Se congela mi pc de forma aleatoria

#1

Un saludo a todos, soy nuevo en este foro auqnue participe en su momento en la version anterior. Les comento, desde hace una semana mi Pc a comenzado a tener momentos en que se congela sin mas y no me da mas opcion que reiniciarla. No son momentos especificos sino que son bastantes aleatorios, lo cual se suma a que no hace mucho me dio un pantallazo azul mientras utilizaba un juego. Mi pc utiliza win 7 64 bits, desde ya les agradezco su ayuda.

Mi portatil se congela de la nada
#2

Buenas @hezen22 bienvenido al Foro.

Lo primero que deberíamos hacer es revisar tu equipo en busca de posibles infecciones, para hacerlo sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

#3

Hola y muchas gracias por el saludo y la respuesta. Te dejo lo que me fuiste pidiendo:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 17/4/19
Hora del análisis: 19:04
Archivo de registro: ba0c9a14-615c-11e9-8bd8-00ffc668b3d4.json
Administrador: Sí

-Información del software-
Versión: 3.2.2.2029
Versión de los componentes: 1.0.212
Versión del paquete de actualización: 1.0.10216
Licencia: Gratis

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: eze-PC\eze

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Resultado: Completado
Objetos analizados: 253390
Amenazas detectadas: 0
(No hay elementos maliciosos detectados)
Amenazas en cuarentena: 0
(No hay elementos maliciosos detectados)
Tiempo transcurrido: 13 min, 19 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-17-2019
# Duration: 00:00:07
# OS:       Windows 7 Ultimate
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1245 octets] - [17/08/2018 11:11:10]
AdwCleaner[S01].txt - [1306 octets] - [17/08/2018 12:51:06]
AdwCleaner[S02].txt - [1367 octets] - [25/08/2018 23:45:04]
AdwCleaner[S03].txt - [1428 octets] - [26/08/2018 00:15:23]
AdwCleaner[S04].txt - [1750 octets] - [31/08/2018 12:53:46]
AdwCleaner[C04].txt - [1880 octets] - [31/08/2018 12:54:23]
AdwCleaner[S05].txt - [1611 octets] - [31/08/2018 13:05:03]
AdwCleaner[S06].txt - [2230 octets] - [31/08/2018 21:12:16]
AdwCleaner[C06].txt - [2302 octets] - [31/08/2018 21:13:44]
AdwCleaner[S07].txt - [1802 octets] - [19/09/2018 13:02:48]
AdwCleaner[C07].txt - [1968 octets] - [19/09/2018 13:03:02]
AdwCleaner[S08].txt - [1924 octets] - [21/09/2018 17:02:14]
AdwCleaner[C08].txt - [2090 octets] - [21/09/2018 17:08:22]
AdwCleaner[S09].txt - [2058 octets] - [27/09/2018 13:32:19]
AdwCleaner[C09].txt - [2224 octets] - [27/09/2018 13:32:55]
AdwCleaner[S10].txt - [2180 octets] - [30/09/2018 18:04:05]
AdwCleaner[C10].txt - [2346 octets] - [30/09/2018 18:04:37]
AdwCleaner[S11].txt - [2302 octets] - [17/11/2018 11:29:38]
AdwCleaner[S12].txt - [2363 octets] - [24/11/2018 15:08:01]
AdwCleaner[C12].txt - [2529 octets] - [24/11/2018 15:08:46]
AdwCleaner[S13].txt - [2485 octets] - [12/01/2019 19:38:42]
AdwCleaner[C13].txt - [2651 octets] - [12/01/2019 19:39:02]
AdwCleaner[S14].txt - [2595 octets] - [26/01/2019 19:13:08]
AdwCleaner[S15].txt - [2656 octets] - [23/02/2019 14:23:38]
AdwCleaner[S16].txt - [2717 octets] - [01/03/2019 21:10:40]
AdwCleaner[S17].txt - [2778 octets] - [23/03/2019 15:19:56]
AdwCleaner[S18].txt - [2839 octets] - [13/04/2019 14:29:51]
AdwCleaner[S19].txt - [2900 octets] - [14/04/2019 12:37:23]
AdwCleaner[S20].txt - [2961 octets] - [16/04/2019 22:01:37]
AdwCleaner[S21].txt - [3022 octets] - [17/04/2019 19:27:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C21].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by eze (Administrator) on 17/04/2019 at 19:52:10,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10 

Successfully deleted: C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\eze\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MZRGJO6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\eze\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BGQOAE7J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\eze\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZID2XRJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\eze\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YEC5ESOM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0MZRGJO6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BGQOAE7J (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OZID2XRJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YEC5ESOM (Temporary Internet Files Folder) 



Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C500C267-63BF-451F-8797-4D720C9A2ED9} (Registry Value) 
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{C500C267-63BF-451F-8797-4D720C9A2ED9} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17/04/2019 at 19:59:00,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#4

