes.

• En la nueva ventana que se abre, presiona el botón Scan y espera a que concluya el análisis.

• Se abrirán dos (2) archivos (Logs), Frst.txt y Addition.txt, que estarán grabados en Tu escritorio.

En Tu próxima respuesta, copias y pegas los dos reportes Frst.txt y Addition.txt de FRST

Nota: Si el/los reportes solicitados no entraran en una sola respuesta porque superan la cantidad de caracteres permitidos, puedes utilizar dos o mas respuestas para pegarlos completamente.

hola ahí van los reportes:

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by luigi (administrator) on LAPTOP-GHR2QQ5H (25-03-2019 00:29:52)
Running from C:\Users\luigi\Desktop
Loaded Profiles: luigi & teque (Available Profiles: luigi & teque)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Español (España, internacional)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710056 2015-07-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\Run: [uTorrent] => C:\Users\luigi\AppData\Roaming\uTorrent\uTorrent.exe [1815736 2019-03-04] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\Run: [utweb] => C:\Users\luigi\AppData\Roaming\uTorrent Web\utweb.exe [5413080 2019-01-15] (Jenkins Win Client Build SPC -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\Run: [Spotify] => C:\Users\luigi\AppData\Roaming\Spotify\Spotify.exe [25650920 2019-03-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\MountPoints2: {a3192f4b-7401-11e8-9db3-ccb0da82f364} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2254800085-4252518015-1038287387-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2254800085-4252518015-1038287387-1002\...\MountPoints2: {a3192f4b-7401-11e8-9db3-ccb0da82f364} - "D:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe [2019-03-05] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1499abd9-5ce3-4205-9963-f6abf81f704b}: [DhcpNameServer] 213.60.205.175
Tcpip\..\Interfaces\{3ace03cf-18f4-4a55-a702-e5b056ebb1e0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2254800085-4252518015-1038287387-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2254800085-4252518015-1038287387-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
SearchScopes: HKLM -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\.DEFAULT -> {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> {904241BD-BB2B-4C47-BFEA-CD57AB96B6A9} URL = hxxp://www.qo-es.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\java\bin\ssv.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\java\bin\jp2ssv.dll => No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> hxxp://www.qo-es.com/

