Solucionar lentitud y bloqueo en portatil Windows 7

Buenos días,

Os escribo desde otro portátil distinto al que se refiere mi problema, ya que desde ese me resulta totalmente imposible. Intentaré ser breve y concisa: Es un portátil Samsung Windows 7 a 64bits del año 2013. Ya empezaba a ir lento hace unos 6 meses, pero lo he tenido sin usar unos 4 meses, y ahora al encenderlo me resulta ya 100% imposible. Enciende y apaga lentísimo, se bloquea y tengo que apagarlo dando botonazo, no se abre el Google Chrome, la navegación es increíblemente lenta… y un largo etc. ¿Qué puedo hacer? Intentaré seguir los pasos que me deis descargando los programas necesarios en este ordenador y pasándolos al otro ordenador con un pen… si es que me deja. Gracias por adelantado, haceis un maravilloso trabajo!!!

Ana.

1 me gusta

Hola @anne y Bienvenida al Foro.!!!

Comprueba SI el funcionamiento del equipo es mejor desde el :arrow_forward: Modo Seguro – con funciones de Red, de Windows.

Y de ser así te quedas en ese modo de windows y nos comentas. :thinking:

Saludos.

Hola! Disculpa la demora, pero me ha costado bastante lograrlo. Ya estoy en el equipo en cuestión en modo seguro con funciones de red. Ya me comentas los siguientes pasos a seguir :slight_smile:

Gracias!!!

Hola @anne.

Y desde ese modo ves que el funcionamiento del equipo sea mas estable/regular…??

Puedes acceder a nuestro Foro desde algún navegador y lo hace de forma normal…??

O también notas que tengas problemas para trabajar desde el modo seguro. :thinking:

Efectivamente Javier, desde este modo el equipo funciona más ligero, las ventanas tardan menos en abrirse, el navegador Chrome funciona bien y se abre, etc. Funciona bastante mejor! :slightly_smiling_face:

Perfecto… :clap: entonces vas a revisar tu equipo desde ese modo de windows, si al realizar algún proceso(de los que te pongo a continuación) te pide o se REINICIA el equipo deja que lo haga en el modo normal y vuelves a APAGARLO para seguir el resto de pasos desde el modo seguro de windows. :+1:

Y ahora sigues estos pasos, en el orden indicado y leyendo todo lo explicado.

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo desde el modo normal de windows en relación al problema planteado. :face_with_monocle:

Saludos.

Hola de nuevo!

Pues he podido seguir los pasos hasta el momento en que he de instalar el Malwarebytes. Le doy a instalar y me sale una ventana que pone “Se ha producido un error”, asi que no puedo instalarlo. :confused:

https://gyazo.com/1ac6f66eda2090f6c914eec7b6079d3b

Edito: me ha dejado instalarlo con conexión a internet. Voy a seguir con el resto de pasos y te cuento! :wink:

Perfecto. :clap:

En cuanto tengas TODOS los pasos realizados nos pones los informes y comentas.

Saludos.

Hola de nuevo! Pues te comento, te estoy escribiendo desde el otro equipo, ya que al reiniciar en modo normal el que estamos arreglando se ha quedado de nuevo colgado. El icono del wifi se ha quedado paralizado buscando red, google chrome no se abre tampoco. Voy a volver a iniciar ese equipo en modo seguro para poder copiarte aqui los reportes de los programas, a ver que pasa. Gracias! :wink:

Edito: también le cuesta mucho encenderse y apagarse.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 5/12/19
Hora del análisis: 18:58
Archivo de registro: e5980d2a-1788-11ea-aef5-e8039a355816.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.770
Versión del paquete de actualización: 1.0.15738
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: Ana-PC\Ana

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 529740
Amenazas detectadas: 2
Amenazas en cuarentena: 2
Tiempo transcurrido: 2 hr, 1 min, 16 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-1231317149-393754485-1902646098-1000\SOFTWARE\CSASTATS\ic, En cuarentena, 477, 586068, 1.0.15738, , ame, 

Valor del registro: 1
PUP.Optional.BrowserProtect, HKU\S-1-5-21-1231317149-393754485-1902646098-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TABBEDBROWSING|BPROTECTSHOWTABSWELCOME, En cuarentena, 983, 538248, 1.0.15738, , ame, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    12-05-2019
# Duration: 00:00:03
# OS:       Windows 7 Home Premium
# Cleaned:  12
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\csastats
Deleted       HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted       HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted       HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted       HKLM\Software\Wow6432Node\\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted       HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted       HKLM\Software\Wow6432Node\\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted       HKU\.DEFAULT\SOFTWARE\5348adab56dba44
Deleted       HKU\S-1-5-18\SOFTWARE\5348adab56dba44

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6191 octets] - [05/12/2019 21:58:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    12-05-2019
# Duration: 00:00:54
# OS:       Windows 7 Home Premium
# Scanned:  35225
# Detected: 40


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Adware.Heuristic            HKU\.DEFAULT\SOFTWARE\5348adab56dba44
PUP.Adware.Heuristic            HKU\S-1-5-18\SOFTWARE\5348adab56dba44
PUP.Optional.InstallCore        HKCU\Software\csastats
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy             HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy             HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.HPCleanFLC   File   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk 
Preinstalled.HPMediaSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9A48647-3938-4242-A922-87655C713DA6} 
Preinstalled.HPMediaSmart   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MirageAgent 
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} 
Preinstalled.HPMediaSmart   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D} 
Preinstalled.HPMediaSmart   Task   C:\Windows\System32\Tasks\MIRAGEAGENT 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} 
Preinstalled.LenovoPower2Go   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658} 
Preinstalled.SamsungEasyBatteryManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F68F1B8D-3CBA-4389-80EE-E9686121F17E} 
Preinstalled.SamsungEasyBatteryManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyBatteryManager 
Preinstalled.SamsungEasyBatteryManager   Task   C:\Windows\System32\Tasks\EASYBATTERYMANAGER 
Preinstalled.SamsungEasyDisplayManager   Folder   C:\ProgramData\SAMSUNG\EASY DISPLAY MANAGER 
Preinstalled.SamsungEasyDisplayManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2C1471B-3C53-4CFA-8968-975C81A9F121} 
Preinstalled.SamsungEasyDisplayManager   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EasyDisplayMgr 
Preinstalled.SamsungEasyDisplayManager   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{17283B95-21A8-4996-97DA-547A48DB266F} 
Preinstalled.SamsungEasyDisplayManager   Task   C:\Windows\System32\Tasks\EASYDISPLAYMGR 
Preinstalled.SamsungSupportCenter1.0   Folder   C:\Program Files (x86)\SAMSUNG\SAMSUNG SUPPORT CENTER 
Preinstalled.SamsungSupportCenter1.0   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SAMSUNG SUPPORT CENTER 
Preinstalled.SamsungSupportCenter1.0   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8D338A7-0AF5-4DC9-AEBC-7FE2109FC582} 
Preinstalled.SamsungSupportCenter1.0   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SamsungSupportCenter 
Preinstalled.SamsungSupportCenter1.0   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{F687E657-F636-44DF-8125-9FEEA2C362F5} 
Preinstalled.SamsungSupportCenter1.0   Task   C:\Windows\System32\Tasks\SAMSUNGSUPPORTCENTER 
Preinstalled.SamsungUpdatePlus   Folder   C:\Program Files (x86)\SAMSUNG\SAMSUNG UPDATE PLUS 
Preinstalled.SamsungUpdatePlus   Folder   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAMSUNG\SAMSUNG UPDATE PLUS 
Preinstalled.SamsungUpdatePlus   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B25AA6A2-1878-466F-96BD-4EC102FE1193} 
Preinstalled.SamsungUpdatePlus   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SUPBackground 
Preinstalled.SamsungUpdatePlus   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{142D8CA7-2C6F-45A7-83E3-099AAFD99133} 
Preinstalled.SamsungUpdatePlus   Task   C:\Windows\System32\Tasks\SUPBACKGROUND 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64 
Ran by Ana (Limited) on 05/12/2019 at 22:13:36,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\pdfforge (Folder) 
Successfully deleted: C:\Users\Ana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9Z73YUSK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWFG6G7E (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCD14PVJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Ana\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y5XFALQU (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9Z73YUSK (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KWFG6G7E (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MCD14PVJ (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y5XFALQU (Temporary Internet Files Folder) 