Continuo

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.04.2019
Ran by eze (administrator) on EZE-PC (17-04-2019 20:01:58)
Running from C:\Users\eze\Desktop
Loaded Profiles: eze (Available Profiles: eze)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
() [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Sapphire Technology Limited -> ) C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
(Michael Herf -> Flux Software LLC) C:\Users\eze\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.127\opera_autoupdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9228800 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [f.lux] => C:\Users\eze\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Michael Herf -> Flux Software LLC)
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-11-11] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [script_fcbd] => "E:\Far Cry 3 Blood Dragon\fcbd.bat"
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.WMV3] => C:\Windows\SysWOW64\wmv9vcm.dll [1415680 2003-06-23] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 190.105.0.5 190.105.0.4
Tcpip\..\Interfaces\{1B4C8850-D7B7-496F-8DD9-AD6DCE90DCC8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1B4C8850-D7B7-496F-8DD9-AD6DCE90DCC8}: [DhcpNameServer] 190.105.0.5 190.105.0.4
Tcpip\..\Interfaces\{C668B3D4-C54B-41F4-B525-814FB9D2B42B}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3375071059-256883617-4030594371-1001 -> {C4B2969D-B721-4474-87E1-8FBDB4DDD7CA} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
Toolbar: HKU\S-1-5-21-3375071059-256883617-4030594371-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: o2hcfh05.default-1449669148838-1547333650129
FF ProfilePath: C:\Users\eze\AppData\Roaming\Mozilla\Firefox\Profiles\o2hcfh05.default-1449669148838-1547333650129 [2019-04-17]
FF Extension: (uBlock Origin) - C:\Users\eze\AppData\Roaming\Mozilla\Firefox\Profiles\o2hcfh05.default-1449669148838-1547333650129\Extensions\[email protected] [2019-03-30]
FF Extension: (Video DownloadHelper) - C:\Users\eze\AppData\Roaming\Mozilla\Firefox\Profiles\o2hcfh05.default-1449669148838-1547333650129\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-03-30]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-12-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-08-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3375071059-256883617-4030594371-1001: @tools.google.com/Google Update;version=3 -> C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-3375071059-256883617-4030594371-1001: @tools.google.com/Google Update;version=9 -> C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-01-12] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-01-12] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default [2019-04-17]
CHR Extension: (Presentaciones) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Kaspersky Protection) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2018-11-24]
CHR Extension: (Documentos) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Fair AdBlocker App) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-06-09]
CHR Extension: (Hojas de cálculo) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-02]
CHR Extension: (AdBlock) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-04-13]
CHR Extension: (Fair AdBlocker) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2019-03-17]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-26]
CHR Extension: (Gmail) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-04]
CHR Extension: (Chrome Media Router) - C:\Users\eze\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-13]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\eze\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-17]
OPR Extension: (uBlock Origin) - C:\Users\eze\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2019-03-22]
OPR Extension: (Tampermonkey) - C:\Users\eze\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-01-12]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-11] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [499592 2019-03-27] (Advanced Micro Devices, Inc. -> AMD)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [190464 2019-03-26] () [File not signed]
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-12-28] (BitRaider LLC -> BitRaider, LLC)
S3 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [414352 2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [152272 2018-12-19] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes Corporation -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [143648 2018-07-27] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2134848 2017-12-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3014472 2017-12-20] (Electronic Arts, Inc. -> Electronic Arts)
S3 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-15] (Plays.tv, LLC -> Plays.tv, LLC)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-09-10] (Even Balance, Inc. -> )
S3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2014-09-10] (Even Balance, Inc. -> )
S3 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [223624 2019-03-27] (Advanced Micro Devices, Inc. -> )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [52879752 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581512 2019-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104840 2018-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-07-03] (Tages SA -> )
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-12-28] (BitRaider -> BitRaider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 epp; C:\EEK\bin64\epp.sys [142952 2018-07-27] (Emsisoft Ltd -> Emsisoft Ltd)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [153328 2018-12-19] (Malwarebytes Corporation -> Malwarebytes)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2018-07-26] (Glarysoft LTD -> Glarysoft Ltd)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-10-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123144 2018-10-22] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [89168 2018-10-22] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [218720 2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\DRIVERS\klhk.sys [1214752 2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1129256 2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [58056 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81632 2017-11-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [177472 2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-07-03] (Tages SA -> )
S3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [110016 2017-11-02] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [252232 2019-04-17] (Malwarebytes Corporation -> Malwarebytes)
S3 motccgp; C:\Windows\System32\DRIVERS\motccgp.sys [23552 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola Mobility Inc)
S3 MotoSwitchService; C:\Windows\System32\DRIVERS\motswch.sys [8832 2013-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Motorola)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2017-06-15] (AnchorFree Inc -> Anchorfree Inc.)
R3 TRIXX; \??\C:\Users\eze\AppData\Local\Temp\TRIXX.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-17 20:01 - 2019-04-17 20:03 - 000025574 _____ C:\Users\eze\Desktop\FRST.txt
2019-04-17 20:01 - 2019-04-17 20:01 - 000000000 ____D C:\FRST
2019-04-17 19:59 - 2019-04-17 19:59 - 000002748 _____ C:\Users\eze\Desktop\JRT.txt
2019-04-17 19:59 - 2019-04-17 19:59 - 000000000 ____D C:\Users\eze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2019-04-17 18:51 - 2019-04-17 18:51 - 000252232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-17 18:51 - 2019-04-17 18:51 - 000001124 _____ C:\Users\eze\Documents\cc_20190417_185113.reg
2019-04-17 18:46 - 2019-04-17 18:47 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-17 18:45 - 2019-04-17 18:45 - 021205512 ____N (Piriform Software Ltd) C:\Users\eze\Desktop\ccsetup555.exe
2019-04-17 18:44 - 2019-04-17 18:44 - 002434048 _____ (Farbar) C:\Users\eze\Desktop\FRST64.exe
2019-04-17 18:43 - 2019-04-17 18:43 - 001790024 _____ (Malwarebytes) C:\Users\eze\Desktop\JRT.exe
2019-04-16 22:09 - 2019-04-17 19:30 - 000003094 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-04-16 22:09 - 2019-04-16 22:09 - 000003122 _____ C:\Windows\System32\Tasks\ModifyLinkUpdate
2019-04-16 22:08 - 2019-04-16 22:08 - 000000000 ____D C:\Users\eze\AppData\LocalLow\AMD
2019-04-16 22:06 - 2019-04-16 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2019-04-16 22:06 - 2019-04-16 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2019-04-16 22:05 - 2019-04-16 22:05 - 000003152 _____ C:\Windows\System32\Tasks\StartCN
2019-04-16 22:05 - 2019-04-16 22:05 - 000003066 _____ C:\Windows\System32\Tasks\StartDVR
2019-04-14 19:25 - 2019-04-14 19:25 - 013332360 _____ C:\Windows\SysWOW64\SET37E5.tmp
2019-04-14 15:09 - 2019-04-14 15:44 - 000007118 _____ C:\TDSSKiller.3.1.0.28_14.04.2019_15.09.46_log.txt
2019-04-14 15:05 - 2019-04-14 15:06 - 000220292 _____ C:\TDSSKiller.3.1.0.28_14.04.2019_15.05.22_log.txt
2019-04-14 14:14 - 2019-04-14 14:14 - 000006498 _____ C:\Users\eze\Documents\cc_20190414_141431.reg
2019-04-14 12:48 - 2019-04-16 22:34 - 000000815 _____ C:\Users\eze\Desktop\de.txt
2019-04-13 15:39 - 2019-04-13 15:39 - 000005232 _____ C:\Users\eze\Desktop\ZHPCleaner (R).txt
2019-04-13 15:36 - 2019-04-13 15:36 - 000005308 _____ C:\Users\eze\Desktop\ZHPCleaner (S).txt
2019-04-06 17:40 - 2019-04-06 17:40 - 000000000 ____D C:\Users\Public\Desktop\Borderlands The Handsome Collection
2019-04-06 17:40 - 2019-04-06 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands The Handsome Collection
2019-04-04 21:38 - 2019-04-04 21:38 - 000002085 _____ C:\Users\Public\Desktop\Tropico 6.lnk
2019-04-04 21:38 - 2019-04-04 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 6
2019-04-04 19:13 - 2019-04-04 19:13 - 000137845 _____ C:\Users\eze\Downloads\D3QwzN2X4AclrSX.jpg_large
2019-04-04 19:12 - 2019-04-04 19:12 - 000099141 _____ C:\Users\eze\Downloads\D3SMG2WXsAE0s1E.jpg_large
2019-03-27 01:11 - 2019-03-27 01:11 - 056424328 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2019-03-27 01:11 - 2019-03-27 01:11 - 000331656 _____ C:\Windows\system32\clinfo.exe
2019-03-27 01:11 - 2019-03-27 01:11 - 000168328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-03-27 01:11 - 2019-03-27 01:11 - 000144776 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 046296968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\SET616F.tmp
2019-03-27 01:10 - 2019-03-27 01:10 - 046296968 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 026476936 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 022015368 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 021245832 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 018852232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 003730312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 003358088 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-03-27 01:10 - 2019-03-27 01:10 - 001578376 _____ (AMD) C:\Windows\system32\coinst_18.50.dll
2019-03-27 01:10 - 2018-12-17 22:33 - 001578376 _____ (AMD) C:\Windows\system32\SETD798.tmp
2019-03-27 01:10 - 2018-12-06 22:06 - 001578376 _____ (AMD) C:\Windows\system32\SET1E47.tmp
2019-03-27 01:09 - 2019-03-27 01:09 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-03-27 01:09 - 2019-03-27 01:09 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-03-27 01:04 - 2019-03-27 01:04 - 039767432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2019-03-27 01:04 - 2019-03-27 01:04 - 032467848 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2019-03-27 01:04 - 2018-12-17 22:16 - 039761800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SET348B.tmp
2019-03-27 01:04 - 2018-12-06 21:56 - 039761800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\SET9FF9.tmp
2019-03-27 01:02 - 2019-03-27 01:02 - 000156440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2019-03-27 01:02 - 2019-03-27 01:02 - 000134280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 012890112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 012253584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000178872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000156200 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000123240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000117072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000117072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000108296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000096424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-03-27 01:01 - 2019-03-27 01:01 - 000096424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-03-27 01:01 - 2018-12-17 22:17 - 012247392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SET4998.tmp
2019-03-27 01:01 - 2018-12-06 21:57 - 012247392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETBC56.tmp
2019-03-27 01:00 - 2019-03-27 01:00 - 052879752 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2019-03-27 01:00 - 2019-03-27 01:00 - 017445768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2019-03-27 01:00 - 2019-03-27 01:00 - 000149384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-03-27 01:00 - 2019-03-27 01:00 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-03-27 01:00 - 2019-03-27 01:00 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 017357728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 015185288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 014557152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000561544 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000472456 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2019-03-27 00:59 - 2019-03-27 00:59 - 000174472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000153480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000142728 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000128392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2019-03-27 00:59 - 2019-03-27 00:59 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-03-27 00:59 - 2019-03-27 00:59 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-03-27 00:59 - 2018-12-17 22:22 - 016821616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SET47FF.tmp
2019-03-27 00:59 - 2018-12-06 21:56 - 016822128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETB87B.tmp
2019-03-27 00:58 - 2019-03-27 00:58 - 015761288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2019-03-27 00:58 - 2019-03-27 00:58 - 013332360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2019-03-27 00:58 - 2019-03-27 00:58 - 000913288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-03-27 00:58 - 2019-03-27 00:58 - 000743304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-03-27 00:49 - 2019-03-27 00:49 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-03-27 00:49 - 2019-03-27 00:49 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-03-27 00:40 - 2019-03-27 00:40 - 013733664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2019-03-27 00:40 - 2019-03-27 00:40 - 011063352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2019-03-27 00:40 - 2019-03-27 00:40 - 000470920 _____ C:\Windows\system32\GameManager64.dll
2019-03-27 00:40 - 2019-03-27 00:40 - 000190696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2019-03-27 00:40 - 2019-03-27 00:40 - 000172656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2019-03-27 00:40 - 2019-03-27 00:40 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2019-03-27 00:40 - 2019-03-27 00:40 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-03-27 00:40 - 2018-12-17 22:09 - 013732640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SET2713.tmp
2019-03-27 00:40 - 2018-12-17 22:09 - 011062328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SET48CB.tmp
2019-03-27 00:40 - 2018-12-06 21:43 - 011062328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETBB6A.tmp
2019-03-27 00:39 - 2019-03-27 00:39 - 001201032 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 001201032 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000749960 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-03-27 00:39 - 2019-03-27 00:39 - 000581512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2019-03-27 00:39 - 2019-03-27 00:39 - 000499592 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2019-03-27 00:39 - 2019-03-27 00:39 - 000493448 _____ (AMD) C:\Windows\system32\atitmm64.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000483208 _____ C:\Windows\system32\dgtrayicon.exe
2019-03-27 00:39 - 2019-03-27 00:39 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000430472 _____ C:\Windows\system32\atieah64.exe
2019-03-27 00:39 - 2019-03-27 00:39 - 000373128 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000343944 _____ C:\Windows\SysWOW64\atieah32.exe
2019-03-27 00:39 - 2019-03-27 00:39 - 000202120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000159624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2019-03-27 00:39 - 2019-03-27 00:39 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-03-27 00:39 - 2018-12-17 22:08 - 001201544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\SET4D45.tmp
2019-03-27 00:39 - 2018-12-17 22:08 - 000159624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETC50D.tmp
2019-03-27 00:39 - 2018-12-06 21:41 - 001201544 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\SETBD84.tmp
2019-03-27 00:39 - 2018-12-06 21:41 - 000159624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SET12FB.tmp
2019-03-27 00:38 - 2019-03-27 00:38 - 000464776 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-03-27 00:38 - 2019-03-27 00:38 - 000373128 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-03-27 00:38 - 2019-03-27 00:38 - 000223624 _____ C:\Windows\system32\Drivers\amdacpksd.sys
2019-03-27 00:29 - 2019-03-27 00:29 - 000907232 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-03-27 00:29 - 2019-03-27 00:29 - 000907232 _____ C:\Windows\system32\atiapfxx.blb
2019-03-26 23:58 - 2019-03-26 23:58 - 000173432 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2019-03-26 23:58 - 2019-03-26 23:58 - 000145104 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2019-03-26 23:29 - 2019-03-26 23:29 - 003977216 _____ C:\Windows\system32\amdacpusl.pdb
2019-03-26 23:29 - 2019-03-26 23:29 - 000364544 _____ C:\Windows\system32\amdacpusl.pdb.pub
2019-03-26 23:29 - 2019-03-26 23:29 - 000345088 _____ C:\Windows\system32\amdacpusl.dll
2019-03-22 19:45 - 2019-03-22 19:47 - 000000000 ____D C:\Users\eze\AppData\Roaming\Sekiro
2019-03-22 18:42 - 2019-03-22 18:42 - 000001761 _____ C:\Users\Public\Desktop\Sekiro Shadows Die Twice.lnk
2019-03-22 18:42 - 2019-03-22 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekiro Shadows Die Twice
2019-03-19 11:46 - 2019-03-19 11:46 - 000173344 _____ C:\Windows\system32\amde40a.dat