FireFox:
========
FF DefaultProfile: n68y5a9e.default
FF ProfilePath: C:\Users\luigi\AppData\Roaming\Mozilla\Firefox\Profiles\n68y5a9e.default [2019-03-24]
FF Homepage: Mozilla\Firefox\Profiles\n68y5a9e.default -> hxxps://www.google.com/
FF Extension: (Español (España) Language Pack) - C:\Users\luigi\AppData\Roaming\Mozilla\Firefox\Profiles\n68y5a9e.default\Extensions\[email protected] [2018-05-26] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\luigi\AppData\Roaming\Mozilla\Firefox\Profiles\n68y5a9e.default\Extensions\[email protected] [2018-05-26] [Legacy]
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [not found]
FF SearchPlugin: C:\Users\luigi\AppData\Roaming\Mozilla\Firefox\Profiles\n68y5a9e.default\searchplugins\bing-lavasoft-ff59.xml [2019-03-13]
FF Extension: (Español (España) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2018-03-26] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2018-03-26] [Legacy]
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> D:\Java\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> D:\Java\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> D:\java\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> D:\java\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.qo-es.com/
CHR StartupUrls: Default -> "hxxp://www.qo-es.com/"
CHR DefaultSearchURL: Default -> hxxps://es.search.yahoo.com/search?fr=mcafee&type=D211ES662G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default [2019-03-24]
CHR Extension: (Documentos) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (Google Drive) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-28]
CHR Extension: (YouTube) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-28]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-03-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-21]
CHR Extension: (Avast Online Security) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-23]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-17]
CHR Extension: (Gmail) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-28]
CHR Extension: (Chrome Media Router) - C:\Users\luigi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
S3 dot3svc; C:\WINDOWS\System32\dot3svc.dll [252928 2018-04-12] (Microsoft Corporation) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent Inc -> WildTangent)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2017-09-25] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 NaturalAuthentication; C:\WINDOWS\System32\NaturalAuth.dll [824832 2018-04-12] (Microsoft Corporation) [File not signed]
S3 Netman; C:\WINDOWS\System32\netman.dll [262656 2018-04-12] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-07-29] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-07-29] (Acer Incorporated -> Acer Incorporated)
S3 SmsRouter; C:\WINDOWS\system32\SmsRouterSvc.dll [590336 2018-04-12] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945264 2017-12-05] (TeamViewer GmbH -> TeamViewer GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
R2 W32Time; C:\WINDOWS\system32\w32time.dll [579584 2018-04-12] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WebClient; C:\WINDOWS\System32\webclnt.dll [217088 2018-04-12] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [266240 2018-04-12] (Microsoft Corporation) [File not signed]
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\\McCSPServiceHost.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72864 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [114040 2019-03-24] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2412976 2017-04-23] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 vwifibus; C:\WINDOWS\System32\drivers\vwifibus.sys [27136 2018-04-12] (Microsoft Corporation) [File not signed]
S1 vwififlt; C:\WINDOWS\System32\drivers\vwififlt.sys [76288 2018-04-12] (Microsoft Corporation) [File not signed]
S3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [44544 2018-04-12] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-25 00:29 - 2019-03-25 00:57 - 000026050 _____ C:\Users\luigi\Desktop\FRST.txt
2019-03-25 00:29 - 2019-03-25 00:29 - 000000000 ____D C:\FRST
2019-03-24 23:23 - 2019-03-24 23:23 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3731A1A0.sys
2019-03-24 23:22 - 2019-03-25 00:28 - 000000000 ____D C:\Users\luigi\Desktop\mbar
2019-03-24 23:22 - 2019-03-25 00:28 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-03-24 23:19 - 2019-03-24 23:19 - 002434048 _____ (Farbar) C:\Users\luigi\Desktop\FRST64.exe
2019-03-24 23:12 - 2019-03-24 23:12 - 014178840 _____ (Malwarebytes Corp.) C:\Users\luigi\Desktop\mbar-1.10.3.1001.exe
2019-03-24 22:15 - 2019-03-24 22:15 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-03-24 22:15 - 2019-03-24 22:15 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-03-24 22:15 - 2019-03-24 22:15 - 000114040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-03-24 22:15 - 2019-03-24 22:15 - 000072864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-03-24 20:57 - 2019-03-24 21:04 - 000005412 _____ C:\Users\luigi\Desktop\Rkill.txt
2019-03-24 20:56 - 2019-03-24 20:56 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\luigi\Downloads\iExplore.exe
2019-03-24 02:34 - 2019-03-24 02:34 - 000003072 _____ C:\Users\luigi\Documents\kk2.txt
2019-03-23 20:19 - 2019-03-23 20:19 - 007665272 _____ (ESET spol. s r.o.) C:\Users\luigi\Downloads\esetonlinescanner_esn.exe
2019-03-23 20:19 - 2019-03-23 20:19 - 000000000 ____D C:\Users\luigi\AppData\Local\ESET
2019-03-23 19:53 - 2019-03-23 19:53 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-03-23 19:51 - 2019-03-23 19:55 - 000000000 ____D C:\ProgramData\Panda Security
2019-03-23 19:50 - 2019-03-23 19:51 - 002099360 _____ (Panda Security, S.L.) C:\Users\luigi\Downloads\PANDAFREEAV.exe
2019-03-23 19:27 - 2019-03-24 21:25 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-03-23 19:16 - 2019-03-23 19:18 - 000000000 ____D C:\WINDOWS\pss
2019-03-23 16:57 - 2019-03-23 16:57 - 000000000 ____D C:\Users\luigi\AppData\Local\mbam
2019-03-23 16:56 - 2019-03-24 21:24 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-03-23 16:55 - 2019-03-24 23:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-23 16:55 - 2019-03-23 16:55 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-23 16:55 - 2019-03-23 16:55 - 000000000 ____D C:\Users\luigi\AppData\Local\mbamtray
2019-03-23 16:55 - 2019-03-23 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-23 16:55 - 2019-03-23 16:55 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-23 16:55 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-03-23 16:55 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-03-23 16:52 - 2019-03-23 16:54 - 000000000 ____D C:\AdwCleaner
2019-03-23 16:51 - 2019-03-23 16:51 - 007316688 _____ (Malwarebytes) C:\Users\luigi\Downloads\adwcleaner_7.2.7.0.exe