Registry: 3 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E2877D3-2641-4970-B794-A553E295428D} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4853DF44-7D6B-48E9-9258-D800EEE54AF6} (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05/12/2019 at 22:15:53,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2019 01
Ran by Ana (administrator) on ANA-PC (SAMSUNG ELECTRONICS CO., LTD. 305V4A/305V5A/3415VA) (05-12-2019 22:17:18)
Running from C:\Users\Ana\Desktop
Loaded Profiles: Ana (Available Profiles: Ana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-06-15] (Atheros Communications Inc. -> Atheros Communications) [File not signed]
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-06-15] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2019-05-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [912776 2019-09-24] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [371304 2019-12-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\MountPoints2: {2bd71c59-1470-11ea-bd0e-e8039a8082d3} - G:\setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-12-02] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\77.1.1834.93\Installer\chrmstp.exe [2019-10-17] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A63EA6-A3CE-4DDC-A3FB-425265DB2D0A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {0C8C4568-D6B2-4259-B4C2-B31542E2740D} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1889536 2019-09-25] (Piriform Software Ltd -> Piriform Software)
Task: {39A7EB5C-59F5-4003-AEC8-062395A9003A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {5D01E1D0-8FF5-4EAD-8297-BA8C55E11452} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [1873288 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {5D4B34B3-9662-4137-9D64-16CBE193F04B} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [1889536 2019-09-25] (Piriform Software Ltd -> Piriform Software)
Task: {6B13C1FB-CCDD-4606-94D6-BC194C921057} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-14] (Google Inc -> Google Inc.)
Task: {75E6C989-5165-4EDD-82EB-5A9CC54005C5} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4399696 2011-03-29] (Samsung Electronics CO., LTD. -> SEC)
Task: {8E8A1F14-E616-4977-940A-37DAAF20EBC5} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe [775848 2011-02-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [File not signed]
Task: {970B8590-D99F-4DA0-AB85-81BDFD991EC4} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-09-24] (Nota Inc. -> Nota Inc.)
Task: {A2A55F13-8230-4004-B906-35D9F5EEFA65} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe [2213968 2011-06-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {AF3A331E-BAD3-4631-BA9E-9930CE472450} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-14] (Google Inc -> Google Inc.)
Task: {B25AA6A2-1878-466F-96BD-4EC102FE1193} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2782064 2011-01-11] (Samsung Electronics CO., LTD. -> Samsung Electronics)
Task: {BC6C9938-8212-4554-A575-8B842027B48A} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-09-01] (Piriform Software Ltd -> Piriform Software)
Task: {BD09A8C9-4AE0-42EF-8E74-6F376DE46510} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {C2421444-0EB6-489E-AB89-4540DDDD85E9} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2019-09-24] (Nota Inc. -> Nota Inc.)
Task: {C2C1471B-3C53-4CFA-8968-975C81A9F121} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe [2158160 2011-06-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {C8D338A7-0AF5-4DC9-AEBC-7FE2109FC582} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [3398736 2011-09-04] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics)
Task: {C9A48647-3938-4242-A922-87655C713DA6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-08-17] (CyberLink -> CyberLink)
Task: {D00F3BB1-CA74-41AD-988D-BCF14026DD0B} - System32\Tasks\EcoMode => C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe [3870112 2011-06-06] (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
Task: {D0D33214-2833-486F-BA95-A57F735FC105} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-26] (Adobe Inc. -> Adobe)
Task: {DDC251C2-AB74-4425-A918-E64E7466F71D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DEF2127F-45A2-45D6-8315-E6BB24D637A9} - System32\Tasks\SvcDelay => C:\windows\temp\SvcDelay.exe <==== ATTENTION
Task: {E55CF88C-0EBF-4169-A47A-16494F3123C1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F5A982A4-C3B0-4078-BB46-32DBE7672422} - System32\Tasks\SCCSpeedBoot => Command(1): "%programfiles(x86)%\Samsung\Samsung Control Center\SCCSpeedBoot.exe" -> /s
Task: {F5A982A4-C3B0-4078-BB46-32DBE7672422} - System32\Tasks\SCCSpeedBoot => Command(2): C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe [727120  [727120 2011-04-14]] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {F64836B5-E339-49AC-8E83-62FEA116BBE4} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-09-01] (Piriform Software Ltd -> Piriform Software)
Task: {F68F1B8D-3CBA-4389-80EE-E9686121F17E} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Samsung Control Center\EBM\EasyBatteryMgr4.exe [1701456 2011-05-09] (Samsung Electronics CO., LTD. -> SAMSUNG Electronics co., LTD.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\AdwCleaner_onReboot.job => C:\Users\Ana\Desktop\adwcleaner_8.0.0.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{6F42BB7F-991B-4DA8-8216-75A04656AD0F}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{F2147347-DDF4-4D9D-A09E-B48D48DBA9E2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\IEExt\ie_plugin.dll [2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-01] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-06-15] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] () [File not signed]
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-01] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\IEExt\ie_plugin.dll [2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Ana\AppData\Roaming\Mozilla\Firefox\Profiles\5s6tjayi.default-1442222326095 [2019-12-05]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-05-24]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-12-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-26] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-26] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1231317149-393754485-1902646098-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Ana\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-10-10] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Notifications: Default -> hxxps://forospyware.com; hxxps://wordpress.com; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Profile: C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default [2019-12-05]
CHR Extension: (YouTube) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Búsqueda de Google) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-12-05]
CHR Extension: (Player para ver Movistar+) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-08-26]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-01]
CHR Extension: (Gmail) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKU\S-1-5-21-1231317149-393754485-1902646098-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ana\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2019-08-25]
CHR HKU\S-1-5-21-1231317149-393754485-1902646098-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [File not signed]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-06-15] (Atheros Communications Inc. -> Atheros) [File not signed]
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-06-15] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\avp.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 BackupService; C:\Users\Ana\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (Hewlett-Packard Company -> ArcSoft, Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-09-01] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\77.1.1834.93\elevation_service.exe [984880 2019-09-25] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [209128 2019-09-01] (Piriform Software Ltd -> Piriform Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4452456 2019-12-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\vssbridge64.exe [424080 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-05] (Malwarebytes Inc -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-01] (McAfee, LLC -> McAfee, Inc.)