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-17 19:53 - 2017-03-22 16:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-04-17 19:39 - 2009-07-14 01:45 - 000029712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-17 19:39 - 2009-07-14 01:45 - 000029712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-17 19:31 - 2018-07-27 23:56 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2019-04-17 19:30 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-17 19:28 - 2015-11-05 17:54 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-04-17 19:26 - 2015-08-20 16:49 - 000045056 ___SH C:\Users\eze\Thumbs.db
2019-04-17 18:51 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf
2019-04-17 18:49 - 2015-10-21 19:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-17 18:49 - 2014-10-09 18:45 - 000000000 ____D C:\Windows\Minidump
2019-04-17 18:47 - 2018-04-14 21:13 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-17 18:47 - 2017-01-29 22:06 - 000000000 ____D C:\Users\eze\dwhelper
2019-04-16 22:34 - 2014-08-18 14:07 - 000111424 _____ C:\Users\eze\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-16 22:13 - 2015-12-07 21:05 - 000000000 ____D C:\Users\eze\AppData\Local\AMD
2019-04-16 22:13 - 2009-07-14 01:45 - 000468096 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-16 22:06 - 2015-11-05 18:09 - 000000000 ____D C:\Program Files\AMD
2019-04-16 22:03 - 2016-08-05 11:42 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-04-16 21:34 - 2017-01-24 21:10 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2019-04-16 18:43 - 2015-04-16 19:42 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2019-04-14 20:23 - 2014-08-18 13:41 - 000000000 ____D C:\AMD
2019-04-14 14:17 - 2015-04-14 20:26 - 000032768 _____ C:\Windows\system32\config\sam.gu
2019-04-14 14:17 - 2014-08-18 13:39 - 000000000 ____D C:\Users\eze
2019-04-14 14:17 - 2009-07-13 23:34 - 085458944 _____ C:\Windows\system32\config\software.gu.bak
2019-04-14 14:17 - 2009-07-13 23:34 - 032768000 _____ C:\Windows\system32\config\system.gu.bak
2019-04-14 14:17 - 2009-07-13 23:34 - 000262144 _____ C:\Windows\system32\config\security.gu.bak
2019-04-14 14:15 - 2009-07-13 23:34 - 000786432 _____ C:\Windows\system32\config\default.gu.bak
2019-04-14 14:13 - 2014-08-18 20:10 - 000000000 ____D C:\Users\eze\AppData\Roaming\MPC-HC
2019-04-14 14:08 - 2014-11-19 23:00 - 000000000 ____D C:\Users\eze\AppData\Roaming\GlarySoft
2019-04-14 13:46 - 2018-07-26 23:32 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-04-14 13:14 - 2014-08-22 23:43 - 000000000 ____D C:\ProgramData\F-Secure
2019-04-14 13:10 - 2015-12-10 12:28 - 000000000 ____D C:\Users\eze\AppData\Local\FSDART
2019-04-14 13:05 - 2015-06-09 18:26 - 000000000 ____D C:\EEK
2019-04-13 15:39 - 2018-08-04 11:24 - 000000000 ____D C:\Users\eze\AppData\Roaming\ZHP
2019-04-13 14:34 - 2018-08-17 11:51 - 000000826 _____ C:\Users\eze\Desktop\ZHPCleaner.lnk
2019-04-12 20:22 - 2019-02-15 21:49 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-12 20:22 - 2019-02-15 21:49 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-12 20:22 - 2019-02-15 21:49 - 000004450 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-12 20:22 - 2019-02-15 21:49 - 000004290 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-12 20:22 - 2014-08-18 17:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-04-12 20:22 - 2014-08-18 17:34 - 000000000 ____D C:\Windows\system32\Macromed
2019-04-11 18:44 - 2017-03-13 21:16 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 18:31 - 2014-08-18 20:28 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-04-10 19:20 - 2015-04-21 14:49 - 000000000 ____D C:\Users\eze\AppData\LocalLow\Adblock Plus for IE
2019-04-10 17:53 - 2018-11-24 15:39 - 000002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 17:53 - 2016-03-04 20:09 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-08 19:29 - 2015-11-30 14:55 - 000011426 _____ C:\Users\eze\Documents\ff.txt
2019-04-08 19:29 - 2014-10-20 20:39 - 000000000 ____D C:\Users\eze\AppData\Roaming\vlc
2019-04-07 19:33 - 2016-09-14 12:17 - 000000000 ____D C:\Users\eze\Documents\moderna
2019-04-06 16:28 - 2016-06-24 17:45 - 000000000 ____D C:\Users\eze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-04-06 12:22 - 2016-05-02 22:01 - 000000000 ____D C:\Users\eze\AppData\Local\JDownloader v2.0
2019-04-05 20:41 - 2013-09-25 15:41 - 000000000 ____D C:\intalaciones
2019-04-05 18:09 - 2017-12-03 15:52 - 000002067 _____ C:\Users\eze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2019-03-30 13:08 - 2016-11-22 01:09 - 000000000 ____D C:\Users\eze\AppData\LocalLow\Mozilla
2019-03-30 11:23 - 2016-11-22 00:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-29 18:06 - 2015-12-09 10:47 - 000003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1449668871
2019-03-29 18:06 - 2015-12-09 10:46 - 000000000 ____D C:\Program Files (x86)\Opera
2019-03-27 17:51 - 2014-08-18 15:57 - 000003532 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-27 17:51 - 2014-08-18 15:57 - 000003404 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-27 00:59 - 2018-12-17 22:22 - 001572920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-03-27 00:59 - 2018-01-31 21:11 - 001932968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-03-27 00:40 - 2018-12-17 22:09 - 000155176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2019-03-27 00:40 - 2018-01-31 21:12 - 000206664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2019-03-27 00:39 - 2018-12-17 22:08 - 001654664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-03-27 00:39 - 2018-01-31 21:11 - 000230792 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-03-23 15:17 - 2018-08-17 11:10 - 000000000 ____D C:\AdwCleaner
2019-03-23 11:42 - 2015-06-22 00:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-22 19:05 - 2014-08-22 18:12 - 000000000 ____D C:\ProgramData\Mozilla
2019-03-20 20:20 - 2018-08-31 13:51 - 000000000 ____D C:\Users\eze\AppData\Roaming\uTorrent

==================== Files in the root of some directories =======

2017-06-24 22:55 - 2017-06-24 22:55 - 000000302 _____ () C:\Users\eze\resentinternet.bat
2018-08-21 18:27 - 2018-09-27 14:06 - 003277696 _____ () C:\Users\eze\ZHPCleaner.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-04-13 15:09