2019-03-23 16:49 - 2019-03-23 16:51 - 064309056 _____ (Malwarebytes ) C:\Users\luigi\Downloads\mb3-setup-35891.35891-3.7.1.2839-1.0.538-1.0.9074.exe
2019-03-18 22:14 - 2019-03-24 22:21 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-03-15 22:03 - 2019-03-15 22:03 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-03-15 22:03 - 2019-03-15 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-03-11 19:38 - 2019-03-11 19:38 - 000000000 ___HD C:\OneDriveTemp
2019-03-04 14:17 - 2019-03-23 17:33 - 000000000 ____D C:\Users\luigi\AppData\LocalLow\uTorrent
2019-03-04 07:08 - 2019-03-04 07:08 - 000249672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-03-04 07:07 - 2019-03-04 07:06 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-25 00:42 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-25 00:28 - 2018-06-17 23:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-03-25 00:20 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-03-24 23:36 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-24 23:31 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-24 23:08 - 2018-06-18 20:19 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-03-24 22:19 - 2018-04-14 19:38 - 000000000 __SHD C:\Users\luigi\IntelGraphicsProfiles
2019-03-24 22:19 - 2018-04-14 19:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-03-24 22:14 - 2018-06-18 20:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-24 22:14 - 2018-03-26 13:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-24 22:06 - 2018-04-11 22:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2019-03-24 21:54 - 2018-06-17 11:45 - 000002156 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-03-24 15:57 - 2018-05-31 22:11 - 000000000 ____D C:\Users\luigi\AppData\Local\ElevatedDiagnostics
2019-03-24 15:54 - 2018-06-17 23:17 - 000577536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-23 19:54 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-03-23 19:19 - 2018-05-11 22:35 - 000000000 ____D C:\Users\luigi\AppData\Roaming\uTorrent
2019-03-23 19:15 - 2018-11-11 15:24 - 000000000 ____D C:\Users\luigi\AppData\Roaming\uTorrent Web
2019-03-23 19:00 - 2018-04-14 19:46 - 000000000 ____D C:\Users\luigi\AppData\Local\CrashDumps
2019-03-23 17:33 - 2018-05-08 21:58 - 000000000 ____D C:\Users\luigi\AppData\Roaming\Spotify
2019-03-23 16:55 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-23 16:54 - 2018-05-11 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-03-23 16:54 - 2018-03-26 13:50 - 000000000 ____D C:\Program Files (x86)\Acer
2019-03-23 16:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-03-23 16:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-23 16:25 - 2018-06-18 19:53 - 000000000 ____D C:\Users\luigi
2019-03-23 16:22 - 2018-11-16 20:02 - 000000000 ____D C:\Program Files\rempl
2019-03-22 19:03 - 2018-11-14 23:32 - 000000000 ____D C:\Users\teque\AppData\LocalLow\360WD
2019-03-22 19:00 - 2018-05-11 06:57 - 000000000 __SHD C:\Users\teque\IntelGraphicsProfiles
2019-03-19 21:05 - 2018-06-18 19:52 - 000000000 ____D C:\Users\teque
2019-03-19 20:32 - 2018-05-25 14:26 - 000000000 ____D C:\Users\teque\AppData\Local\CrashDumps
2019-03-19 18:19 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-19 12:35 - 2018-06-18 20:19 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-19 12:35 - 2018-06-18 20:19 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-19 12:35 - 2018-06-18 20:19 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2254800085-4252518015-1038287387-1002
2019-03-19 12:35 - 2018-06-18 20:19 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2254800085-4252518015-1038287387-1001
2019-03-19 12:35 - 2018-06-18 20:19 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-03-19 12:35 - 2018-06-18 20:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-03-19 12:29 - 2018-11-13 19:43 - 000000000 ____D C:\Users\luigi\AppData\Roaming\360DrvMgr
2019-03-18 05:21 - 2018-06-18 20:06 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-18 05:21 - 2018-04-12 17:18 - 000787744 _____ C:\WINDOWS\system32\perfh00A.dat
2019-03-18 05:21 - 2018-04-12 17:18 - 000155340 _____ C:\WINDOWS\system32\perfc00A.dat
2019-03-18 05:18 - 2018-05-08 21:59 - 000000000 ____D C:\Users\luigi\AppData\Local\Spotify
2019-03-15 22:01 - 2018-03-26 11:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-14 22:49 - 2018-04-14 22:07 - 000000000 ___HD C:\Users\luigi\MicrosoftEdgeBackups
2019-03-12 21:03 - 2018-04-15 23:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-12 20:58 - 2018-04-15 23:31 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-11 19:38 - 2018-05-11 07:01 - 000000000 ___RD C:\Users\teque\OneDrive
2019-03-11 16:57 - 2018-06-18 19:52 - 000002405 _____ C:\Users\teque\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-11 16:47 - 2018-06-17 11:43 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-05 21:23 - 2018-06-17 11:47 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-05 21:23 - 2018-06-17 11:47 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-04 07:08 - 2018-06-17 11:43 - 000474456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-03-04 07:06 - 2019-01-18 23:08 - 000225680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-03-04 07:06 - 2019-01-10 10:39 - 000320696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-03-04 07:06 - 2019-01-10 10:39 - 000196072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-03-04 07:06 - 2019-01-10 10:39 - 000057960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-03-04 07:06 - 2019-01-10 10:39 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-03-04 07:06 - 2018-10-16 16:56 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-03-04 07:06 - 2018-06-17 11:43 - 001034432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-03-04 07:06 - 2018-06-17 11:43 - 000216784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-03-04 07:06 - 2018-06-17 11:43 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-03-04 07:06 - 2018-06-17 11:43 - 000167304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-03-04 07:06 - 2018-06-17 11:43 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-03-04 07:06 - 2018-06-17 11:43 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-03-03 17:54 - 2019-02-15 19:17 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-03 17:54 - 2019-02-15 19:17 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-03 13:02 - 2018-06-18 19:53 - 000002405 _____ C:\Users\luigi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-03 13:02 - 2018-04-14 19:45 - 000000000 ___RD C:\Users\luigi\OneDrive
2019-03-01 16:35 - 2018-04-14 19:41 - 000000000 ____D C:\Users\luigi\AppData\Local\Comms
2019-03-01 16:32 - 2018-04-14 19:38 - 000000000 ____D C:\Users\luigi\AppData\Local\Packages
2019-02-25 00:31 - 2018-09-24 00:14 - 000000149 _____ C:\Users\luigi\AppData\Roaming\WB.CFG
2019-02-23 14:55 - 2018-06-17 11:53 - 000000000 ____D C:\Program Files (x86)\TeamViewer