S2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-14] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-14] (Electronic Arts, Inc. -> Electronic Arts)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] (CyberLink -> ) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\windows\System32\DRIVERS\amd_sata.sys [79488 2011-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\windows\System32\DRIVERS\amd_xata.sys [40064 2011-06-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S2 APXACC; C:\windows\System32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37616 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [204824 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [274456 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [209552 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [65120 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [276952 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42736 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [171520 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110320 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [83792 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848432 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S1 aswSP; C:\windows\System32\drivers\aswSP.sys [460448 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\windows\System32\drivers\aswStm.sys [236024 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
S0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316528 2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\windows\System32\DRIVERS\athrx.sys [2797056 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 clwvd; C:\windows\System32\DRIVERS\clwvd.sys [31216 2011-08-17] (CyberLink -> CyberLink Corporation)
R0 cm_km; C:\windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dtlitescsibus; C:\windows\System32\DRIVERS\dtlitescsibus.sys [42256 2019-12-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\DRIVERS\dtliteusbbus.sys [59360 2019-12-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R0 kl1; C:\windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klbackupflt; C:\windows\System32\DRIVERS\klbackupflt.sys [119608 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 kldisk; C:\windows\System32\DRIVERS\kldisk.sys [85704 2018-07-25] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\windows\System32\DRIVERS\klflt.sys [206024 2018-05-06] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klhk; C:\windows\System32\DRIVERS\klhk.sys [1093248 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
S1 KLIF; C:\windows\System32\DRIVERS\klif.sys [1075024 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIM6; C:\windows\System32\DRIVERS\klim6.sys [56520 2018-05-06] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klkbdflt; C:\windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klmouflt; C:\windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab)
S1 klpd; C:\windows\System32\DRIVERS\klpd.sys [50672 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kltdi; C:\windows\System32\DRIVERS\kltdi.sys [81904 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\windows\System32\DRIVERS\klwtp.sys [141952 2019-05-24] (Kaspersky Lab -> AO Kaspersky Lab)
S1 kneps; C:\windows\System32\DRIVERS\kneps.sys [199392 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [216544 2019-12-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [278344 2019-12-05] (Malwarebytes Inc -> Malwarebytes)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-02-14] (Realtek Semiconductor Corp -> Windows (R) 2003 DDK 3790 provider)
S1 SABI; C:\windows\system32\Drivers\SABI.sys [13824 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 SBIOSIO; \??\C:\Users\Ana\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-05 22:17 - 2019-12-05 22:23 - 000031298 _____ C:\Users\Ana\Desktop\FRST.txt
2019-12-05 22:17 - 2019-12-05 22:21 - 000000000 ____D C:\FRST
2019-12-05 22:15 - 2019-12-05 22:15 - 000002428 _____ C:\Users\Ana\Desktop\JRT.txt
2019-12-05 22:12 - 2019-12-05 22:12 - 000278344 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-12-05 22:10 - 2019-12-05 22:10 - 000000280 _____ C:\windows\Tasks\AdwCleaner_onReboot.job
2019-12-05 21:57 - 2019-12-05 22:10 - 000000000 ____D C:\AdwCleaner
2019-12-05 18:49 - 2019-12-05 18:49 - 000000000 ____D C:\Users\Ana\AppData\Local\mbam
2019-12-05 18:49 - 2019-12-05 18:49 - 000000000 ____D C:\Users\Ana\AppData\Local\cache
2019-12-05 18:48 - 2019-12-05 22:12 - 000226882 _____ C:\windows\ntbtlog.txt
2019-12-05 18:48 - 2019-12-05 18:48 - 000216544 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-12-05 18:48 - 2019-12-05 18:48 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-12-05 18:48 - 2019-12-05 18:48 - 000001908 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-12-05 18:48 - 2019-12-05 18:48 - 000000000 ____D C:\Users\Ana\AppData\Local\mbamtray
2019-12-05 18:48 - 2019-12-05 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-12-05 18:47 - 2019-12-05 18:47 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-12-05 18:39 - 2019-12-05 18:39 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-05 18:38 - 2019-12-05 18:38 - 000005024 _____ C:\Users\Ana\Desktop\cc_20191205_183756.reg
2019-12-05 18:24 - 2019-12-05 18:24 - 002263552 _____ (Farbar) C:\Users\Ana\Desktop\FRST64.exe
2019-12-05 18:21 - 2019-12-05 18:21 - 008218800 _____ (Malwarebytes) C:\Users\Ana\Desktop\adwcleaner_8.0.0.exe
2019-12-05 18:20 - 2019-12-05 18:20 - 001790024 _____ (Malwarebytes) C:\Users\Ana\Desktop\JRT.exe
2019-12-05 11:57 - 2019-12-05 11:57 - 000000000 ___RD C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2019-12-04 19:07 - 2019-12-04 19:07 - 000000000 _____ C:\Users\Ana\AppData\Local\{0A1F536F-10D7-4AD8-9EC6-B273E00836BA}
2019-12-02 11:24 - 2019-12-02 11:24 - 000000000 _____ C:\windows\system32\last.dump
2019-12-02 10:58 - 2019-12-02 10:58 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2019-12-02 10:58 - 2019-12-02 10:58 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2019-12-02 10:53 - 2019-12-02 10:53 - 000000000 ____D C:\Users\Ana\Desktop\Packages
2019-12-02 10:41 - 2019-12-02 10:41 - 000000000 ____D C:\Users\Ana\AppData\Roaming\AVAST Software
2019-12-02 10:13 - 2019-12-02 10:13 - 000001963 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-12-02 10:13 - 2019-12-02 10:13 - 000001963 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-12-02 10:13 - 2019-12-02 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-12-01 23:48 - 2019-12-01 23:48 - 000000764 _____ C:\Users\Public\Desktop\The Sims 4 64bit.lnk
2019-12-01 23:48 - 2019-12-01 23:48 - 000000764 _____ C:\ProgramData\Desktop\The Sims 4 64bit.lnk
2019-12-01 23:48 - 2019-12-01 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2019-12-01 22:29 - 2019-12-02 10:58 - 000000000 ____D C:\Users\Ana\AppData\Local\Disc_Soft_Ltd
2019-12-01 22:23 - 2019-12-01 22:23 - 000000000 ____D C:\Users\Public\Documents\Catch!
2019-12-01 22:23 - 2019-12-01 22:23 - 000000000 ____D C:\ProgramData\Documents\Catch!
2019-12-01 22:20 - 2019-12-01 22:20 - 000059360 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtliteusbbus.sys
2019-12-01 22:19 - 2019-12-04 15:13 - 000004168 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-12-01 22:18 - 2019-12-01 22:19 - 000848432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-12-01 22:18 - 2019-12-01 22:19 - 000460448 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000355720 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-12-01 22:18 - 2019-12-01 22:18 - 000316528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000276952 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000274456 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000236024 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000209552 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000204824 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000171520 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000110320 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000083792 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000065120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000042736 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-12-01 22:18 - 2019-12-01 22:18 - 000037616 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-12-01 22:17 - 2019-12-01 22:17 - 000000000 ____D C:\Program Files\AVAST Software