==================== End of FRST.txt ============================
#5

Y el ultimo

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.04.2019
Ran by eze (17-04-2019 20:03:42)
Running from C:\Users\eze\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-08-18 16:39:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3375071059-256883617-4030594371-500 - Administrator - Disabled)
eze (S-1-5-21-3375071059-256883617-4030594371-1001 - Administrator - Enabled) => C:\Users\eze
HomeGroupUser$ (S-1-5-21-3375071059-256883617-4030594371-1002 - Limited - Enabled)
Invitado (S-1-5-21-3375071059-256883617-4030594371-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{DCAFF63A-A26F-4809-A00D-27AD6733ACB3}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{C7B0C705-9987-44A2-B495-4101DAEDBFE0}) (Version: 2.6.2.4 - Intel) Hidden
ACP Application (HKLM\...\{1D0D7BE8-62D4-EB8B-B2C8-20262B826AF6}) (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{5D782829-1FC7-48D8-B2CB-1FA2851BDC12}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.4.1 - Advanced Micro Devices, Inc.)
Ancestors Legacy MULTi10 - ElAmigos versión 1.0 (HKLM-x32\...\{B033A74E-E7DC-4EB2-B58F-DF7D272B3333}_is1) (Version: 1.0 - 1C Company)
Argente - Registry Cleaner 3.1.0.1 (HKLM-x32\...\Argente - Registry Cleaner_is1) (Version: 3.1.0.1 - Argente Software)
Assassin's Creed Chronicles China (HKLM-x32\...\Uplay Install 1651) (Version:  - Ubisoft)
Assassins Creed Origins Gold Edition MULTi15 - ElAmigos versión 1.21 (HKLM-x32\...\{5DBEFC11-6A76-404A-AA09-88B65FEEB2D4}_is1) (Version: 1.21 - Ubisoft)
Batman Episode 5 (HKLM-x32\...\Batman Episode 5_is1) (Version:  - )
Bayonetta (HKLM-x32\...\Bayonetta_is1) (Version:  - )
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.151 - Bitdefender)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Borderlands The Handsome Collection Remastered MULTi4 - ElAmigos versión 1.0 (HKLM-x32\...\{001CD925-ECD7-4403-8620-ACEB1F33D7B0}_is1) (Version: 1.0 - 2K Games)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
calibre (HKLM-x32\...\{983F4095-C958-4CD5-8F58-0B40F6961146}) (Version: 3.34.0 - Kovid Goyal)
Call of Duty: Black Ops 2 (HKLM-x32\...\Call of Duty: Black Ops 2_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Company of Heroes - FAKEMSI (HKLM-x32\...\{14574B7F-75D1-4718-B7F2-EBF6E2862A35}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{199E6632-EB28-4F73-AECB-3E192EB92D18}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{25724802-CC14-4B90-9F3B-3D6955EE27B1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{50193078-F553-4EBA-AA77-64C9FAA12F98}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{51D718D1-DA81-4FAD-919F-5C1CE3C33379}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{80D03817-7943-4839-8E96-B9F924C5E67D}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{97E5205F-EA4F-438F-B211-F1846419F1C1}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{99A7722D-9ACB-43F3-A222-ABC7133F159E}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{D4D244D1-05E0-4D24-86A2-B2433C435671}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - FAKEMSI (HKLM-x32\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes - Opposing Fronts (HKLM-x32\...\Company of Heroes) (Version: 2.0.0.0 - THQ Inc.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version:  - CyberGhost S.R.L.)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 2.19.0.23 - GOG.com)
Data Lifeguard Diagnostic for Windows 1.29 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Devil May Cry 5 Deluxe Edition MULTi12 - ElAmigos versión 1.0 (HKLM-x32\...\{34CD216F-C8E8-447C-9616-E3CF03B333C4}_is1) (Version: 1.0 - Capcom)
DiskMax 6.02 (HKLM\...\DiskMax) (Version: 6.02 - KoshyJohn.com)
Divinity Original Sin 2 Divine Edition - ElAmigos versión 3.6.28.8354 (HKLM-x32\...\{05483258-5FD4-4B4E-A466-03A806D2ADD3}_is1) (Version: 3.6.28.8354 - Larian Studios)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version:  - id Software)
Dragon Quest XI Echoes of an Elusive Age MULTi5 - ElAmigos versión 1.0 (HKLM-x32\...\{E44F4313-15F1-4474-9ADB-04A9FE205672}_is1) (Version: 1.0 - Square Enix)
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Endless Space 2 Supremacy (HKLM-x32\...\Endless Space 2 Supremacy_is1) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Flux) (Version:  - f.lux Software LLC)
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Frostpunk MULTi7 - ElAmigos versión 1.0 (HKLM-x32\...\{408BC507-25F7-4A05-8009-EC6011DD1F29}_is1) (Version: 1.0 - 11bit Studios)
Glary Utilities 5.109 (HKLM-x32\...\Glary Utilities 5) (Version: 5.109.0.134 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Google Chrome SxS) (Version: 71.0.3558.0 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version:  - HDS)
Hearts of Iron IV Field Marshal Edition MULTi7 - ElAmigos versión 1.5.0 (HKLM-x32\...\{9240BFB5-B3DE-4505-8351-5605EE8D4F84}_is1) (Version: 1.5.0 - Paradox Interactive)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hollow Knight (1.0.0.5) (HKLM-x32\...\1308320804_is1) (Version: 0.1.1.294 - GOG.com)
Icecream Ebook Reader versión 4.55 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 4.55 - Icecream Apps)
Intel® Driver Update Utility (HKLM-x32\...\{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Kingdom Hearts Gold Repack (HKLM-x32\...\Kingdom Hearts Gold Repack) (Version:  - )
League of Legends (HKLM-x32\...\{E86FBD55-9636-46A1-ACA7-57F8C09CC322}) (Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Exploit version 1.12.1.147 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.12.1.147 - Malwarebytes)
Malwarebytes versión 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.3.1000 - Maxthon International Limited)
Mega Man 11 MULTi8 - ElAmigos versión 19.11.2018 (HKLM-x32\...\{9BAD7EB7-7927-4EB8-A87D-3214C8BBE013}_is1) (Version: 19.11.2018 - Capcom)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Memory Cleaner 2.20 (HKLM-x32\...\MemClean) (Version: 2.20 - KoshyJohn.com)
Memory Cleaner 2.60 (HKLM\...\MemClean) (Version: 2.60 - KoshyJohn.com)
Microsoft .NET Framework 4.7.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27027 (HKLM-x32\...\{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )
Moonlighter (HKLM-x32\...\Moonlighter_is1) (Version:  - )
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 66.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.1 (x64 en-US)) (Version: 66.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 63.0.3 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MX5 (HKLM-x32\...\Maxthon5) (Version: 5.2.3.2000 - Maxthon International Limited)
Ni no Kuni II Revenant Kingdom MULTi7 - ElAmigos versión 3.00 (HKLM-x32\...\{AA5EB756-839F-4E69-B7D6-6DC016D5584A}_is1) (Version: 3.00 - Bandai Namco Entertainment)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
One Piece World Seeker Deluxe Edition MULTi12 - ElAmigos versión 1.0 (HKLM-x32\...\{928C8A37-4F4A-4483-9BB5-43B3919BD265}_is1) (Version: 1.0 - Bandai Namco Entertainment)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 58.0.3135.127 (HKLM-x32\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.11002 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.2-r115422-release - Plays.tv, LLC)
Process Tamer 2.11.01 (HKLM-x32\...\Process Tamer_is1) (Version:  - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
redist (HKLM-x32\...\{153C7D89-9CF4-4719-A551-C5BF45236DB5}) (Version: 1.0.0.0 - redist)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
RiME MULTi10 - ElAmigos versión 1.01 (HKLM-x32\...\{4F756C8B-D98D-4988-96D5-EABC6C5FD795}_is1) (Version: 1.01 - Grey Box)
Rise of the Tomb Raider (HKLM-x32\...\{45F08513-973A-4C18-93FD-8E12B1908390}_is1) (Version:  - Square Enix)
RivaTuner Statistics Server 7.0.2 (HKLM-x32\...\RTSS) (Version: 7.0.2 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.9.5 - Rockstar Games)
RSDLite_MTK_Patch (HKLM-x32\...\{3C1D537E-A247-47E1-A0B2-1379BBA8C923}) (Version: 33 - Motorola)
Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version:  - )
Sekiro Shadows Die Twice MULTi13 - ElAmigos versión 1.02 (HKLM-x32\...\{93A98F06-2B86-4F97-AAF2-A44AEB1E2C29}_is1) (Version: 1.02 - FromSoftware)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Shadow of the Tomb Raider Croft Edition MULTi12 - ElAmigos versión 1.0.237.6 (HKLM-x32\...\{5749598C-C7FE-4BCB-BF30-CC8996E73C76}_is1) (Version: 1.0.237.6 - Square Enix)
Shadow Warrior 2 (HKLM-x32\...\1434021265_is1) (Version: 2.0.0.4 - GOG.com)
Shadow Warrior 2 Pre-order Exclusive (HKLM-x32\...\1267008497_is1) (Version: 2.0.0.1 - GOG.com)
Sid Meiers Civilization VI Digital Deluxe MULTi12 - ElAmigos versión 1.0.0.290 (HKLM-x32\...\{F3E80C7D-386C-402A-8963-5EC267114571}_is1) (Version: 1.0.0.290 - 2K)
Sniper Elite 4 Deluxe Edition MULTi10 - ElAmigos versión 1.4 (HKLM-x32\...\{0B524096-DCBD-4090-9DE2-F1697041EE73}_is1) (Version: 1.4 - Rebellion)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
SOULCALIBUR VI (HKLM-x32\...\SOULCALIBUR VI_is1) (Version:  - )
South Park The Fractured But Whole MULTi9 - ElAmigos versión 1.0 (HKLM-x32\...\{20B35921-1CC1-41AF-BEDC-92F6006DB5A4}_is1) (Version: 1.0 - Ubisoft)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sudden Strike 4 MULTi10 - ElAmigos versión 1.15 (HKLM-x32\...\{E32DC15A-113F-4107-AA58-5349DA46F0A5}_is1) (Version: 1.15 - Kalypso Media Digital)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
Tales of Vesperia Definitive Edition MULTi10 - ElAmigos versión 1.0 (HKLM-x32\...\{716EFADE-4952-43A8-9A7C-B51BEF404C6B}_is1) (Version: 1.0 - Namco)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TEKKEN 7 Deluxe Edition MULTi11 - ElAmigos versión 1.0 (HKLM-x32\...\{6A5D71D7-EE7F-48E3-9AD6-D05D354050B7}_is1) (Version: 1.0 - Bandai Namco Entertainment)
The King of Fighters XIV Steam Edition MULTi11 - ElAmigos versión 1.0 (HKLM-x32\...\{23E8ACDD-8B37-4C55-A6F4-968518D05A1E}_is1) (Version: 1.0 - SNK)
Tropico 6 El Prez Edition MULTi7 - ElAmigos versión 1.0 (HKLM-x32\...\{35CCB9CD-ECC6-4539-8E3D-5483A9E4210E}_is1) (Version: 1.0 - Kalypso Media)
Tyranny Overlord Edition MULTi6 - ElAmigos versión 1.0 (HKLM-x32\...\{85C0DE93-80FF-498C-A93E-0829C0D3F24B}_is1) (Version: 1.0 - Paradox Interactive)
UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Uplay (HKLM-x32\...\Uplay) (Version: 26.1 - Ubisoft)
Vampyr (HKLM-x32\...\Vampyr_is1) (Version:  - )
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Watch Dogs versión 1.06.329 (HKLM-x32\...\Watch Dogs_is1) (Version: 1.06.329 - UBISoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wolfenstein II The New Colossus MULTi8 - ElAmigos versión 1.0 (HKLM-x32\...\{83A4188A-0AA2-4306-9219-368BE2EB362D}_is1) (Version: 1.0 - Bethesda Softworks)
Wonder Boy The Dragons Trap MULTi9 - ElAmigos versión 29.04.2018 (HKLM-x32\...\{78BFC1B5-4652-4DDE-ADD6-0251EBCED035}_is1) (Version: 29.04.2018 - DotEmu)
yabause 0.9.15 (HKLM-x32\...\ (Win64)) (Version: 0.9.15 - Yabause team)
Yokus Island Express (HKLM-x32\...\Yokus Island Express_is1) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\eze\AppData\Local\Google\Chrome SxS\Application\71.0.3558.0\notification_helper.exe (Google Inc -> Google Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-04-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-04-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-03-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} =>  -> No File
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2018-12-06] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-04-02] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {053C82B2-9D24-4EA9-AD8F-EF81E8AA9C52} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {09FF6712-DFC7-4700-B665-B9812A39AE9E} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {12DB235F-FAF1-4F4D-BDE4-FB7F6AD9DFE2} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1B20BC8F-8B42-45A2-A404-6C9A000CE10D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2279B895-AABD-4331-B6AB-81BB12CC2B33} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {3F9FEF00-1814-47EE-8565-E346CEA7FD8A} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3375071059-256883617-4030594371-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {41E11657-B889-4B15-A5AB-0370F86083F7} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {48CF66E6-0AFF-4539-8D13-DA249FA60AF7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3375071059-256883617-4030594371-1001UA => C:\Users\eze\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4FE9DC58-7666-4FEC-BCAB-01AB2908D579} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {5072F0EF-FCEE-488E-B514-1B4C5BF3920E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3375071059-256883617-4030594371-1001Core => C:\Users\eze\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {613CCB04-738E-41F6-92ED-47584B7494F7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3375071059-256883617-4030594371-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {626506CD-8CD5-42B8-896C-67BC6D57E397} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {634E1842-4B77-4190-889B-A97B78825E56} - System32\Tasks\Opera scheduled Autoupdate 1449668871 => C:\Program Files (x86)\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {75D0F1B9-404B-4C2A-8EFC-CB4004BB4924} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe
Task: {79D01FFF-B902-4BCE-A41E-30306A5B00C2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3375071059-256883617-4030594371-1001
Task: {7E3D858A-B5FA-439D-9FC0-FA9CF689C85F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7EA5F859-1DED-49B1-80E2-48173EAF38F4} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe
Task: {8397471F-AA27-4EC1-9035-0AFD4480A882} - System32\Tasks\Sapphire TRIXX => C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe (Sapphire Technology Limited -> )
Task: {93C8033B-6662-4CCA-AA58-98976E5AEF91} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe (Adobe Inc. -> Adobe)
Task: {B2C94C41-967E-4D54-A73D-9DE1CDF5C2F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B7274A3F-0F95-4DEB-A786-FF928748EAB8} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe
Task: {B862262F-5808-44AC-9F3E-CDB247D8297F} - \Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 -> No File <==== ATTENTION
Task: {B8A6A8A0-AD3F-4692-812E-CB3C80AE4EB2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {B9226E2C-F030-4CF1-B860-D9C7A2EF2F30} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C5EE37B3-A46B-4ED7-BA3B-9D73AAD49274} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {D6F83799-4B93-4DD9-83B7-487A453B6261} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {E1364ACC-3188-49E1-8996-1436AC54F8F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Inc. -> Adobe)
Task: {EB2D2A4D-7686-4B2D-9BB3-169263FC2BE6} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe (Intel(R) Software -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2019-03-26 23:30 - 2019-03-26 23:30 - 000190464 _____ () [File not signed] C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
2018-07-27 23:56 - 2018-06-11 14:57 - 000009728 _____ (Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
2009-08-18 11:24 - 2009-08-18 11:24 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-01-13 23:20 - 2017-12-20 19:19 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\59717546.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\81597140.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\59717546.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\81597140.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 23:34 - 2018-08-17 11:20 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\eze\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^eze^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk => C:\Windows\pss\MEGAsync.lnk.Startup
MSCONFIG\startupreg: AceStream => C:\Users\eze\AppData\Roaming\ACEStream\engine\ace_engine.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: mylbx => C:\Program Files\My Lockbox\mylbx.exe /a
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: WTFast Tray => "C:\Program Files (x86)\WTFast\WTFast.exe" trayonly