==================== Files in the root of some directories =======

2018-09-24 00:14 - 2019-02-25 00:31 - 000000149 _____ () C:\Users\luigi\AppData\Roaming\WB.CFG

Some files in TEMP:
====================
2019-03-23 16:37 - 2018-10-29 07:07 - 000669248 _____ (Qihoo 360 Technology Co. Ltd.) C:\Users\luigi\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_360tray.exe
2019-03-23 19:54 - 2019-03-23 19:54 - 000290304 _____ (Microsoft Corporation) C:\Users\luigi\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


safeboot: Network => The system is configured to boot to Safe Mode <==== ATTENTION






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by luigi (25-03-2019 00:57:54)
Running from C:\Users\luigi\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-06-18 19:24:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-2254800085-4252518015-1038287387-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2254800085-4252518015-1038287387-503 - Limited - Disabled)
Invitado (S-1-5-21-2254800085-4252518015-1038287387-501 - Limited - Disabled)
luigi (S-1-5-21-2254800085-4252518015-1038287387-1001 - Administrator - Enabled) => C:\Users\luigi
teque (S-1-5-21-2254800085-4252518015-1038287387-1002 - Limited - Enabled) => C:\Users\teque
WDAGUtilityAccount (S-1-5-21-2254800085-4252518015-1038287387-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-965707dd-a902-4aa1-9c7b-89ff3aed099a) (Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM\...\{9A75E3DC-7F6E-47BD-8971-53CF527B96D6}) (Version: 1.02.3005 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3007 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Actualización de NVIDIA 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)

Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
eBay Weblink (HKLM-x32\...\{7F3596EF-B661-43EE-A321-AD3C3EB9B525}) (Version: 1.16.0726 - Acer)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Estudio para la mejora del producto HP DeskJet 2600 series (HKLM\...\{40802652-F262-41FD-89E4-0E00A509993C}) (Version: 43.3.2478.18107 - HP Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-7f12e62f-2608-4547-a7f3-3a6b9fa40568) (Version: 3.0.2.59 - WildTangent) Hidden
HP DeskJet 2600 series Ayuda (HKLM-x32\...\{8F2427CD-7A1B-4DCD-87A3-B40FB12E2CEB}) (Version: 44.0.0 - HP)
HP DeskJet 2600 series Software básico del dispositivo (HKLM\...\{A5F3FC74-B4C5-455B-B6FA-B948F8740DB4}) (Version: 43.3.2478.18107 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{FAC8770D-74CE-4849-92DD-032C58B0D5F0}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{5A687488-7002-4E37-B735-C0142DA717D2}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{AF8889B6-1E11-49B3-BE42-3A511FB3039B}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{EDADC11B-AF5A-4FD1-99FD-D2984AFB1FEA}) (Version: 36.0.100.66344 - HP)
HP OneDrive Plugin (HKLM-x32\...\{97D82849-D747-41C5-8B55-56ADBAD17866}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{4CC20772-ED28-46F6-9D3F-DDE2827C438D}) (Version: 43.0.0.0 - HP)
IGdm 2.6.1 (HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\1ead4f81-c61a-5fa6-9e81-7a8c0c868952) (Version: 2.6.1 - ifedapo olarewaju)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{C2D7F254-8B32-4DE7-9057-F5B750EB36A5}) (Version: 12.8.0.150 - Apple Inc.)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-4dc906e6-c8dd-483f-b49d-2a61426a07f0) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-6800fda2-3c52-415e-9a59-0d00e7757697) (Version: 3.0.2.118 - WildTangent) Hidden
Juegos WildTangent (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Magic Academy (HKLM-x32\...\WTA-da71f903-b304-4c1a-927f-d4df447bff47) (Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2254800085-4252518015-1038287387-1002\...\OneDriveSetup.exe) (Version: 19.012.0121.0011 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
NVIDIA Controlador de gráficos 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-76352722-e385-4098-b9f2-77cc8d970818) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.210 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (HKLM-x32\...\WTA-d68f0d9a-a7af-4e39-8a0d-75501bd98426) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-764f72ee-18f8-4680-bc93-8f7af3281243) (Version: 3.0.2.126 - WildTangent) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
Software para dispositivos de chipset Intel® (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Spotify (HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\Spotify) (Version: 1.1.2.285.ga97985ef - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.5640 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
uTorrent Web (HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\utweb) (Version: 0.21.0 - BitTorrent, Inc.)
Vegas World (HKLM-x32\...\WildTangentGDF-acer-vegasworld) (Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (HKLM-x32\...\WildTangentGDF-acer-villagersandheroes) (Version: 13.0.0.6 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Warface (HKLM-x32\...\Warface) (Version:  - )
Web Companion (HKLM-x32\...\{7e19a0ae-b343-42f7-b137-44242d27aa23}) (Version: 4.6.1966.3854 - Lavasoft)
WhatsApp (HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\WhatsApp) (Version: 0.3.1847 - WhatsApp)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.1.1.12 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08C9BE28-B80D-4976-983A-9A27DC24AB13} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe (Acer Incorporated -> TODO: <Company name>)
Task: {0E591C69-EA20-4007-B408-2ADFDF75869E} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {1601924D-F4B9-45FD-8B7A-313321E2D7CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {1D390E0C-60B8-4322-8660-36E008117D32} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\WINDOWS\system32\dmclient.exe (Microsoft Corporation) [File not signed]
Task: {2C44CFCA-4867-48BD-8206-5246B1C785A4} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe (Hewlett Packard -> HP Inc.)
Task: {35E47A18-AB77-425F-87C3-A776538A8B72} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {37794A7D-D446-4339-8044-A87FECB177F3} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe (Acer Incorporated -> )
Task: {3808F16D-A70D-49AF-97FB-1AB2AC266CA8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {520C24A3-D257-4BF2-B8FD-BF5D8886D1E6} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Acer Incorporated -> )
Task: {597EE292-4729-4E83-9111-CA510ED66777} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe (Acer Incorporated -> Acer Incorporated)
Task: {5CB10961-7799-48FC-9C35-0CDC80ABEFA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {64FDFE7B-7163-4481-A63B-EC37E61107B1} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe (Acer Incorporated -> )
Task: {6DF306AB-63F5-4ACF-A3C6-5970B1DE624E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {6F47A7DE-060D-4E17-863A-C03CBACCB95F} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe (Acer Incorporated -> )
Task: {7593932A-470B-4971-BE47-1A1C3A7F5FC3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {80650A28-BDD2-47B1-9B67-8D254E890965} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {808AE99F-E975-41C6-8CD7-995095606C1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {85F37640-3DE0-4C82-B2FB-9AD8D5B55FEE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer Incorporated -> Acer Incorporated)
Task: {94C0F2F9-98DF-415E-BDC9-AAFF75D5EF69} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe (Microsoft Corporation) [File not signed]
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe (Microsoft Corporation) [File not signed]
Task: {97DFDBE4-A09F-48BD-8177-4A6E3ED5D643} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A30F7432-94FB-4792-B765-CE5B19AECE4C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {B830B336-2C9B-4E7F-BA2E-30371ED8A520} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe (Acer Incorporated -> Acer Incorporated)
Task: {BF6B37E4-B12E-486E-9805-EC9D4F21B4AC} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe (Acer Incorporated -> Acer Incorporated)
Task: {CB8C4CD3-F94D-458B-846A-37725E6A1A22} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {D1B130C8-2CB0-4C2A-A3E7-0D7330E4DCEA} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {EE263E86-FF16-45EE-94C8-2327B81F98CE} - System32\Tasks\Microsoft\Windows\Workplace Join\Recovery-Check => C:\WINDOWS\System32\dsregcmd.exe (Microsoft Corporation) [File not signed]
Task: {F01143ED-564D-4031-84D1-5E32FBE209DB} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\WINDOWS\system32\SpaceAgent.exe (Microsoft Corporation) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\luigi\Desktop\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768
ShortcutWithArgument: C:\Users\luigi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768
ShortcutWithArgument: C:\Users\luigi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000053760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CredentialMigrationHandler.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000066048 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\WlanRadioManager.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001089536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wifinetworkmanager.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000731648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\CellularAPI.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000062976 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\rilProxy.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000012288 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\netwphelper.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000134656 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wcmapi.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000235008 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\OneX.DLL
2018-04-12 00:34 - 2018-04-12 00:34 - 000117248 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\wlgpclnt.dll