2019-12-01 22:16 - 2019-12-01 22:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2019-12-01 22:16 - 2019-12-01 22:22 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2019-12-01 22:16 - 2019-12-01 22:16 - 000042256 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtlitescsibus.sys
2019-12-01 22:16 - 2019-12-01 22:16 - 000001663 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2019-12-01 22:16 - 2019-12-01 22:16 - 000001663 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2019-12-01 22:16 - 2019-12-01 22:16 - 000000000 ____D C:\ProgramData\McAfee
2019-12-01 22:16 - 2019-12-01 22:16 - 000000000 ____D C:\Program Files\McAfee
2019-12-01 22:05 - 2019-12-01 22:06 - 000791712 _____ (Disc Soft Ltd.) C:\Users\Ana\Downloads\DTLiteInstaller (1).exe
2019-12-01 20:41 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-01 20:40 - 2019-11-05 22:29 - 004061624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2019-12-01 20:40 - 2019-11-05 22:29 - 003967416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2019-12-01 20:40 - 2019-11-05 22:29 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2019-12-01 20:40 - 2019-11-05 22:27 - 001320248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 002368000 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000834048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000628224 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000266752 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnphost.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000261632 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\userenv.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2019-12-01 20:40 - 2019-11-05 22:25 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimg32.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 001806848 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 001005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000627640 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-12-01 20:40 - 2019-11-05 22:24 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:23 - 005553888 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-01 20:40 - 2019-11-05 22:23 - 000709856 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-12-01 20:40 - 2019-11-05 22:23 - 000385248 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-01 20:40 - 2019-11-05 22:23 - 000368352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2019-12-01 20:40 - 2019-11-05 22:23 - 000155360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-01 20:40 - 2019-11-05 22:23 - 000096992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-01 20:40 - 2019-11-05 22:22 - 000263904 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-01 20:40 - 2019-11-05 22:22 - 000115936 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2019-12-01 20:40 - 2019-11-05 22:21 - 001671296 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 003247616 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 001472512 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 001211392 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 001162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 001068544 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 001010176 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000806400 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000733184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000706560 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000572416 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000408576 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000354816 _____ (Microsoft Corporation) C:\windows\system32\upnphost.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000110592 _____ (Microsoft Corporation) C:\windows\system32\userenv.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000101376 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\udhisapi.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-01 20:40 - 2019-11-05 22:20 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 001942016 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000114688 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 22:12 - 001312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2019-12-01 20:40 - 2019-11-05 22:03 - 000045056 _____ (Microsoft Corporation) C:\windows\SysWOW64\udhisapi.dll
2019-12-01 20:40 - 2019-11-05 22:03 - 000023552 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnpcont.exe
2019-12-01 20:40 - 2019-11-05 21:58 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2019-12-01 20:40 - 2019-11-05 21:57 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2019-12-01 20:40 - 2019-11-05 21:57 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2019-12-01 20:40 - 2019-11-05 21:57 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\upnpcont.exe
2019-12-01 20:40 - 2019-11-05 21:55 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2019-12-01 20:40 - 2019-11-05 21:52 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2019-12-01 20:40 - 2019-11-05 21:52 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2019-12-01 20:40 - 2019-11-05 21:52 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2019-12-01 20:40 - 2019-11-05 21:52 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2019-12-01 20:40 - 2019-11-05 21:51 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-01 20:40 - 2019-11-05 21:51 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-01 20:40 - 2019-11-05 21:51 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-01 20:40 - 2019-11-05 21:51 - 000058880 _____ (Microsoft Corporation) C:\windows\system32\AxInstUI.exe
2019-12-01 20:40 - 2019-11-05 21:51 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2019-12-01 20:40 - 2019-11-05 21:51 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-01 20:40 - 2019-11-05 21:51 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 21:51 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 21:51 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 21:51 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-12-01 20:40 - 2019-11-05 21:50 - 000128512 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2019-12-01 20:40 - 2019-11-05 21:49 - 003232256 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-01 20:40 - 2019-11-05 21:48 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-01 20:40 - 2019-11-05 21:47 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-01 20:40 - 2019-11-05 21:47 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-01 20:40 - 2019-11-05 21:44 - 000464384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-01 20:40 - 2019-11-05 21:44 - 000406016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-01 20:40 - 2019-11-05 21:44 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-01 20:40 - 2019-11-05 21:43 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-01 20:40 - 2019-11-05 21:43 - 000169984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-01 20:40 - 2019-11-05 21:43 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-01 20:40 - 2019-11-05 21:42 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-01 20:40 - 2019-11-05 21:42 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-01 20:40 - 2019-11-05 21:42 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-01 20:40 - 2019-11-05 21:42 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-01 20:40 - 2019-11-05 21:42 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-01 20:40 - 2019-11-05 21:42 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-01 20:40 - 2019-11-05 21:42 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-01 20:40 - 2019-11-05 20:43 - 001251840 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2019-12-01 20:40 - 2019-10-26 08:31 - 000390752 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-01 20:40 - 2019-10-26 07:40 - 000341896 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2019-12-01 20:40 - 2019-10-24 04:56 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-01 20:40 - 2019-10-24 04:55 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-01 20:40 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-01 20:40 - 2019-10-24 04:42 