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{087B97BE-345C-4312-99F7-4C7BD7DBF6B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B7F21AF-E4A5-434F-BB04-904300F68E38}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7DDA113E-75D3-4BB3-8DE2-22CE313A9267}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F64851FF-2CF4-4FCA-8FFA-4DCA90375D76}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D79D4BE2-4463-485C-A390-BE54D7199DF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{AE3B3F63-D3F6-4888-B4FD-7008268A3854}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{2E57E693-E8C9-4F1D-9A88-43474002AC6E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{AA0EAFF1-5361-4510-BBC8-ACCAA39D8269}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{8C19A3AC-DF21-4EA4-B795-2E3AB89450C5}] => (Allow) C:\Program Files (x86)\THQ\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.) [File not signed]
FirewallRules: [{BE98E8FA-23D0-4160-85E2-5FC8A69547F6}] => (Allow) C:\Program Files (x86)\THQ\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.) [File not signed]
FirewallRules: [{5FB99378-9E07-45F6-811A-291299861E22}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{735B2307-A762-4A7E-A1A7-05C1FBC3FF6B}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{448AAC6C-AF26-4E0E-8F09-61A74B15B347}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{D16CD5A2-5D60-4DC9-BD2B-7D77211BA2CB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{494DE139-CBD0-4643-9B9B-B6A17F1640F4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{04517E33-FE4A-461C-8F30-2D57CA4A08EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{792D117B-3CB5-40D0-9F37-CE69FD3B513A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{514F8125-A40C-4854-8425-C2319E2CB601}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3603B850-218B-4D59-8D8E-49FA57999509}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{71137D1A-17D9-4340-80C9-AE111514F9E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{93E9CA21-D58D-4FA5-8BC5-FAD6FF1E6B23}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{BE029ED8-BAAC-4271-94AF-96626205DF36}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{054BEF34-4C0F-478C-B5CC-C827B79FFA0B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{46E40538-6DF9-451A-9620-4BB71F249F5C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc -> Raptr, Inc)
FirewallRules: [{0466257C-5CE5-4319-B137-CA7D79466F1C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, LLC -> Plays.tv, LLC)
FirewallRules: [{EC4CF931-EF2A-4489-8CB7-B59138AD3324}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Plays.tv, LLC -> Plays.tv, LLC)
FirewallRules: [{3F558533-CDF2-498A-9735-A55C597DB667}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{2CFC6A3F-A56F-4EEB-B797-D353A70C016D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe () [File not signed]
FirewallRules: [{646F56B6-F20F-45B5-ABC1-1649E06D9A31}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A13B506C-16E9-4E83-B9BC-6CEB4CEAB2FA}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{56767E5A-7522-49E8-B533-F59099545089}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B9CC519D-EB20-46DF-BD99-00838FD6B3AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7F86EA1F-30FB-457B-9FFB-9FC2C2EA273F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{71DC2C63-99A2-4A4D-AD78-2CC96B26CE16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{3BAF264D-8756-4BD1-A8B3-A6C282FF1CD6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C8B68F19-D3ED-466E-BE0E-0E66D027F0DA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E095BA96-EC62-47EA-9673-A32425EA1FCB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games)
FirewallRules: [{C38A51A2-AA99-4FC7-9578-FA908E0B36D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games)
FirewallRules: [{E0A32EA5-AFD6-4A70-9D98-77F079B07D13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe () [File not signed]
FirewallRules: [{C786D00B-C4AD-4875-BFB1-E7DAC12B06D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe () [File not signed]
FirewallRules: [{2E9E8E98-616A-4A52-820C-7C04F6310107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{66FE71ED-BCE7-48A4-8B68-48081E51B037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{D9FA8985-0263-475B-A0BA-9D46F6BA54D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3 Uprising\RA3EP1.exe (Electronic Arts, Inc.) [File not signed]
FirewallRules: [{5BBC78E0-CBF3-4CF5-B239-422F3F0CCF52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer Red Alert 3 Uprising\RA3EP1.exe (Electronic Arts, Inc.) [File not signed]
FirewallRules: [{1D3BBD9B-7FC4-4B00-8487-E8A87B85C8FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{ABD147C8-86AF-416E-AED0-0A56420D7045}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{335EA671-AE13-4F7B-861A-62804F4D2E55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{E0533A05-26C6-4BC6-8832-0AC015B6E676}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{9240F2DE-57C7-4EDA-9097-CFAEEBF10ED2}] => (Allow) M:\SteamLibrary\steamapps\common\Overlord\Overlord.exe (Triumph Studios) [File not signed]
FirewallRules: [{65B28EC6-C287-4043-98FF-F551B1B2AC61}] => (Allow) M:\SteamLibrary\steamapps\common\Overlord\Overlord.exe (Triumph Studios) [File not signed]
FirewallRules: [{0BF09002-B9CA-468B-A26B-84DBC7A952F5}] => (Allow) M:\SteamLibrary\steamapps\common\Overlord\Config.exe () [File not signed]
FirewallRules: [{42DD7363-5B73-4EA4-A844-3505F699240F}] => (Allow) M:\SteamLibrary\steamapps\common\Overlord\Config.exe () [File not signed]
FirewallRules: [{A9AFBA3F-921F-48F2-A036-169724170668}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.118\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{63D46312-736E-4F62-B089-F3FC935F55B5}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B2E405D3-7E00-4996-B12E-7AD34590F63B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