----------------------------------------------------

Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org

Database version:
  main:    v2019.03.24.03
  rootkit: v2019.03.24.03

Windows 10 x64 NTFS
Internet Explorer 11.590.17134.0
luigi :: LAPTOP-GHR2QQ5H [administrator]

24/03/2019 23:23:25
mbar-log-2019-03-24 (23-23-25).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 236636
Time elapsed: 55 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
----------------------------------------





---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.10.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.590.17134.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.295000 GHz
Memory total: 17096450048, free: 13822283776

Downloaded database version: v2019.03.24.03
Downloaded database version: v2019.03.24.03
Downloaded database version: v2018.01.20.01
=======================================
Initializing...
Driver version: 4.3.0.15
------------ Kernel report ------------
     03/24/2019 23:23:01
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\HalExtIntcLpioDma.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\cng.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\WppRecorder.sys
\SystemRoot\system32\drivers\SleepStudyHelper.sys
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\system32\drivers\SgrmAgent.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\tpm.sys
\SystemRoot\system32\drivers\aswElam.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\system32\drivers\aswVmm.sys
\SystemRoot\system32\drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volume.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iorate.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\aswbuniv.sys
\SystemRoot\system32\drivers\aswblog.sys
\SystemRoot\system32\drivers\aswbidsh.sys
\SystemRoot\system32\drivers\aswArDisk.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\vmbkmclr.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afunix.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\bam.sys
\SystemRoot\system32\drivers\aswHdsKe.sys
\SystemRoot\system32\drivers\aswbidsdriver.sys
\SystemRoot\system32\drivers\aswArPot.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\System32\drivers\CAD.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\system32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\TeeDriverW8x64.sys
\SystemRoot\System32\drivers\rt640x64.sys
\SystemRoot\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\iaLPSSi_I2C.sys
\SystemRoot\system32\drivers\SpbCx.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\acpipagr.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\UEFI.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
\SystemRoot\System32\drivers\LMDriver.sys
\SystemRoot\System32\drivers\RadioShim.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\hidi2c.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\system32\DRIVERS\ETDI2C.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\drivers\BTHUSB.sys
\SystemRoot\System32\drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\system32\Drivers\RtsUer.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\wcifs.sys
\SystemRoot\system32\drivers\cldflt.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\MbamChameleon.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\rassstp.sys
\SystemRoot\System32\DRIVERS\NDProxy.sys
\SystemRoot\System32\drivers\AgileVpn.sys
\SystemRoot\System32\drivers\rasl2tp.sys
\SystemRoot\System32\drivers\raspptp.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\drivers\ndiswan.sys
\SystemRoot\System32\Drivers\mbamswissarmy.sys
\SystemRoot\system32\DRIVERS\mwac.sys
\??\C:\WINDOWS\system32\drivers\mbae64.sys
\SystemRoot\system32\DRIVERS\farflt.sys
\??\C:\WINDOWS\system32\DRIVERS\mbam.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\wcnfs.sys
\SystemRoot\System32\drivers\MSKSSRV.sys
\??\C:\WINDOWS\system32\drivers\3731A1A0.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2019.03.24.03
  rootkit: v2019.03.24.03