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-01 20:40 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-01 20:40 - 2019-10-24 04:41 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-01 20:40 - 2019-10-24 04:41 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-01 20:40 - 2019-10-24 04:40 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-01 20:40 - 2019-10-24 04:34 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-01 20:40 - 2019-10-24 04:33 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-01 20:40 - 2019-10-24 04:31 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-01 20:40 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-01 20:40 - 2019-10-24 04:30 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-01 20:40 - 2019-10-24 04:30 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-01 20:40 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-01 20:40 - 2019-10-24 04:29 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-01 20:40 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-12-01 20:40 - 2019-10-24 04:22 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-01 20:40 - 2019-10-24 04:19 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2019-12-01 20:40 - 2019-10-24 04:19 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-01 20:40 - 2019-10-24 04:12 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-01 20:40 - 2019-10-24 04:12 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-01 20:40 - 2019-10-24 04:11 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-01 20:40 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-12-01 20:40 - 2019-10-24 04:08 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-01 20:40 - 2019-10-24 04:08 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-01 20:40 - 2019-10-24 04:08 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2019-12-01 20:40 - 2019-10-24 04:07 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2019-12-01 20:40 - 2019-10-24 04:07 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2019-12-01 20:40 - 2019-10-24 04:06 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-01 20:40 - 2019-10-24 04:06 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2019-12-01 20:40 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-12-01 20:40 - 2019-10-24 04:04 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-01 20:40 - 2019-10-24 04:01 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2019-12-01 20:40 - 2019-10-24 04:01 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2019-12-01 20:40 - 2019-10-24 03:59 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2019-12-01 20:40 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-12-01 20:40 - 2019-10-24 03:58 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2019-12-01 20:40 - 2019-10-24 03:57 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2019-12-01 20:40 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-01 20:40 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-01 20:40 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-01 20:40 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-01 20:40 - 2019-10-24 03:51 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-01 20:40 - 2019-10-24 03:49 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2019-12-01 20:40 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-01 20:40 - 2019-10-24 03:45 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2019-12-01 20:40 - 2019-10-24 03:45 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-12-01 20:40 - 2019-10-24 03:44 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2019-12-01 20:40 - 2019-10-24 03:42 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2019-12-01 20:40 - 2019-10-24 03:41 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2019-12-01 20:40 - 2019-10-24 03:40 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2019-12-01 20:40 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-01 20:40 - 2019-10-24 03:39 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2019-12-01 20:40 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-12-01 20:40 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2019-12-01 20:40 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2019-12-01 20:40 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2019-12-01 20:40 - 2019-10-24 03:31 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2019-12-01 20:40 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-01 20:40 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-12-01 20:40 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-01 20:40 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-12-01 20:40 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-12-01 20:40 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2019-12-01 20:40 - 2019-10-15 00:58 - 001650176 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2019-12-01 20:40 - 2019-10-15 00:58 - 001182208 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2019-12-01 20:40 - 2019-09-17 03:33 - 000162016 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-01 20:40 - 2019-09-17 03:28 - 000738816 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-12-01 20:40 - 2019-09-10 03:27 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2019-12-01 20:40 - 2019-09-10 03:24 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 002863104 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2019-12-01 20:40 - 2019-09-10 01:09 - 001717760 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 000802816 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 000634368 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 000456704 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 000315904 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-12-01 20:40 - 2019-09-10 01:09 - 000257024 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-12-01 20:33 - 2019-12-01 20:33 - 000000000 ____D C:\Users\Ana\AppData\Local\BitTorrentHelper
2019-12-01 18:41 - 2019-12-01 20:57 - 000000000 ____D C:\Users\Ana\Downloads\The.Sims.4.Digital.Deluxe.Editionv2.elamigos-games.com
2019-12-01 18:40 - 2019-12-01 18:41 - 000037732 _____ C:\Users\Ana\Downloads\Los Sims 4 Universidad + Todas las Expansiones v1.58.63.torrent
2019-12-01 18:38 - 2019-12-01 18:39 - 594077728 _____ C:\Users\Ana\Downloads\You (2018) - Temporada 1 [HDTV][Cap.110][www.divxtotal3.net].avi
2019-12-01 18:38 - 2019-12-01 18:39 - 539558772 _____ C:\Users\Ana\Downloads\You (2018) - Temporada 1 [HDTV][Cap.106][www.divxtotal3.net].avi
2019-12-01 18:38 - 2019-12-01 18:39 - 538770876 _____ C:\Users\Ana\Downloads\You (2018) - Temporada 1 [HDTV][Cap.108][www.divxtotal3.net].avi
2019-12-01 18:37 - 2019-12-01 18:39 - 540349820 _____ C:\Users\Ana\Downloads\You (2018) - Temporada 1 [HDTV][Cap.109][www.divxtotal3.net].avi
2019-12-01 18:37 - 2019-12-01 18:39 - 503608084 _____ C:\Users\Ana\Downloads\You (2018) - Temporada 1 [HDTV][Cap.107][www.divxtotal3.net].avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-05 18:48 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2019-12-05 18:47 - 2013-07-31 09:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-12-05 18:35 - 2017-10-13 11:04 - 000000000 ____D C:\Users\Ana\AppData\Roaming\uTorrent
2019-12-05 18:28 - 2019-09-01 09:34 - 000000935 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-05 18:28 - 2019-09-01 09:34 - 000000935 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-05 18:16 - 2016-05-21 13:36 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-12-05 12:45 - 2012-11-08 11:07 - 000000000 ____D C:\Users\Ana\AppData\Local\ElevatedDiagnostics
2019-12-05 12:01 - 2016-10-08 14:54 - 000000000 ___RD C:\Users\Ana\iCloudDrive
2019-12-05 11:56 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-12-05 01:01 - 2019-09-01 09:35 - 000003726 _____ C:\windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2019-12-05 01:01 - 2019-09-01 09:35 - 000003144 _____ C:\windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2019-12-05 01:01 - 2019-09-01 09:34 - 000003582 _____ C:\windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2019-12-05 01:01 - 2019-09-01 09:34 - 000003454 _____ C:\windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2019-12-05 01:01 - 2017-11-09 10:57 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2019-12-05 01:01 - 2015-12-03 19:38 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2019-12-05 01:01 - 2015-09-14 21:25 - 000003536 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-05 01:01 - 2015-09-14 21:25 - 000003408 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-05 01:01 - 2015-07-08 08:18 - 000003396 _____ C:\windows\system32\Tasks\GyazoUpdateTaskMachineDaily