17-04-2019 19:52:11 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/17/2019 07:31:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/17/2019 06:55:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/17/2019 05:14:50 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/17/2019 05:05:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/16/2019 10:13:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/16/2019 09:57:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/16/2019 09:53:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (04/16/2019 09:13:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.


System errors:
=============
Error: (04/17/2019 07:31:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error: 
%%-2140993535

Error: (04/17/2019 07:31:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error: 
%%-2140993535

Error: (04/17/2019 07:31:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error: 
%%-2140993535

Error: (04/17/2019 07:31:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error: 
%%-2140993535

Error: (04/17/2019 07:31:49 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.

Error: (04/17/2019 07:31:49 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: El Protocolo de resolución de nombres de mismo nivel no se inició debido a un error de creación de la identidad predeterminada con código de error: 0x80630801.

Error: (04/17/2019 07:31:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Agrupación de red del mismo nivel depende del servicio Protocolo de resolución de nombres de mismo nivel, el cual no pudo iniciarse debido al siguiente error: 
%%-2140993535

Error: (04/17/2019 07:31:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Protocolo de resolución de nombres de mismo nivel se cerró con el siguiente error: 
%%-2140993535


CodeIntegrity:
===================================

Date: 2018-08-17 11:20:30.400
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-08-17 11:20:30.369
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-11-14 22:19:46.528
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-11-14 22:19:46.485
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-20 11:06:42.871
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2016-01-20 11:06:42.824
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2015-10-08 17:05:12.170
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

Date: 2015-10-08 17:05:12.037
Description: 
Integridad de código no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\SMCLpav\Pav2WSC.exe porque el conjunto de hashes de imagen por página no se encuentra en el sistema.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8174.32 MB
Available physical RAM: 5027 MB
Total Virtual: 16348.63 MB
Available Virtual: 11715.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:976.56 GB) (Free:32.07 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:886.36 GB) (Free:47.9 GB) NTFS
Drive m: (Nuevo vol) (Fixed) (Total:931.04 GB) (Free:51.91 GB) NTFS
Drive n: (Reservado para el sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{63eafdd1-26c9-11e4-af45-806e6f6e6963}\ () (Fixed) (Total:148.95 GB) (Free:4.54 GB) NTFS
\\?\Volume{4d77c713-716f-11e8-b4fc-806e6f6e6963}\ () (Fixed) (Total:0.47 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: B2600499)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=976.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: BA9AF5CE)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=479 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: AEECAEEC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Javier te cuento que la Pc me anda igual, he notado eso si que hay momentos en que el uso del CPU se eleva muchisimo sin que se corresponda a elementos usados, haciendo que por ejemplo un juego que antes corria bien comience a dar tirones. Desde ya gracias, aguardo tu respuesta.

#6

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\eze\AppData\Local\Google\Chrome SxS\Application\71.0.3558.0\notification_helper.exe (Google Inc -> Google Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
Task: {79D01FFF-B902-4BCE-A41E-30306A5B00C2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3375071059-256883617-4030594371-1001
Task: {B862262F-5808-44AC-9F3E-CDB247D8297F} - \Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 -> No File <==== ATTENTION
MSCONFIG\startupreg: AceStream => C:\Users\eze\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-11-11] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [script_fcbd] => "E:\Far Cry 3 Blood Dragon\fcbd.bat"
BootExecute: autocheck autochk *
C:\Users\eze\AppData\Roaming\ACEStream
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Toolbar: HKU\S-1-5-21-3375071059-256883617-4030594371-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3375071059-256883617-4030594371-1001: @tools.google.com/Google Update;version=3 -> C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-3375071059-256883617-4030594371-1001: @tools.google.com/Google Update;version=9 -> C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-01-12] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-01-12] <==== ATTENTION
R3 TRIXX; \??\C:\Users\eze\AppData\Local\Temp\TRIXX.sys [X] <==== ATTENTION
2017-06-24 22:55 - 2017-06-24 22:55 - 000000302 _____ () C:\Users\eze\resentinternet.bat
2018-08-21 18:27 - 2018-09-27 14:06 - 003277696 _____ () C:\Users\eze\ZHPCleaner.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora inicia tu equipo desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