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffc60d28a67060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffc60d267f6a80, DeviceName: Unknown, DriverName: \Driver\aswArDisk\
DevicePointer: 0xffffc60d267ff9d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffc60d28a67060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffc60d265ece40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffc60d24480380, DeviceName: \Device\00000033\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 5FD5069C

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 2858334108
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid 32bf64f8-5324-456d-b1ae-89b0bee3d6e1
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 2858334108
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid 32bf64f8-5324-456d-b1ae-89b0bee3d6e1
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 8461741a-c79d-4916-bcc1-3f1adb8520d2
    FirstLBA 2048  Last LBA 206847
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 0 is bootable
    Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 8d14f470-f24f-48dc-9539-529493ae84b4
    FirstLBA 206848  Last LBA 239615
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 2 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 724589a3-d8c2-48a9-be69-71d1986661d
    FirstLBA 239616  Last LBA 1951426559
    Attributes 0
    Partition Name                 Basic data partition

    Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID bae336fb-bce3-4c7a-981c-5a6db89281
    FirstLBA 1951426560  Last LBA 1953523711
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
File "C:\Users\luigi\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

• Para hacerlo descarga Delfix en tu escritorio.

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:

Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\MountPoints2: {a3192f4b-7401-11e8-9db3-ccb0da82f364} - "D:\HiSuiteDownLoader.exe" 
SearchScopes: HKLM -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\.DEFAULT -> {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\java\bin\ssv.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\java\bin\jp2ssv.dll => No File
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-03-23 19:53 - 2019-03-23 19:53 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-03-23 19:51 - 2019-03-23 19:55 - 000000000 ____D C:\ProgramData\Panda Security
2019-03-23 16:37 - 2018-10-29 07:07 - 000669248 _____ (Qihoo 360 Technology Co. Ltd.) C:\Users\luigi\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_360tray.exe
2019-03-23 19:54 - 2019-03-23 19:54 - 000290304 _____ (Microsoft Corporation) C:\Users\luigi\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ShortcutWithArgument: C:\Users\luigi\Desktop\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768
ShortcutWithArgument: C:\Users\luigi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768
ShortcutWithArgument: C:\Users\luigi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

• Y ahora usa esta Faq de Windows ¿Cómo iniciar Windows en Modo Seguro (Aplicable a Windows 10)?, para trabajar desde ese modo de windows. (Usa el Metodo 1 y si no puedes, usa el Metodo 2)

• Ejecutas Frst.exe.

• Presionas el botón Fix y aguardas a que termine.