2019-12-05 01:01 - 2015-06-05 09:27 - 000003270 _____ C:\windows\system32\Tasks\GyazoUpdateTaskMachine
2019-12-05 01:01 - 2013-07-10 19:30 - 000004320 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2019-12-05 01:01 - 2012-09-29 14:48 - 000003148 _____ C:\windows\system32\Tasks\SidebarExecute
2019-12-05 01:01 - 2012-09-29 12:33 - 000002768 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2019-12-05 01:01 - 2012-09-28 22:33 - 000003324 _____ C:\windows\system32\Tasks\SamsungSupportCenter
2019-12-05 01:01 - 2012-09-28 21:59 - 000003228 _____ C:\windows\system32\Tasks\SvcDelay
2019-12-05 01:01 - 2012-01-06 08:11 - 000003214 _____ C:\windows\system32\Tasks\advSRS5
2019-12-05 01:01 - 2012-01-06 08:06 - 000004022 _____ C:\windows\system32\Tasks\SCCSpeedBoot
2019-12-05 01:01 - 2012-01-06 08:06 - 000003482 _____ C:\windows\system32\Tasks\SmartSetting
2019-12-05 01:01 - 2012-01-06 08:06 - 000003310 _____ C:\windows\system32\Tasks\EasyBatteryManager
2019-12-05 01:01 - 2012-01-06 08:06 - 000003244 _____ C:\windows\system32\Tasks\MovieColorEnhancer
2019-12-05 01:01 - 2012-01-06 08:06 - 000003228 _____ C:\windows\system32\Tasks\EasyDisplayMgr
2019-12-05 01:01 - 2012-01-06 07:56 - 000003126 _____ C:\windows\system32\Tasks\EcoMode
2019-12-05 01:01 - 2012-01-06 07:50 - 000003226 _____ C:\windows\system32\Tasks\SUPBackground
2019-12-02 23:15 - 2009-07-14 04:20 - 000000000 ____D C:\windows\rescache
2019-12-02 11:24 - 2009-07-14 05:45 - 000029168 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-02 11:24 - 2009-07-14 05:45 - 000029168 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-02 10:54 - 2012-01-07 00:10 - 000752074 _____ C:\windows\system32\perfh00A.dat
2019-12-02 10:54 - 2012-01-07 00:10 - 000160826 _____ C:\windows\system32\perfc00A.dat
2019-12-02 10:54 - 2009-07-14 06:13 - 001688976 _____ C:\windows\system32\PerfStringBackup.INI
2019-12-02 10:25 - 2009-07-14 05:45 - 000467424 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-02 10:16 - 2014-12-10 14:15 - 000000000 ____D C:\windows\system32\appraiser
2019-12-02 10:16 - 2014-05-06 15:59 - 000000000 ___SD C:\windows\system32\CompatTel
2019-12-02 10:16 - 2009-07-14 04:20 - 000000000 ____D C:\windows\PolicyDefinitions
2019-12-02 00:10 - 2015-09-14 21:26 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-01 22:29 - 2015-09-09 16:46 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2019-12-01 22:28 - 2015-09-09 16:47 - 000000000 ____D C:\Users\Ana\AppData\Roaming\DAEMON Tools Lite
2019-12-01 22:18 - 2012-10-08 10:54 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-01 20:24 - 2012-10-01 11:08 - 000000000 ____D C:\Program Files (x86)\Gyazo
2019-12-01 18:35 - 2017-09-15 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-26 19:08 - 2013-01-09 19:23 - 000000000 ____D C:\Users\Ana\AppData\Roaming\Origin
2019-11-26 19:05 - 2013-07-10 19:30 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2019-11-26 19:05 - 2013-07-10 19:30 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-11-26 19:05 - 2013-07-10 19:29 - 000000000 ____D C:\windows\system32\Macromed
2019-11-26 19:05 - 2012-01-06 07:55 - 000000000 ____D C:\windows\SysWOW64\Macromed
2019-11-26 19:01 - 2013-01-09 19:22 - 000000000 ____D C:\ProgramData\Origin
2019-11-26 18:55 - 2015-09-14 21:25 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-12 22:03 - 2010-11-21 04:27 - 000748816 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2013-01-09 00:53 - 2013-01-09 00:53 - 000000132 _____ () C:\Users\Ana\AppData\Roaming\Adobe GIF Format CS5 Prefs
2012-11-04 17:57 - 2018-09-30 20:26 - 000000132 _____ () C:\Users\Ana\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-12-03 23:20 - 2012-12-05 14:04 - 000000132 _____ () C:\Users\Ana\AppData\Roaming\Adobe Targa Format CS5 Prefs
2013-07-28 14:43 - 2013-07-28 19:55 - 000000101 _____ () C:\Users\Ana\AppData\Roaming\Camdata.ini
2013-07-28 14:43 - 2013-07-28 19:55 - 000000408 _____ () C:\Users\Ana\AppData\Roaming\CamLayout.ini
2013-07-28 14:43 - 2013-07-28 19:55 - 000000408 _____ () C:\Users\Ana\AppData\Roaming\CamShapes.ini
2013-07-28 14:43 - 2013-07-28 19:55 - 000004521 _____ () C:\Users\Ana\AppData\Roaming\CamStudio.cfg
2018-11-25 14:13 - 2018-12-06 13:16 - 000012259 _____ () C:\Users\Ana\AppData\Roaming\downloads.json
2012-12-03 14:56 - 2016-08-08 18:11 - 000011264 _____ () C:\Users\Ana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-06 22:11 - 2013-01-06 22:11 - 000003072 _____ () C:\Users\Ana\AppData\Local\file__0.localstorage
2013-01-06 22:11 - 2013-01-06 22:25 - 000003072 _____ () C:\Users\Ana\AppData\Local\https_drm.youdagames.com_0.localstorage
2019-12-04 19:07 - 2019-12-04 19:07 - 000000000 _____ () C:\Users\Ana\AppData\Local\{0A1F536F-10D7-4AD8-9EC6-B273E00836BA}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-02 23:07
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2019 01
Ran by Ana (05-12-2019 22:24:03)
Running from C:\Users\Ana\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-09-28 20:46:55)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1231317149-393754485-1902646098-500 - Administrator - Disabled)
Ana (S-1-5-21-1231317149-393754485-1902646098-1000 - Administrator - Enabled) => C:\Users\Ana
HomeGroupUser$ (S-1-5-21-1231317149-393754485-1902646098-1002 - Limited - Enabled)
Invitado (S-1-5-21-1231317149-393754485-1902646098-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe)
Adobe Reader 9.1 - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Apple Application Support (32 bits) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.110 - Atheros Communications)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 77.1.1834.93 - Los creadores de CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.21.0 - Piriform Software) Hidden
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
CtrlAltStudio-Viewer-Alpha (remove only) (HKLM-x32\...\CtrlAltStudio-Viewer-Alpha) (Version: 1.2.5.43397 - CtrlAltStudio)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.1001 - Disc Soft Ltd)
DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D)
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
EasyFileShare (HKLM-x32\...\{1181AA5B-8EFD-4AC5-8CDE-A1F7307B3427}) (Version: 1.0.13 - Samsung)
Eco Mode (HKLM-x32\...\{9A8E4762-3331-4EDB-8E1F-B11179DDBC00}) (Version: 1.0.0.11 - Samsung Electronics Co., Ltd.)
E-POP (HKLM-x32\...\{75282161-8CAC-4071-A225-EBC95E43C7F3}) (Version: 1.00.0000 - Samsung)
ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.7.52912 - The Phoenix Firestorm Project, Inc.)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.2.1 - Hotger)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Gyazo 4.0.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hacer clic y ejecutar de Microsoft Office 2010 (HKLM\...\{90140000-006D-0C0A-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Hacer clic y ejecutar de Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
iCloud (HKLM\...\{2C05E99A-94F0-4F95-B602-CD2D2682D6C3}) (Version: 7.13.0.14 - Apple Inc.)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version:  - ) Hidden
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
iTunes (HKLM\...\{4CC5647C-DCBA-4AE2-BA57-0CBF690A3FC7}) (Version: 12.9.6.3 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Los Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Los Sims™ 3 ¡Vaya fauna! (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Los Sims™ 3 Al caer la noche (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Los Sims™ 3 Trotamundos (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Los Sims™ 3 Y Las Cuatro Estaciones (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.45.62.1020 - Electronic Arts Inc.)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.48 - McAfee, LLC.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_ENTERPRISE_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_ENTERPRISE_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_ENTERPRISE_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 43.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 es-ES)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.1 - )