#7

Buenas javier, te copio el resultado:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.04.2019
Ran by eze (18-04-2019 19:18:26) Run:1
Running from C:\Users\eze\Desktop
Loaded Profiles: eze (Available Profiles: eze)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
CustomCLSID: HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\eze\AppData\Local\Google\Chrome SxS\Application\71.0.3558.0\notification_helper.exe (Google Inc -> Google Inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
Task: {79D01FFF-B902-4BCE-A41E-30306A5B00C2} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3375071059-256883617-4030594371-1001
Task: {B862262F-5808-44AC-9F3E-CDB247D8297F} - \Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 -> No File <==== ATTENTION
MSCONFIG\startupreg: AceStream => C:\Users\eze\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-11-11] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [script_fcbd] => "E:\Far Cry 3 Blood Dragon\fcbd.bat"
BootExecute: autocheck autochk *
C:\Users\eze\AppData\Roaming\ACEStream
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Toolbar: HKLM-x32 - No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - No File
Toolbar: HKU\S-1-5-21-3375071059-256883617-4030594371-1001 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-3375071059-256883617-4030594371-1001: @tools.google.com/Google Update;version=3 -> C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-3375071059-256883617-4030594371-1001: @tools.google.com/Google Update;version=9 -> C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [No File]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-01-12] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-01-12] <==== ATTENTION
R3 TRIXX; \??\C:\Users\eze\AppData\Local\Temp\TRIXX.sys [X] <==== ATTENTION
2017-06-24 22:55 - 2017-06-24 22:55 - 000000302 _____ () C:\Users\eze\resentinternet.bat
2018-08-21 18:27 - 2018-09-27 14:06 - 003277696 _____ () C:\Users\eze\ZHPCleaner.exe
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKU\S-1-5-21-3375071059-256883617-4030594371-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{79D01FFF-B902-4BCE-A41E-30306A5B00C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79D01FFF-B902-4BCE-A41E-30306A5B00C2}" => removed successfully
C:\Windows\System32\Tasks\Games\UpdateCheck_S-1-5-21-3375071059-256883617-4030594371-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Games\UpdateCheck_S-1-5-21-3375071059-256883617-4030594371-1001" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B862262F-5808-44AC-9F3E-CDB247D8297F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B862262F-5808-44AC-9F3E-CDB247D8297F} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => not found
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AceStream => removed successfully
"HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GUDelayStartup" => removed successfully
"HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\script_fcbd" => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"C:\Users\eze\AppData\Roaming\ACEStream" => not found
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => removed successfully
HKLM\Software\Classes\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} => not found
"HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{093F479D-712E-46CD-9E06-62E734A05F68}" => removed successfully
HKLM\Software\Classes\CLSID\{093F479D-712E-46CD-9E06-62E734A05F68} => not found
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN" => not found
C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
"HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN" => not found
"C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll" => not found
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\MozillaPlugins\@tools.google.com/Google Update;version=3 => removed successfully
"C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll" => not found
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\Software\MozillaPlugins\@tools.google.com/Google Update;version=9 => removed successfully
"C:\Users\eze\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll" => not found
C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
HKLM\System\CurrentControlSet\Services\TRIXX => removed successfully
TRIXX => service removed successfully
C:\Users\eze\resentinternet.bat => moved successfully
C:\Users\eze\ZHPCleaner.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKU\S-1-5-21-3375071059-256883617-4030594371-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3375071059-256883617-4030594371-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3375071059-256883617-4030594371-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El catálogo Winsock se restableció correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 4 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Conexi¢n de  rea local 5 mientras los medios
est‚n desconectados.

Adaptador de Ethernet Conexi¢n de  rea local 4:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de  rea local 5:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de Ethernet Conexi¢n de  rea local:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   Direcci¢n IPv6 . . . . . . . . . . : 2800:af0:1108:10f3:2039:429a:af64:3993
   Direcci¢n IPv6 temporal. . . . . . : 2800:af0:1108:10f3:80ab:3ea3:920:2136
   V¡nculo: direcci¢n IPv6 local. . . : fe80::2039:429a:af64:3993%11
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.5
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : fe80::200:caff:fe11:2233%11
                                       192.168.0.1

Adaptador de t£nel isatap.{C668B3D4-C54B-41F4-B525-814FB9D2B42B}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{FF01437B-E167-49BC-BB1D-A0BB8628018F}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

Adaptador de t£nel isatap.{1B4C8850-D7B7-496F-8DD9-AD6DCE90DCC8}:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS espec¡fico para la conexi¢n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to connect to BITS - 0x8007042c
No se puede iniciar el servicio o grupo de dependencia.



========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Global se restableció correctamente.
Interfaz se restableció correctamente.
Dirección de unidifusión se restableció correctamente.
Reinicie el equipo para completar esta acción.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Interfaz se restableció correctamente.
Reinicie el equipo para completar esta acción.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 28419276 B
Java, Flash, Steam htmlcache => 72261378 B
Windows/system/drivers => 1596846 B
Edge => 0 B
Chrome => 11426712 B
Firefox => 23696891 B
Opera => 59569443 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
eze => 20676654 B

RecycleBin => 0 B
EmptyTemp: => 207.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:18:50 ====

Te comento, la pc me estaba funcionando bien ayer, pero de un momento a otro uno de los discos dejo de funcionar, no lo detectaba ni en modo seguro. Al reiniciar la PC ahora me entra al Bios en lugar de iniciar normalmente, y leo una pequeña leyenda de " S.M.A.R.T. status bad, backup and remplace". Cuando quito esto e inicia el disco en cuestion me lo esta leyendo, pero una vez mas la pc se me quedo congelado. Entiendo que segun me avisa la BIOS uno de los discos parece estar a punto de morir, no se si tendra relacion al resto de los problemas de la PC. Espero tu respuesta, desde ya gracias.

#8

Te comento Javier que se me dio por revisar el estado de los discos con “hardk disck sentinal” , y sobre el disco en cuestión me indica lo siguiente:

"Falla Predicha - Atributo: 5 Reallocated Sectors Count, Count of sectors moved to the spare area. Indicate problem with the disk surface or the read/write heads.
There are 2826 bad sectors on the disk surface. The contents of these sectors were moved to the spare area.
The drive found 33 bad sectors during its self test.
Based on the number of remapping operations, the bad sectors may form continuous areas."

Quería agregarlo como información extra.

#9

Hola.

Efectivamente el disco que te esta fallando(imagino que es el de 149 GB) es el causante de esos bloqueos/congelamientos.

Los problemas de congelamiento de un equipo pueden deberse a multiples causas, entre otras las infecciones, pero una muy habitual es la de fallos en los discos que tengamos en nuestros equipos, sean éstos internos e incluso externos. :face_with_raised_eyebrow:

Cuando la BIOS de un equipo YA indica ese problema/advertencia NO queda otra opción que hacer copia de la información que tengas en él y quitarlo del equipo. :confused:

En cuanto hayas relazado esos pasos dínoslo para darte las ultimas indicaciones/pasos que debes hacer.

Saludos.

#10

Hola de nuevo javier, una vez más te agradezco toda la ayuda brindada. Te comento, he retirado el disco (lamentablemente era el de 1tb), salvando muy pocas cosas, y efectivamente la BIOS no volvió a molestar. Ahora bien, debido a que tuve que eliminar varios programas, decidí actualizar los controladores de mi placa de video, para mi sorpresa tras desinstalar los controladores actuales de mi PC, al reiniciar la misma se quedó nuevamente congelada. Tras volver a reiniciar e instalar los controladores nuevos, una vez que le di el correspondiente reinicio, la PC volvió a congelarse y obligarme a reiniciar. Por el momento no ha vuelto a suceder, pero parece claro que el disco fallado no era el único problema. Desde ya agradezco nuevamente toda tu ayuda, y espero tu respuesta.

#11

Hola. :+1:

Pues… entocnes pasemos a verificar como tienes el disco duro de tu equipo(donde se ubica el sistema operativo), para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda :arrow_right: ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 7.

Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos :arrow_right: ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.

Nos pones el informe y comentas como sigue el problema del equipo.

Saludos.

#12

Hola Javier y felices Pascuas. Te dejo el informe que me pediste:

Nombre de registro:Application
Origen:        Microsoft-Windows-Wininit
Fecha:         21/04/2019 4:15:41
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        eze-PC
Descripción:


Comprobando el sistema de archivos en C:
El tipo del sistema de archivos es NTFS.

Uno de los discos necesita ser comprobado para ver coherencias.
Se puede cancelar la comprobación de disco, pero se recomienda
que continúe.
Windows comprobará ahora el disco.                       

CHKDSK está comprobando archivos (etapa 1 de 5)...
  601856 registros de archivos procesados.                               

Comprobación de archivos completada.
  12229 registros de archivos grandes procesados.                       

  0 registros de archivos no válidos procesados.                    

  2 registros de EA procesados.                                           

  72 registros de análisis procesados.                               

CHKDSK está comprobando índices (etapa 2 de 5)...
  753924 entradas de índice procesadas.                                        

Comprobación de índices completada.
  0 archivos no indizados examinados.                               

  0 archivos no indizados recuperados.                              

CHKDSK está comprobando descriptores de seguridad (etapa 3 de 5)...
  601856 SD/SID de archivo procesados.                                        

Liberando 277 entradas de índice no usadas del índice $SII del archivo 0x9.
Liberando 277 entradas de índice no usadas del índice $SDH del archivo 0x9.
Liberando 277 descriptores de seguridad no usados.
Comprobación de descriptores de seguridad completada.
  76035 archivos de datos procesados.                                   

CHKDSK está comprobando el diario USN...
  1033200816 bytes de USN procesados.                                            

Se ha completado la comprobación del diario USN.
CHKDSK está comprobando los datos de archivo (etapa 4 de 5)...
  601840 archivos procesados.                                                

Comprobación de datos de archivo completada.
CHKDSK está comprobando el espacio disponible (etapa 5 de 5)...
  31517961 clústeres disponibles procesados.                               

La comprobación del espacio disponible se completó.
Windows ha comprobado el sistema de archivos y no encontró problemas.