• La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema

Hola Miguel, buenas noches, ahí va el informe, fixlog.txt.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by luigi (25-03-2019 14:51:25) Run:1
Running from C:\Users\luigi\Desktop
Loaded Profiles: luigi (Available Profiles: luigi & teque)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\...\MountPoints2: {a3192f4b-7401-11e8-9db3-ccb0da82f364} - "D:\HiSuiteDownLoader.exe" 
SearchScopes: HKLM -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\.DEFAULT -> {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2254800085-4252518015-1038287387-1001 -> {6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll => No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\java\bin\ssv.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\java\bin\jp2ssv.dll => No File
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
2019-03-23 19:53 - 2019-03-23 19:53 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-03-23 19:51 - 2019-03-23 19:55 - 000000000 ____D C:\ProgramData\Panda Security
2019-03-23 16:37 - 2018-10-29 07:07 - 000669248 _____ (Qihoo 360 Technology Co. Ltd.) C:\Users\luigi\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_360tray.exe
2019-03-23 19:54 - 2019-03-23 19:54 - 000290304 _____ (Microsoft Corporation) C:\Users\luigi\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ShortcutWithArgument: C:\Users\luigi\Desktop\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768
ShortcutWithArgument: C:\Users\luigi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768
ShortcutWithArgument: C:\Users\luigi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Warface.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --app=hxxp://go.playmmogames.com/aff_c?offer_id=6460&aff_id=1034&aff_sub=100T --app-window-size=1366,768

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3192f4b-7401-11e8-9db3-ccb0da82f364} => removed successfully
HKLM\Software\Classes\CLSID\{a3192f4b-7401-11e8-9db3-ccb0da82f364} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} => removed successfully
HKLM\Software\Classes\CLSID\{6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} => not found
"HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} => removed successfully
HKLM\Software\Classes\CLSID\{6C84CF4B-74AA-4470-ADB6-04CBE1130AF3} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
C:\Program Files (x86)\Panda Security => moved successfully
C:\ProgramData\Panda Security => moved successfully
C:\Users\luigi\AppData\Local\Temp\1f0fb7c2d13cc0c07ff2ca40747bc03e_360tray.exe => moved successfully
C:\Users\luigi\AppData\Local\Temp\Hydra.Sdk.Windows.Service.subinacl.exe => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\Users\luigi\Desktop\Warface.lnk => Shortcut argument removed successfully
C:\Users\luigi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warface\Warface.lnk => Shortcut argument removed successfully
C:\Users\luigi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Warface.lnk => Shortcut argument removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-2254800085-4252518015-1038287387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : Home
   V¡nculo: direcci¢n IPv6 local. . . : fe80::482b:b696:bda6:f3ae%9
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.176
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 109905132 B
Java, Flash, Steam htmlcache => 133132 B
Windows/system/drivers => 2409260 B
Edge => 4615048 B
Chrome => 352709421 B
Firefox => 5141800 B
Opera => 155782 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 11717270 B
systemprofile32 => 360744 B
LocalService => 914026 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
luigi => 8450289 B
teque => 5872304 B

RecycleBin => 0 B
EmptyTemp: => 489.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:52:48 ====

El ordenador la verdad que sigue lento, no me deja abrir el antivirus avast, me da el siguiente Mensaje: “Well, this is embarrasing, we’ve run into a problem and need to restart your antivirus”. Es lo mismo que me daba antes.

Al reiniciar tarda una eternidad, bueno en modo seguro es más rápido, pero en modo normal, tarda muchísimo. El navegadro chrome va algo mejor pero el microsoft edge va muy mal. Muy lento.

Un saludo.

Desinstalas Avast y luego vete a :

https://www.microsoft.com/es-es/software-download/windows10

Dale a actualizar ahora y sigues las indicaciones

Me dices como va después el pc

Hola, pude desinstalar el avast pero al intentar actualizar el w10 me dió el error 0xc0020036. Lo hice en modo seguro. Pruebo en modo normal?

Para actualizar tiene que ser en modo normal

hola, ya actualicé windows 10 y ahora reinicia y enciende bastante rápido, pero cuando fui a instalar un antivirus o responder este mensaje en el foro, me va lento al abrir el navegador, muy lento, usa el motor de búsqueda yahoo y empezó en una página rara, algo así como www.qo-es.com o similar.

que antivirus instalaste y de donde?

que navegador te da problemas?

Hola pues lo estoy intentando con el avast, pero no me deja abrir el archivo que se descargó. De la página web oficial de avast

El navegador es el chrome

Reestablece Chrome y comprueba los accesos directos como se indica aqui.

Hola ya restablecí el google chrome, ya instalé el antivirus avast.

Parece que va todo bien por el momento…

Graciassss

Comprueba el pc 24 horas y me dices si sigue todo bien

Este tema se cerró automáticamente 2 días después del último post. No se permiten nuevas respuestas.