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Photoshop CS5 Extended 12.0 (HKLM-x32\...\Photoshop CS5 Extended 12.0) (Version:  - )
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Control Center (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.1.3 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Spotify (HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\Spotify) (Version: 1.1.15.448.g00fba0e3 - Spotify AB)
The Sims 4 Digital Deluxe Edition MULTi17 - ElAmigos versión 1.58.63 (HKLM-x32\...\{27B947C0-320C-4997-9681-1E7010A15896}_is1) (Version: 1.58.63 - EA Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.2 - )
VidShot Capturer (HKLM-x32\...\VidShot Capturer_is1) (Version:  - GeoVid)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1231317149-393754485-1902646098-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2011-06-15] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-05-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-04] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-12-01] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2011-06-15] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-04] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-01-17] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-12-01] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\x64\ShellEx.dll [2018-10-23] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2006-12-04] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2007-01-17] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [155648 2004-12-20] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [442368 2005-02-26] (On2.com) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-01-30 23:30 - 2006-12-04 17:00 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2011-06-15 17:07 - 2011-06-15 17:07 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2011-06-15 17:08 - 2011-06-15 17:08 - 000019104 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
2011-06-15 17:08 - 2011-06-15 17:08 - 000182944 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll
2011-06-15 17:08 - 2011-06-15 17:08 - 000326816 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2011-06-15 17:08 - 2011-06-15 17:08 - 002235040 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
2011-06-15 17:09 - 2011-06-15 17:09 - 000434336 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
2015-07-15 17:50 - 2015-07-15 17:50 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2015-07-15 17:50 - 2015-07-15 17:50 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-08-24 09:32 - 000000035 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Common Files\Apple\Internet Services\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-1231317149-393754485-1902646098-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^Users^Ana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HP SimpleSave Monitor.lnk => C:\windows\pss\HP SimpleSave Monitor.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Ana\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C3E0E6FB-3D20-46FF-8518-22151A0C47D1}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
FirewallRules: [{1C520DDC-EEF1-4004-9CF5-EA1DA86D7F29}] => (Allow) C:\Windows\System32\SUPDSvc.exe (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
FirewallRules: [{88FFC834-E2A5-4674-9BB6-7B38B5234ABF}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{6E7D8F3B-84DF-43AB-81C2-3300C88C909C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7D77659D-D02F-40BC-B428-CF7AB3C58510}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{DA1EF16C-BC63-4905-B58F-B1B17DDD3F32}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{94917F23-49B2-4494-99B8-635A539D281F}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{D79A5148-E9D0-464C-A93E-51E26F9C7FBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{F6A86A99-EA06-4166-A0BA-6A85A3D58F21}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{247197AB-9E3E-4133-9784-5AA8A1E5AC92}] => (Allow) LPort=2869
FirewallRules: [{08F00C39-6B7C-4A4E-9E1C-12E52ED60F76}] => (Allow) LPort=1900
FirewallRules: [{C221C4B5-4ECF-4B59-93BD-C7B5F2A9BEB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B268839-D334-425A-B3D3-1F56D3353A87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E256D140-CC84-474D-B94E-377E8AC7F865}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ACBE17F3-B436-4FAD-9B2F-B24CED4B60A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E76E18CD-9C21-41CC-AFF0-F9A683F5FE21}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1DFCAA5B-091A-4B08-B176-EC213BAA84ED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{A92F9D4E-AC23-4899-BBCA-738D8AFC0F96}C:\users\ana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ana\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{3F66AEB5-CFA3-4D2C-BBEB-1785FF909084}C:\users\ana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ana\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{4BED5B06-0DA8-4D7E-907E-C50317135CE0}C:\users\ana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ana\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AC45EA35-2DC0-4078-99EE-D5EEE4BF5011}C:\users\ana\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ana\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2E945075-B6A7-4F60-951F-28A83EBF5A69}C:\program files (x86)\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) C:\program files (x86)\ctrlaltstudio-viewer-alpha\slvoice.exe (Vivox Inc. -> Vivox Inc.)
FirewallRules: [UDP Query User{5DB49DB7-DA9D-47A3-AAD7-5A10A872D6CE}C:\program files (x86)\ctrlaltstudio-viewer-alpha\slvoice.exe] => (Allow) C:\program files (x86)\ctrlaltstudio-viewer-alpha\slvoice.exe (Vivox Inc. -> Vivox Inc.)
FirewallRules: [TCP Query User{95740F70-DBDA-4DE9-97BC-24F434F9D9C7}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [UDP Query User{B16F9F6D-97F6-4A05-B792-11C2418DAFA1}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [{A4805935-B818-4EE0-86E2-6590A91B2349}] => (Allow) C:\Users\Ana\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{90F518FC-5FD0-418D-A2C2-F8EBECDCFFFB}] => (Allow) C:\Users\Ana\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{01698B0B-8276-4F80-9676-77FCFC2B0217}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2F168156-7430-4E89-BBD5-FCDB2C19FEA3}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{EF2F0C55-9B69-474D-BBE2-C380A438BBC9}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe (Electronic Arts -> Electronic Arts Inc.) [File not signed]
FirewallRules: [{643483CC-6FB3-4D3F-92EE-30ADDAF348F4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{31B8C7B4-EF45-4533-A7CC-406D6926A16C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{C6021E8B-6723-4152-B17C-8CA5D2F32327}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{34F63BCC-B0A1-438B-9B45-7C5B416456E2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{38C58871-A26B-4474-934F-BF5EEF00F2F1}] => (Allow) C:\Users\Ana\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4A996119-ECB3-4FA2-A30F-156C64206464}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{02BD9E7D-4954-4196-86B1-9EE2495F5EF3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{6E6EF2D4-AB89-4302-817C-670B03B18F26}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9FC6EB7E-A26D-4207-9B40-7DF3DF6CE868}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{8F2F2E11-A81D-4186-AD9C-36630041F673}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{23D963E0-E7BB-4B12-9C33-466F5EC1CDE4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{ECC23578-F56A-4E15-90C2-F264EFAB79D8}D:\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{7E475825-AFA1-4428-BA87-75D59546E05F}D:\the sims 4\game\bin\ts4_x64.exe] => (Allow) D:\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{273E7413-F74B-4CF0-9323-92A7283BEA51}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-10-2019 14:24:36 Windows Update
01-12-2019 18:48:48 Windows Update
01-12-2019 22:18:25 Instalación del paquete de controladores de dispositivo: Disc Soft Ltd Controladoras de almacenamiento
01-12-2019 22:21:11 Instalación del paquete de controladores de dispositivo: Disc Soft Ltd Controladoras de bus serie universal
02-12-2019 02:18:21 Windows Update