1023998975 KB de espacio total en disco.
 896039196 KB en 286222 archivos.
    173780 KB en 76036 índices.
         0 KB en sectores defectuosos.
   1714155 KB en uso por el sistema.
El archivo de registro ha ocupado      65536 kilobytes.
 126071844 KB disponibles en disco.

      4096 bytes en cada unidad de asignación.
 255999743 unidades de asignación en disco en total.
  31517961 unidades de asignación disponibles en disco.

Información interna:
00 2f 09 00 1c 87 05 00 f9 bb 09 00 00 00 00 00  ./..............
74 28 00 00 48 00 00 00 00 00 00 00 00 00 00 00  t(..H...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows ha finalizado la comprobación del disco.
Espere mientras se reinicia el sistema.

De momento la PC no se a vuelto a congelar, lo cual me hace suponer que el problema está directamente relacionado con las actualizaciones de la placa de video. Te agradezco una vez más toda la ayuda que me estas brindando. Saludos

#13

Hola.

Pero… entiendo que los problemas que TU tenias se habitan presentado anteriormente también a las actualizaciones de la placa de vídeo…??

O eso entendí yo. :thinking:

#14

Hola, si anteriormente se habían presentado en reiteradas ocasiones, las cuales por el momento no han vuelto a suceder. Las últimas veces que paso, como te comente anteriormente, fueron con los drivers de la placa, por eso mi comentario. Perdón si se prestó a confusión.

#15

Hola y Felices Pascuas para ti también. :+1:

Efectivamente, como ya comentamos anteriormente los problemas de congelación pueden deberse a distintos factores o problemas, desde infecciones, a problemas con los distintos discos duros(internos o externos) o drivers problemáticos al igual que a programas incompatibles o mal diseñados o problemas eléctricos de nuestra compañías de luz o de la fuente de alimentación de nuestro equipo o incluso de alguna componente del mismo. :crazy_face: :roll_eyes:

Para asegurarnos que TU otro disco NO sea el responsable de los problemas, debes hacer una verificación de él siguiendo estos pasos :

:one: Vas a Mi PC o Equipo, haces click derecho en la unidad X: y luego seleccionas Propiedades.

:two: En la pestaña Herramientas click en el botón Comprobar Ahora.

:three: Habilita las 2 casillas disponibles, presiona Iniciar, si el proceso no empieza desde windows, saldrá una ventana de advertencia y pulsamos el botón SI en el cuadro de dialogo.

:four: Después Reinicia el equipo. Si el disco no se ha comprobado desde windows, se examinara en el próximo reinicio.

:five: Si tuvieras que REINICIAR y cuando tu equipo este REINICIANDO NO toques ninguna tecla ni tampoco el ratón y deja que se realice el proceso.

:six: Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos :arrow_right: ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

:seven: Hay que tener en cuenta que el informe en esta ocasión deberás buscarlo bajo el termino que corresponda con el “origen/usuario” de nombre “Chkdsk”.

Saludos.

#16

Hola javier, primero te dejo el analisis del disco:

Chkdsk se ejecutó en modo de lectura/escritura.  

Comprobando el sistema de archivos en F:
La etiqueta de volumen es Nuevo vol.

CHKDSK está comprobando archivos (etapa 1 de 5)...
  256 registros de archivos procesados.                                
Comprobación de archivos completada.
  0 registros de archivos grandes procesados.                         
 0 registros de archivos no válidos procesados.                      
 0 registros de EA procesados.                                             
 0 registros de análisis procesados.                                
CHKDSK está comprobando índices (etapa 2 de 5)...
  278 entradas de índice procesadas.                                        
 Comprobación de índices completada.


CHKDSK está comprobando descriptores de seguridad (etapa 3 de 5)...
  256 SD/SID de archivo procesados.                                         
Comprobación de descriptores de seguridad completada.
  11 archivos de datos procesados.                                   
 CHKDSK está comprobando los datos de archivo (etapa 4 de 5)...
  240 archivos procesados.                                                 
Comprobación de datos de archivo completada.
CHKDSK está comprobando el espacio disponible (etapa 5 de 5)...
  39023261 clústeres disponibles procesados.                                
La comprobación del espacio disponible se completó.
Windows ha comprobado el sistema de archivos y no encontró problemas.

 156185599 KB de espacio total en disco.
     21568 KB en 6 archivos.
        12 KB en 13 índices.
     70971 KB en uso por el sistema.
El archivo de registro ha ocupado      65536 kilobytes.
 156093048 KB disponibles en disco.

      4096 bytes en cada unidad de asignación.
  39046399 unidades de asignación en disco en total.
  39023262 unidades de asignación disponibles en disco.

Te paso a comentar, al prender la PC, la pantalla se craseho completamente crusandose los colores y distorcionandose la imagen, mientars se escuchaba un ruido fuerte de los coolers del pc.Reinicie el equipo y una vez mas el equipo prendio muy bien pero se quedo congelado. Al reiniciar por tercera vez me salio el siguiente mensaje: “During previous GPU-Z crashed at openCL detencion. Please update openCL and graphics drivers. Would you like re-enable OpenCL detection?”

Desconosco que a que peude deberse, y la verdad estoy bastante preocupado. Desde ya agradezco toda la ayuda que puedas brindarme. Saludos

#17

Hola.

Por el mensaje que indicas que sale :

During previous GPU-Z crashed

La palabra GPU (del inglés Graphics Processing Unit) hace referencia al núcleo gráfico de la tarjeta gráfica , sea ésta una tarjeta dedicada o integrada en el núcleo gráfico de ciertos procesadores…por ej. los de Intel de tipo medio o básico(desde los Pentium Silver / Celeron hasta los Intel Core i7 8700K).

Y en ella(GPU) es donde se realizan todos los cálculos matemáticos destinados a que nuestro ordenador sea capaz de representar una imagen en la pantalla de nuestro monitor.

El síntoma de “craseho” completo del vídeo con distorsión de imagen viene derivado de ese error/problema y eso puede venir motivado por un fallo de ese Hardware(GPU) problemas de temperatura del mismo y/o limpieza interna que provoque exceso de temperatura o también por incorrectos drivers recientemente instalados por ti.

Una pregunta… :thinking: anteriormente habías actualizado en otras ocasiones los driver de la tarjeta gráfica, o esta ultima que has realizado fue la primera vez que lo hiciste…??

Los driver que tenias anteriormente eran los que venían originalmente con tu equipo ya preinstalados en tu Windows 7…??

Saludos.

#18

Hola Javier, no era la primera vez que actualizaba, por el contrario he actualizado en reiteradas ocasiones. Sin embargo si hacia bastante que no los actulizaba(cosa de unos 8 meses), cosa que hice tras el primer congelamiento. Posteriormente, con el disco dañado y demás, volví a actualizar la placa tal como te comente, con los errores previamente mencionados. Puede que el error estuviera en que no desinstale los drivers viejos desde modo seguro, sino que lo realice en la pantalla normal tal como guiaba la aplicación de AMD (la de mi placa). Si sirve de algo realice un testeo con el programa memtesCL que me recomendo un amigo, el cual solo encuentra errores en la placa en las areas de “ramdon block”, lo comento como información extra. Un saludo

#19

Hola.

El problema es que podemos estar ante dos errores/problemas similares, pero que provengan de sitios distintos, por una parte del problema con el disco duro y por otra de la ultima actualización de los driver de la tarjeta trafica. :roll_eyes:

Esa desinstalación ademas puede también influir, para hacer la desinstalacion de los driver de la tarjeta gráfica existe un excelente programa del que te dejo su enlace de descarga por aquí :arrow_right: https://www.wagnardsoft.com/DDU/download/DDU%20v18.0.1.1.exe

Y por aquí tienes su pagina oficial :arrow_right: https://www.wagnardsoft.com/

Pues NO sabría decirte o podría asegurar, que esos errores demuestren claramente un fallo físico en tu tarjeta de vídeo, si buscas en Internet podas ver que existe distinta información que incluso indican que MemtestCL es el culpable de esos errores(fallo de software) y NO se deberían achacar a un problema de las gráficas. :upside_down_face: :pensive:

Prueba primero a usar DDU y eliminar TODO rastro de los driver de la gráfica, hazlo también desde modo seguro, el propio programa te avisa de que lo hagas de esa manera.

Y YO que TU, primero probara a instalarle los driver originales que te vinieran con el equipo en su día y probaría a usar el equipe con ese driver original durante un periodo de mínimo 15 días, si después de ese tiempo NO has presentado problemas similares… ya sabes lo que dicen “blanco y en botella…”. :wink:

Nos comentas.

Saludos.

#20

Hola de nuevo Javier, eh seguido tu consejo y desinstale con el DDU los drivers en modo seguro e instale los que venían por defecto con la placa. Estaré probándola unos días y cualquier cosa volveré a comentarte los resultados, ya sea que de error o no. Desde ya te agradezco la ayuda y estamos hablando pronto.