==================== Faulty Device Manager Devices ============

Name: Kaspersky Lab power events provider
Description: Kaspersky Lab power events provider
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: KL
Service: klhk
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/05/2019 10:13:36 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\Ana\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x8007043c).

Error: (12/05/2019 06:56:15 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 06:48:15 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 06:40:15 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 06:34:15 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 06:34:15 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 06:32:07 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.

Error: (12/05/2019 06:23:10 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: No se puede abrir el objeto de rendimiento del servicio del servidor. Los primeros cuatro bytes (DWORD) de la sección de datos contienen el código de estado.


System errors:
=============
Error: (12/05/2019 10:17:01 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Error de DCOM "1084" al intentar iniciar el servicio VSS con argumentos "" para ejecutar el servidor:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (12/05/2019 10:15:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/05/2019 10:15:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/05/2019 10:15:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/05/2019 10:13:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/05/2019 10:13:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/05/2019 10:13:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Examinador de equipos depende del servicio Servidor, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.

Error: (12/05/2019 10:13:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: El servicio Proveedor de Grupo Hogar depende del servicio Host de proveedor de detección de función, el cual no pudo iniciarse debido al siguiente error: 
No se puede iniciar el servicio o grupo de dependencia.


Windows Defender:
===================================
Date: 2019-03-31 19:07:05.288
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{554DB99B-A788-4899-8B5A-2C55BD853EB9}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-03-03 12:57:42.506
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{5FF643AF-F13D-4066-A146-6AB4B6390170}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-02-19 10:56:38.168
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{4C449E26-1FCF-4D97-99F4-CC38A982B791}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2017-08-28 13:29:35.080
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{A4FCB5C9-7FCB-4B21-BEAB-B9335D6AC615}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2016-07-12 08:27:28.433
Description: 
El examen de Windows Defender se detuvo antes de completarse.
Id. de examen:{E9FADE44-C916-46DE-A97E-A4C304D593A6}
Tipo de examen:AntiSpyware
Parámetros de examen:Examen rápido
Usuario:NT AUTHORITY\Servicio de red

Date: 2019-05-20 20:09:06.549
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:
Versión de firma anterior:1.293.1661.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:
Versión de motor anterior:1.1.15900.4
Código de error:0x80070070
Descripción de error:Espacio en disco insuficiente. 

Date: 2019-05-20 14:31:04.977
Description: 
El motor de %1 se detuvo debido a un error inesperado.
Tipo de error:%5
Código de excepción:%6
Recurso:%3

Date: 2018-07-04 07:47:44.134
Description: 
Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma:1.271.442.0
Versión de firma anterior:1.269.1075.0
Origen de actualización:Usuario
Tipo de firma:AntiSpyware
Tipo de actualización:Diferencia
Usuario:NT AUTHORITY\SYSTEM
Versión de motor actual:1.1.15000.2
Versión de motor anterior:1.1.14901.4
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2018-07-04 07:47:44.134
Description: 
Windows Defender encontró un error al intentar actualizar el motor.
Nueva versión de motor:1.1.15000.2
Versión de motor anterior:1.1.14901.4
Origen de actualización:Usuario
Usuario:NT AUTHORITY\SYSTEM
Código de error:0x80070666
Descripción de error:Ya está instalada otra versión de este producto. La instalación de esta versión no puede continuar. Para configurar o quitar la versión existente de este producto, use Agregar o quitar programas del Panel de control. 

Date: 2017-07-25 09:04:31.106
Description: 
Windows Defender encontró un error al intentar cargar firmas e intentará restablecer un conjunto de firmas conocidas.
Firmas intentadas:Actual
Código de error:0x8009200d
Descripción de error:No es un mensaje cifrado o no tiene el formato correcto. 
Versión de firma:1.247.990.0
Versión de motor:1.1.13903.0

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 09PW.ME13.20121101.SKK 11/01/2012
Motherboard: SAMSUNG ELECTRONICS CO., LTD. 305V4A/305V4A
Processor: AMD A8-3530MX APU with Radeon(tm) HD Graphics
Percentage of memory in use: 37%
Total physical RAM: 5611.8 MB
Available physical RAM: 3531.62 MB
Total Virtual: 11221.75 MB
Available Virtual: 9254.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:271 GB) (Free:4.59 GB) NTFS
Drive d: () (Fixed) (Total:404.91 GB) (Free:341.3 GB) NTFS

\\?\Volume{4ac241ba-38be-11e1-9ad7-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{7724ff47-56dd-11e1-a035-806e6f6e6963}\ (SAMSUNG_REC) (Fixed) (Total:22.63 GB) (Free:0.94 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D7E38D05)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=271 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=404.9 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=22.6 GB) - (Type=27)

==================== End of Addition.txt =======================

Hola.

Veamos… veo que tienes DOS antivirus instalados Kaspersky y AVAST, cual de los dos usas realmente…??

Además tienes el disco duro dividido en dos particiones/trozos :

Drive C: () (Fixed) (Total:271 GB) (Free:4.59 GB) NTFS

Drive D: () (Fixed) (Total:404.91 GB) (Free:341.3 GB) NTFS

Y la unidad C: que es la unidad del sistema operativo(Windows 7) y donde se ubican además TODOS los programas que se instalan en el equipo, únicamente tiene (4.59 GB) de espacio libre. :-1:

Para que un sistema pueda funcionar de manera medio decente debes tener al menos un 15% de espacio libre del total del disco donde se ubica el sistema, en tu caso de esos 271Gb deberías tener libres unos 40Gb. :face_with_monocle:

Debes intentar eliminar todo lo que puedas o alternativamente mover ficheros tuyos al otro trozo-partición de disco que prácticamente tienes vacío(Unidad D:)

Nos comentas.

Saludos.

1 me gusta

De acuerdo Javier, voy a intentarlo en modo seguro ya que en modo normal me es imposible. He tenido que apagar el ordenador dandole directamente al boton de encendido porque el ratón no se movía y estaba totalmente colgado. Voy a probar a hacer lo que me comentas y te cuento, a ver si hay suerte y me resulta posible. Gracias de nuevo! :grinning:

Ah! Utilizo Karspersky, asi que borro el otro.

Hola. :+1:

El antivirus de AVST aparte de borrarlo o mejor dicho desinstalarlo desde el “panel de programas de windows” debes usar la :arrow_right: Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall especifica de AVAST que encontras aqui y que ademas se debe usar desde el modo seguro de windows.

Una vez que lo hayas eliminado deberás REINICIAR en modo normal y verificar el funcionamiento de la máquina.

Una vez que hayas obtenido los 40Gb libres o incluso más(si fuera posible) te daré nuevos pasos para que puedas realizar una verificación del estado de tu disco duro que seguro tambien estara dando problemas por la cantidad de veces que lo has apagado de forma forzada.

Saludos.

Hola de nuevo! Resulta que había una carpeta llamada “Trash” en la carpeta iCloud en la que estaban miles de fotos y vídeos que supuestamente yo había borrado… Las he borrado todas y he conseguido liberar espacio, concretamente 26,2 GB.

He aprovechado para intentar hacer una limpieza de programas, pero me surgen cosas:

-Por un lado, no me aparece Avast para desinstalar, ni en “desinstalar programas” en el panel de control, ni intentando eliminarlo en CCleaner. Es como si no existiera.

-He tenido que borrar tanto “CCleaner browser” como “Malwarebytes” desde el modo seguro porque en modo normal no podía.

-Cuando apago el equipo, me aparece un mensaje (el cual ya me lleva apareciendo meses) que dice que cierre los programas o fuerce el apagado. Pero no sale ningun programa en la lista, asi que siempre tengo que darle a forzar.

-Google Chrome sigue sin abrirse.

-A veces, al iniciar el pc, se queda colgado con el puntero dando vueltas (como cargando) y tengo que reiniciarlo con el botón.

El equipo va algo más ligero, al menos es posible moverse un poco y se empiezan a abrir algunas ventanas y programas (con paciencia) :slightly_smiling_face:

Gracias de nuevo!